Avoid the Deadly Sins of DLP and Know your Enemy Check Point University 2010
Agenda 1 2 Requirements Solution
Data Loss Prevention Data breaches have happened to all of us What is DLP? John.Stevens@yahoo.com Corporate Strategy Green World Strategy Plan 2010 Company document uploaded to an external website. E-mail sent to the wrong recipient, intentionally or by mistake.
The Cost of DLP Risks Lack of business edge on competitors Brand damage Regulatory Compliance Financial penalties – ISO Costs Professional Services: Identify Data Data loss risks – SMTP, HTTP, FTP Data Classification On going Classification Employee awareness
Risk Analysis 90% of all Data Loss incidents seem to be accidental loss through -SMTP email high Impact Intentional SMTP Accidental SMTP Intentional HTTP low low high Probability
Agenda 1 2 3 Requirements Solution Future
Megahopeful • Graduate R&D employees are intelligent users, unintentional data loss is primary issue. • Users need to be educated regarding their actions. • Must protect against information posted to Web sites and FTP servers. • Growing organization has finite IT administrator resources, any solution must not be too onerous. • The Solution must increase Data Leakage Visibility • Gateway based Check point DLP will address these issues.
Introducing Check Point Data Loss Prevention Prevent Move from detection to prevention Data Loss Prevention Alert An email that you have just sent has been quarantined. Reason: attached document contains confidential internal data The message is being held until further action. Send ,Discard , or Review Issue Educate Users on corporate data policies Enforce Data loss business processes Check Point Combines Technology and Processes to Make DLP Work NEW! John.Stevens@yahoo.com Corporate Strategy Green World Strategy Plan 2010 John, Let’s review the corporate strategy in our morning meeting.
Check Point Solves the DLP Challenge TechnologyChallenge Empowers users to remediate incidents in real time IT Staff Challenge Educates users on DLP policies without involving IT staff New UserCheck™ Technology
New MultiSpect™ Technology 600+ File Formats 250+ Data Types Correlates data from multiple sources using open language Detects more than 600 file formats Over 250 pre-defined content data types Detect and recognize proprietary forms and templates MultiSpect Detection Engine
Simple Rule-based Policy Management Easily Define Policy to Detect, Prevent or Ask User
Using Document Templates • Using document templates to identify sensitive Data
Project Plan Numbers • Create an updated list of current project numbers, to check for project details leaking out
More standardized Protections • Other Leakage protections
New Acquisitions • For acquisitions solution may be extended • Could use either the same policy or one more tailored to their needs • All secured from a central location using the same entities • As their current infrastructure is Cisco, DLP-1 appliance would slot in for immediate protection
SmartEvent • Check Point SmartEvent will allow real time altering of DLP incidents
Agenda 1 2 Requirements Solution
Summary Detect and control application usage AppWiki—Industry’s largest library with over 50,000 applications Educate users on corporate policies Check Point Application Control Software Blade Available on EVERY gateway Available Q4 2010