1 / 34

Check Point DLP & Application Control V-ICT-OR event 26 April 2012

Check Point DLP & Application Control V-ICT-OR event 26 April 2012. Jeroen De Corel Security Engineer BeLux jeroen@checkpoint.com. Agenda. 1. 2. 3. 4. What is Data Loss?. Key Challenges of DLP. Introducing Check Point DLP. Application Control. Check Point DLP

billie
Download Presentation

Check Point DLP & Application Control V-ICT-OR event 26 April 2012

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Check Point DLP & Application ControlV-ICT-OR event26 April 2012 Jeroen De Corel Security Engineer BeLux jeroen@checkpoint.com

  2. Agenda 1 2 3 4 What is Data Loss? Key Challenges of DLP Introducing Check Point DLP Application Control Check Point DLP Makes data loss prevention work

  3. Data Loss Prevention Data breaches have happened to all of us What is DLP? John.Stevens@yahoo.com Corporate Strategy Green World Strategy Plan 2010 Company document uploaded to an external website. E-mail sent to the wrong recipient, intentionally or by mistake.

  4. Data Breaches—Headline Examples Brand Damage Compliance Liabilities Costly Fines

  5. It’s Not Just About Regulatory Compliance Compliance Security • Customer data • Corporate data • Patient data • Intellectual property • Strategic plans • Internal data Chief Compliance Officer Chief Security Officer

  6. DLP Has Not Yet Been Solved! Technology IT Staff Challenge Challenge Burden of incident handling Computers can not reliably understand human content and context Exposure to sensitive data

  7. Check Point Makes DLP Work Data Loss Prevention Alert An email that you have just sent has been quarantined. Reason: attached document contains confidential internal data The message is being held until further action. Send ,Discard , or Review Issue Confidential data sent to the wrong recipient! User prompted to take action User remediates ‘John’ <john@greenworld.com> John.Stevens@yahoo.com John.Stevens@yahoo.com Corporate Strategy Green World Strategy Plan 2010 John, Let’s review the corporate strategy in our morning meeting.

  8. Introducing Check Point Data Loss Prevention Prevent Move from detection to prevention Data Loss Prevention Alert An email that you have just sent has been quarantined. Reason: attached document contains confidential internal data The message is being held until further action. Send ,Discard , or Review Issue Educate Users on corporate data policies Enforce Data loss business processes Check Point Combines Technology and Processes to Make DLP Work NEW! John.Stevens@yahoo.com Corporate Strategy Green World Strategy Plan 2010 John, Let’s review the corporate strategy in our morning meeting.

  9. Check Point Solves the DLP Challenge TechnologyChallenge Empowers users to remediate incidents in real time IT Staff Challenge Educates users on DLP policies without involving IT staff New UserCheck™ Technology

  10. UserCheck Provides User Remediation Data Loss Prevention Alert An email that you have just sent has been quarantined. Reason: attached document contains confidential internal data The message is being held until further action. Send ,Discard , or Review Issue 2. User alert 1. Mail sent or document uploaded 3. User remediation Real-time Educational Non-disruptive

  11. How Does Check Point DLP Work? MultiSpect™ Detection Engine Simple Rule-based Policy Management Full Network Enforcement

  12. New MultiSpect™ Technology 600+ File Formats 600+ Data Types Correlates data from multiple sources using open language Detects more than 600 file formats Over 250 pre-defined content data types Detect and recognize proprietary forms and templates MultiSpect Detection Engine

  13. Simple Rule-based Policy Management Easily Define Policy to Detect, Prevent or Ask User

  14. Unified Control and Deployment For Unified Control Across the Entire Security Infrastructure Centralized Management Data Loss Prevention

  15. Ease-of-Deployment On Existing Gateways or Open Servers Be Up and Running Day-1! DLP-1 Dedicated Appliance Software Blade Network-based Inline Solution

  16. Check Point DLP At-A-Glance Scaling from hundred to thousandsof users Supporting HTTP, HTTPS, SMTP and FTP protocols Move from Detection to Prevention Inline network-based Software Bladerunning on any existing Check Point gateway UserCheck notification using either thin agent or a returning email to the user Proactively block intentional and unintentional data loss

  17. Check Point DLP Summary Enforce Data PoliciesAcross the entire network Educate and Alert UsersWithout involving IT staff Prevent Data BreachesMove from detection to prevention Check Point combines technology and processes to make DLP work

  18. DLP-1 Appliance Specifications

  19. Check Point DLP Software Blade

  20. Application Control

  21. The Problem with Internet Applications Bandwidth Hogging Malware Threats Productivity Loss

  22. Introducing Detect and control application usage AppWiki—Industry’s largest library with over 50,000 applications Educate users on corporate policies Check Point Application Control Software Blade Available on EVERY gateway

  23. Introducing Check Point AppWiki • Over 4,500 applications • Over 50,000 social-network widgets • Grouped in over 150 categories • (including Web 2.0, IM, P2P, Voice & Video, File Share) • http://appwiki.checkpoint.com World’s largestApplication Classification Library Unparalleled Application Control

  24. Granular Application Categorization Application Type • IM • Web conferencing • Gaming…. • Share files • High bandwidth • Use stealth techniques… • Measures the potential risk Security Risk AdvancedProperties

  25. User and Machine Awareness Corporate Active Directory Security Gateway User- and group-aware User identification with both agent-based and seamless, agentlessActive Directory integration Machine-aware Includes User Identification

  26. Application Detection and Usage Controls Identify, allow, block or limit usage of applications at user or group level Application Detection and Usage Controls Enable access for support team

  27. Reality of Standard Application Control IT defines black & white policies Policies don’t match real usage IT resorts to monitor only No real control!

  28. Check Point UserCheck Technology Application Usage Alert You are trying to use Skype. Corporate application use policy does not allow the use of Skype. If you require Skype access for business, please click Explain blow. Corporate Proper Use Policy Asks users to explain reasons for application usage Understand usage needs, while enforcing policy Makes application control more practical Ask

  29. Check Point UserCheck Technology Application Usage Alert You are trying to access YouTube. Corporate application use policy limits YouTube access to business use only in order to save bandwidth. Please select and confirm your use-case: Personal ,Business , or Cancel Asks users to confirm application usage in real-time Understand usage needs, while enforcing policy http://www.youtube.com Makes application control more practical Ask

  30. Check Point UserCheck Technology Educates users on risk and usage policies Inform and educate, while allowing application usage http://www.facebook.com Alerts users in real-time Inform

  31. Check Point UserCheck Technology Use to preserve resources (bandwidth) or control acceptable use Application Usage Alert You are trying to accessFacebook Games. Corporate application use policy allows access to non-business related activities such as Facebook Games only during these times: 12:30-14:00 19:30-8:30 Corporate Proper Use Policy http://apps.facebook.com/onthefarm Limit

  32. Practical Implementation Involve end-users using multiple policy actions Accept / Drop Traditional security policies are suitable for clear-cut cases Use to preserve resources (bandwidth) or control acceptable use Allow but inform the user about the risks Learn usage patterns to create better policies Inform Ask Limit

  33. Q&A

  34. Thank You!

More Related