DLP in Theory and in Practice: What Weve Been Told, and...Reality.

1. DLP in Theory and in Practice: What We've Been Told, and...Reality. Pete Green, CISSP Technology Specialist End-user Computing (ZENworks) Novell Americas pegreen@novell.com

2. Background / What I�m hearing �out there� Endpoint security focus Field Sales Engineer Evaluations, Demos, Proof-of-Concepts, Design / Deployment Travel 50-70% Meet with 100�s of customers each year Banks Schools & Universities Local & State Government Federal Government Manufacturers Discuss DLP at least 50% of the time Of the 50%, 90% think DLP is accomplished in a single product

3. �DLP. What is it?� Data Leakage Prevention? Data Loss Prevention? Data Loss Protection? Information Leak Prevention? Information Loss Prevention? Information Loss Protection?

4. �DLP. What is it?� Is it an appliance? Is it an agent? Is it a scan tool? Is it a content management system? Is it encryption? Is it an endpoint security product?

5. DLP Evolution Old focus: Install an Antivirus agent Configure a Firewall Secure the network / port Secure web services Secure the endpoint Secure the perimeter

6. DLP Evolution NEW focus: Data is the key. Secure it.

7. Where is the data? Data in Use Data in Motion Data at Rest Deep Packet / Header Deep Content Inspection

8. Where does the data go? Source: Forrester Research 2007

9. Why we want DLP? DLP Calculator - http://www.tech-404.com/calculator.html

10. DLP Promises:Ease, Enforcement, Cost Single solution Easy deployment Confidential information tagging Limited false positives Integrates with other solutions Low cost

12. DLP Reality: Ease, Enforcement, Cost Source: Forrester Research, 2007

13. Thank You