1 / 45

RSA SecurWorld Data Loss Prevention: Product Introduction

Learn about RSA DLP, its capabilities and how it addresses customer challenges associated with data loss. Discover the market opportunity and understand the positive business outcomes that customers can expect.

devries
Download Presentation

RSA SecurWorld Data Loss Prevention: Product Introduction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. RSA SecurWorld Data Loss Prevention: Product Introduction SecurWorld Sales Associate Security Management Sales Process Solutions Product Introduction Messaging

  2. Instructions For Completing This Training • This training consists of: • A self-paced learning format • User-interface • Player controls • Course continuation • Attachments Note: These reference documents are RSA Confidential, and are made available to you because you have been authorized to take this training. These documents are not for general distribution.

  3. Learning Objectives Upon completion of this course, you should be able to: • Articulate the business challenges associated with data loss • Describe how RSA DLP addresses customer challenges • Describe RSA DLP, its capabilities and differentiators • Identify and qualify a DLP opportunity • Provide some proof points as evidence

  4. Current State • Discover the customer challenges (Before Scenarios) • Understand the specific customer pains (Negative Consequences) Current State Future State The RSA Solution Discovery Proof Points

  5. What is Sensitive Data? RSA DLP Solutions What rules should be set? What should be protected? Who should have access to what data? How should each type of data be handled?

  6. DLP Market Opportunity DLP Market WW RSA DLP Addressable Market: $255M $400M Source: 2012 RSA TAM Project

  7. Meeting our Customers’ Challenges Top of Mind Challenges of DLP Customers Respond to Advanced Threats Manage IT Security Risk Prove Compliance

  8. Before Scenario Managing IT Security Risk • Uncertain about where sensitive data resides • Untrained and unaware users • No idea where vulnerabilities are located • Not sure which data is most critical • No controls or processes in place to reduce and remediate risk How efficiently can they remediate that risk?

  9. Before Scenario Enforcing Compliance and Reducing Costs • Organizations struggle with complex regulatory requirements • Unidentified regulatory data creates compliance and security risks • No process in place to determine location of regulatory data • Compliance and remediation seem overwhelming and time-consuming • Difficult to prioritize threats and incidents

  10. Before Scenario Advanced Threat Readiness and Response • Unsure where company confidential data and intellectual property are located • No way to proactively protect sensitive data • Unable to identify attacks • Difficult to prioritize alerts and incident investigations How do they prioritize those based on the potential impact to the business? How do they know what incidents involved critical data?

  11. Negative Consequences

  12. Negative Consequences (cont.)

  13. Future State • Define Required Capabilities and how success will be measured • Describe the After Scenarios from solving customers’ problems • Articulate the Positive Business Outcomes that customers can expect Current State Future State The RSA Solution Discovery Proof Points

  14. Managing IT Security Risk “Lack visibility into risk from sensitive data stored in IT assets and employee actions with the data.” Required Capabilities Before Scenarios Discover where all sensitive data is within IT infrastructure and monitor employees actions. “Unnecessary risk is introduced tothe business by unaware employees.” Educate employees on company policyfor proper handling of sensitive data. Automate the discovery of data assets & gain visibility into which IT assets have high value information. “Don’t have a good handle on vulnerabilities.” Enforce various controls to protect data and automate workflows to efficiently remediate risk. “Lack processes and controls to reduce IT security risk.” After Scenario Gain visibility into unprotected sensitive data and automate controls and workflows to reduce risk.

  15. Enforcing Compliance & Reducing Costs Required Capabilities Before Scenarios “Regulatory requirements are too complex and constantly changing.” Out-of-the box policies built to find sensitive data and are constantly updated. Comprehensive and accurate discovery of regulated data. “Undiscovered regulateddata creates complianceand security risk.” Pre-built reports and automated workflows to efficiently remediate risk. “Compliance process and remediation are time consuming.” Incident handling and workflow processes based on severity of risk. “Difficult to prioritize threatsand incidents.” After Scenario Enforce controls to protect regulatory data and effectively remediate risk to prove compliance.

  16. Advanced Threat Readiness & Response Required Capabilities Before Scenarios “Unsure where company confidential data and intellectual property are located.” Proactively identify the location of sensitive data and enforce controls to protect it. Ability to feed information about sensitive data residing in assets to a network security monitoring platform. “Unable to efficiently identify attacks on critical assets.” Prioritize alerts based on criticality of data involved & efficiently investigate in a single console. “Difficult to prioritize alerts and incident investigations.” After Scenario Gain visibility into assets containing sensitive data to prioritize incident investigationsand better prepare and respond to advanced threats.

  17. Positive Business Outcomes Managing Risk • Reduce time to identify & remediate risks • Efficiently protect highly sensitive data • Lower impact to business owners Compliance • Reduce the scope of audits • Less time & effort • Minimize fines Advanced Threats • Quickly prioritize alerts and investigations • Reduce threat detection time • Minimize impact of an attack

  18. The RSA Solution • Understand how RSA DLP solves customers’ problems • Articulate how RSA DLP fits into customers’ environment • Identify RSA DLP’s key differentiators and how we solve problems better than the competition Current State Future State The RSA Solution Discovery Proof Points

  19. DLP as a Risk Management Solution Data Sensitivity User Actions Identities Non-Sensitive Data SEND BOARD COPY Regulatory Data Educate users in real time. POST EMPLOYEES STORE Company Secrets ACCESS Dramatically reduce the risk of data loss. CONTRACTORS

  20. Establishing a Risk-Based DLP Program • Understand the risk at hand • Reduce it systematically without disrupting the business DLP Program Lifecycle Management (driven by risk-based policies) DISCOVER EDUCATE ENFORCE Risk Across Infrastructure End Users & Risk Teams Security Controls ? RISK Understand Risk Reduce Risk Reduce Risk TIME

  21. DLP Covers Your Entire Infrastructure • Monitors data in motion (e.g. email, file transfers, posts to social media or other web traffic, and sensitive data synced to mobile devices or tablets) • Enforces controls based on the policy set-up RSA DLP Network RSA DLP Datacenter RSA DLP Endpoint • Discovers sensitive data on desktops and laptops • Monitors what users are doing with data on the endpoints • Enforces controls to protect the data • Protects sensitive data in virtual desktops and virtual applications from being copied or saved to the unprotected physical devices • Identifies the location of sensitive data across file shares, SharePoint & other repositories, databases, etc. • Moves files to a secure location or takes other actions to protect that data RSA DLP Enterprise Manager

  22. Network Datacenter Endpoint DLP Network Deployment Architecture Note: All RSA Network components except for RSA DLP Network Sensors can be deployed as virtual appliances. 4 4 3 2 1 5 5 3 1 2 • Schedules scans • Configures devices • Manages incidents and reports Encryption Server SMTP SMTP Outbound Relay Mail Servers SPAN TAP IM, HTTP, HTTPS, FTP Proxy Server Corporate Users Monitors only all outbound email and web traffic Note:When EMC VMware supports the network interface card (NIC), RSA will offer this in a virtual appliance form factor.  Monitors & enforces all outbound SMTP emails Monitors & enforces all internal emails Monitors & enforces all web traffic, including HTTPS DLP Administrator Coordinates all appliances

  23. RSA Data Discovery Architecture • Enterprise-class architecture is distributed and highly scalable • RSA DLP Datacenter can run on physical or virtual machines • Each geographic location has a site coordinator: • Manages all scans for a local network • Reports all data to the Enterprise Manager • RSA DLP agents are highly flexible because one agent can be configured for many different tasks: • Grid worker • Temporary agent • Only one instance of the DLP Enterprise Manager console is required per deployment • Whole product suite • Datacenter and Network • Endpoint and Network Main Data Center SharePoint DLP Administrator Secondary Data Center Database Note: All RSA Data Discovery components are offered as software. Remote Offices RSA Agents

  24. RSA DLP Endpoint Functionality Monitor Educate Enforce • Endpoint Enforce Agent is deployed to laptops or PCs • Enforces controls such: • Blocking an end-user from copying to a USB stick • Uploading sensitive information to a website • Emailing something from their webmail client    DLP Admin          Endpoint Coordinator    Connected or Disconnected from Corporate Network          Connectedto Corporate Network NotConnectedto Corporate Network    RSA DLP Endpoint Agent

  25. RSA DLP Enterprise Manager

  26. Configuration and License Model • Perpetual, per user license • Purchased as a stand-alone system or a bundled suite RSA DLP Enterprise Manager RSA DLP Endpoint RSA DLP Network RSA DLP Datacenter Monitor Discover Enforce Discover Enforce

  27. Key Differentiators of RSA DLP 5 Star Product • 2500+ customers • Gartner Magic Quadrant Leader • Industry best accuracy • Excellent coverage for emerging IT trends (BYOD, cloud, mobile, etc.)

  28. RSA DLP offers industry best accuracy in identifying sensitive data, resulting in: Fewer false positives Fewer violations to investigate RSA DLP achieves its high accuracy through a combination of: Innovations Methodologies Technologies Scalable fingerprinting technology where known sensitive data can be registered with the system Can be in files or databases Once registered, new DLP policies are created for deployment RSA uses sophisticated technologies such as: Derivative fingerprinting Binary fingerprinting Database crawling Content Analysis for Highest Accuracy

  29. Dedicated Knowledge Engineering Team develops and maintains DLP policies. RSA DLP Policy Library & Methodology Knowledge Engineering 170+ Built-in Policies • Work Experience: 12 years • Certifications: 18 regulations • Languages: Four • Background: Linguistics, Artificial Intelligence, Search Technologies • Education: Library Sciences, Computer Science Sample profile of a Knowledge Engineer

  30. Key Differentiators of RSA DLP 5 Star Product Strongest Discovery • 2500+ customers • Gartner Magic Quadrant Leader • Industry best accuracy • Excellent coverage for emerging IT trends (BYOD, cloud, mobile, etc.) 110110 00101 • Scan HUGE amounts of data • Grid-based scanning • Native support for SharePoint & Exchange

  31. Repurpose existing X86 hardware for scanning Add more workers to the grid dynamically to complete the scan faster Dynamic load balancing or distribution of load Unparalleled visibility into data in repositories No need to install software or services on SharePoint/Exchange server Quickly and efficiently scan with grid-based scanning Data Discovery Differentiators RSA Grid Scanning Native Scanning Support Microsoft APIs RSA DLP Datacenter Grid-based Scans RSA Grid: In-house Windows Servers (Physical or Virtual) Servers & Storage

  32. Key Differentiators of RSA DLP 5 Star Product Strongest Discovery Most Simplified Management • 2500+ customers • Gartner Magic Quadrant Leader • Industry best accuracy • Excellent coverage for emerging IT trends (BYOD, cloud, mobile, etc.) 110110 00101 • Scan HUGE amounts of data • Grid-based scanning • Native support for SharePoint & Exchange • Customized DLP workshop • Expert-built policies (170+) • Simplify process to build policies for IP protection (PWM) • Repeatable workflow for incident remediation (RRM)

  33. DLP Policy Workflow Manager (PWM) • Are planning to protect their data beyond basic regulatory data • Are interested in enabling their business owners to define what data is sensitive for them and who can do what with it • PWM helps customers: • Establish a framework to better enable their business owners to define data security policies • Provides a business portal for their business owner to log into and define: • What data is sensitive • Who can do what with it + Identify files & set business rules DLP Policy is routed for approval Business Managers  Create DLP Policy & check for feasibility Approved DLP Policy DLP Admin Policy applied across the enterprise. End Users

  34. DLP Risk Remediation Manager (RRM) Note: The remediation information from RRM does not automatically flow into DLP. Remediation has to be done manually (e.g. automated scripts to delete files). Business Users SharePoint Grid Apply DRM Customers will want to think beyond basic discoveryof data and think about the right process for remediating the exposed risk. Virtual Grid Encrypt Databases RSA DLP Datacenter RSA DLP RRM Delete/Shred Change Permissions Temp Agents File Servers File Activity Tools GRC Systems Policy Exception Agents NAS/SAN Endpoints Discover Sensitive Data Manage Remediation Workflow Apply Controls

  35. Key Differentiators of RSA DLP 5 Star Product Strongest Discovery Most Simplified Management Expand Value of DLP • 2500+ customers • Gartner Magic Quadrant Leader • Industry best accuracy • Excellent coverage for emerging IT trends (BYOD, cloud, mobile, etc.) 110110 00101 DLP 2.0 • Scan HUGE amounts of data • Grid-based scanning • Native support for SharePoint & Exchange • Customized DLP workshop • Expert-built policies (170+) • Simplify process to build policies for IP protection (PWM) • Repeatable workflow for incident remediation (RRM) • Address advanced attack and theft use cases • Integration with RSA Archer GRC platform • Integration with RSA Security Analytics

  36. Providing Content-Awareness to GRC and SOC Proactive Information Risk Management & Content-Aware Security Analytics • Expand beyond traditional DLP use cases • Tackle more advanced scenarios • Mature their information governance process • Better manage the risk of their most critical assets Risk Officer Security Analyst • A layered approach with agile, integrated technologies. Business Users RSA Archer Information Risk Management RSA Security Analytics Content-Level Intelligence RSA Data Discovery SharePoint File Servers Databases NAS/SAN Endpoints

  37. Discovery • Understand the target markets and key industries to focus on • Articulate key discovery questions for determining the extent of the customer problem • Develop questions that truly expose the pain to the customer Current State Future State The RSA Solution Discovery Proof Points

  38. RSA DLP Worldwide Adoption 3000+Customers Worldwide Retail Financial Healthcare Technology Insurance Others

  39. Stakeholder Discovery Questions • Economic Buyer • What’s the risk to your business if your regulated data is not covered? • How do you ensure all your regulated data is covered in your compliance process? • What’s the risk to your business if your IP is not protected and leaks out? • Chief Information Security Officer (CISO) • Chief Security Officer (CSO) • Chief Information Officer (CIO) • Chief Compliance Officer (CCO) • Chief Risk Officer (CRO)

  40. Stakeholder Discovery Questions • Technical Buyer • What is your process for classifying assets & finding where sensitive data resides? • How do you know and control what employees are doing with sensitive data? • How do you manage IT policies and enforce controls today? • How do you currently protect your company from data loss? • What regulations do you have to comply with? • IT Security Director

  41. Stakeholder Discovery Questions • Other Stakeholders • What kind of security and compliance concerns do you have about virtualizing critical and regulated business applications? • What information are you most concerned about leaking out of the company? • What are your current challenges with protecting that data? • Security Analysts • Business Managers (e.g. HR, Finance or Legal)

  42. Proof Points • Describe how other RSA customers have solved similar problems using our solution • Identify supportive proof points Current State Future State The RSA Solution Discovery Proof Points

  43. Customer Success Story Regional Healthcare Provider

  44. Leader in 2013 Gartner Magic Quadrant “…RSA's data discovery capabilities continue to be among the best in the market.” • Leader for 5th consecutive report • 2nd overall in completeness of vision “The stated RSA vision and product development plans are among the most complete of any vendor.”

  45. Course Summary During this course, you have learned to: • Articulate the business challenges associated with data loss • Describe how RSA DLP addresses customer challenges • Describe RSA DLP, its capabilities and differentiators • Identify and qualify a DLP opportunity • Provide proof points as evidence

More Related