1 / 9

Data Loss Prevention

Data Loss Prevention. Steve Scott Manager, Information Security Operations. Data Loss Prevention . Well, more like Data Loss Identification We watch for data leaving inappropriately Based on “patterns” or Based on our data! 2.7 million records from the data warehouse Updated weekly

kerryn
Télécharger la présentation

Data Loss Prevention

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Data Loss Prevention Steve Scott Manager, Information Security Operations

  2. Data Loss Prevention • Well, more like Data Loss Identification • We watch for data leaving inappropriately • Based on “patterns” or • Based on our data! • 2.7 million records from the data warehouse • Updated weekly • Only looking for “ugly” stuff initially

  3. Inappropriate?? • “Clear Text” protocols, like email, pass your data in the clear over the Internet and others along the path can read the data. • Other protocols that are bad: http instead of https, chat, FTP, telnet and others…

  4. Why should we care? • At work, HIPAA • HIPAA violation due to willful neglect but violation is corrected within the required time period $10,000 per violation, with an annual maximum of $250,000 for repeat violations $50,000 per violation, with an annual maximum of $1.5 million • At home, identity theft

  5. DLP Interface

  6. Incidents so far • 65 in 60 days • 62 email related • 11 sourced from external addresses • 40 requests for corrective action plans • One vendor running a website improperly

  7. Questions?

More Related