Presentation is loading. Please wait.

Presentation is loading. Please wait.

Endpoint Data Protection and Leakage Prevention Edy Almer VP Product Management & Marketing.

Similar presentations

Presentation on theme: "Endpoint Data Protection and Leakage Prevention Edy Almer VP Product Management & Marketing."— Presentation transcript:

1 Endpoint Data Protection and Leakage Prevention Edy Almer VP Product Management & Marketing

2 - Proprietary & Confidential - Agenda What Problem are we solving ? Legislation and Regulation Possible solutions Regaining Control of Endpoints and Data: Data Protection and Leakage Prevention with Safend Data Protection Suite Safend Auditor Safend Discoverer Safend Inspector Safend Encyptor Safend Protector Safend Reporter Summary Securing your Endpoints

3 - Proprietary & Confidential - Data Leakage and Targeted Attacks A Clear and Present Danger

4 - Proprietary & Confidential - Compliance Requirements States that currently have data protection laws States that do not currently have data protection laws

5 - Proprietary & Confidential - Government /Industry Regulations PCI DSS HIPAA GLBA US State PII regulations SOX BASEL II UK Data Protection Act South Africa PPI

6 - Proprietary & Confidential - Cost of Data Breaches Recovery Cost Averages Source: 5th annual "Cost of a Data Breach" study by the Ponemon Institute Customer Costs Brand damage Loss of existing customers Recruiting new customers Unbudgeted legal, audit and accounting fees Notification to customers Free or discounted service to customers Call center expenses Public and investor relations Internal investigations Incremental Costs Lost employee productivity Productivity Costs 54% 30% 16% Among the incidents reported, the most expensive data breach cost nearly $31 million to resolve, and the least expensive cost $750,000. Average Incident Cost per compromised record: $204 Average Incident Cost: $6.75 million

7 - Proprietary & Confidential - Approaches for Data/Access Protection Encryption (at rest) Encrypt Removable Storage, Hard Drives against accidental loss. Encryption (in use – DRM) Microsoft, Adobe, management tools. Egress point control Port/Device Control, Endpoint/GW DLP (IPS**, WAF**, FW**) Access Control List NTFS ACL, Database proxy, application level proxy, NAC Full Spyware applications – record everything

8 - Proprietary & Confidential - Port & Device Control Detachable Storage Control Removable Storage Encryption CD/DVD Encryption Wireless Control Hardware Keylogger Protection Hard Disk Encryption Centrally Managed and Enforced Transparent SSO Seamless authentication support Easy Recovery Strong Security and Tamper Resistant Content Based DLP Content Aware Application Control Data Leakage Prevention Through: , IM and Web External Storage Printers Any Application/Protocol safendreporter – Security and Compliance Analysis safendauditor – Endpoint security status audit safenddiscoverer - Sensitive Data Location and Mapping Single Lightweight Agent Agent Includes Multi-tiered Anti-tampering Capabilities Simple and Reliable Installation Process Single Lightweight Agent Agent Includes Multi-tiered Anti-tampering Capabilities Simple and Reliable Installation Process

9 Safend Data Protection Suite Architecture - Proprietary & Confidential -

10 Safend Data Protection Suite Single Management Server & Single Management Console

11 - Proprietary & Confidential - Content Aware Application Control Data Leakage Prevention Through: , IM and Web External Storage Printers Application (all protocols) Out of the box predefined classifications and Policies Interactive Message Center for user education Safend Inspector

12 - Proprietary & Confidential - Safend Protector Key Features Prevents data leakage and penetration via endpoints Detects and restricts any devices Enforces granular policies over physical, wireless and removable storage devices via real-time analysis of low-level port traffic Tamper-resistant Centrally managed & seamlessly integrates with Active Directory Ensures regulatory compliance Easy to use and scalable

13 - Proprietary & Confidential - Reports

14 Safend Encryptor: Key Features Encrypts all data on laptops and desktops – Total Data Encryption True SSO (Single Sign On) technology Transparent to end users & help-desk personnel Centrally managed and enforced Full visibility of organization’s Encryption status Stable and fault tolerant encryption Total Data Encryption, maintains performance and minimizes the risk of OS failure

15 Safend Encryptor: Full Audit Trail Detailed Client & Server Log Records Client Logs displayed in the Logs World: Server Logs displayed in the Logs World: Clients status displayed in the Clients World:

16 - Proprietary & Confidential - Safend Encryptor Full Audit Trail Detailed Server Log Records Examples of Encryptor specific server logs

17 Thank You ! Edy Almer

18 - Proprietary & Confidential - Case Study Healthcare: Firmley Hospital NHS The Company Frimley Park Hospital is a 720 bed NHS Foundation Trust employing approximately 3,500 staff and serving a catchment population of over 400,000. The Challenge: incorporate differing requirements across different areas of the business where unusual or complex medical devices are in use. The organization required a solution, which could be deployed within the short timeframes required by the new mandates, which was easy to manage and deploy and would not impact on the productivity of medical staff and administrators. Safend’s Solution: flexibility and granularity of the Safend solution, with a phased roll-out of the policies on a ‘by department’ basis. This ensured that a consistent machine-based policy could be implemented on most PCs with the occasional custom machine-based policy for unusual medical equipment and custom user-based policies layered on top to address individual needs. The end result is that the Trust has an endpoint and mobile data security system that is largely invisible to the user but which provides full assurance that it has satisfied its obligations in securing mobile data. Having evaluated a number of solutions, including one from McAfee/SafeBoot, (which at the time was centrally procured by the NHS), the Trust decided that the Safend solution was the best fit in terms of manageability and performance. “Safend was chosen because of its comprehensive integrated suite of endpoint security tools, including reporting, port control and disk and media encryption. The other major criterion for the selection was the need for a centralised solution with minimal management overheads and the need for a system that was largely transparent to the user.” - Firmley Park Hospital NHS, Head of IT

19 - Proprietary & Confidential - Case Study Government: Navy Mine Warfare Training Center The Company The only training center that trains sailors for shipboard mine counter measures. The Challenge: To ensure the integrity and security of the sensitive data used for instruction Seamlessly control data access via portable devices without impeding on instructors’ abilities to access data for teaching purposes. Safend’s Solution: Deploying 350 licenses of Safend Protector to guard against data leakage on nearly 850 ports throughout the Navy Mine Warfare Training Center Comprehensive Security of WiFi, FireWire and game ports “ Safend was the no-brainer choice to meet the Navy Mine Warfare Training Center’s needs. Of the 17 products we tested, it was the only one that could not be bypassed because it is loaded at the kernel and since it is not loaded as a service, users can’t shut the software off and circumvent the protection. The product was also very granular, making it easy to control access based on everything from device type to serial number. We found that it’s impossible to beat from our testing – you know you have found the right solution when no matter how hard you bang on it, it won’t break.” - The Navy Mine Warfare Training Center’s Director of Information Technology Herb Armstrong

20 - Proprietary & Confidential - Case Study Healthcare: LA County Department of Mental Health The Company The Los Angeles County Department of Mental Health (DMH) serves approximately one-quarter of a million residents each year, making it the largest mental health service system in the nation. The Challenge: Protection from leakage of the Department of Mental Health sensitive and personal client data for thousands of residents. Appropriately allow the safe use of USB memory sticks while blocking dangerous file types. Safend’s Solution: Seamless deployment of Safend Auditor and Protector to over 4,000 machines at its 130 locations across LA County Enforce protection policies to ensure that the data being saved was authorized, encrypted and approved to access our corporate ports “Safend was the clear choice to manage DMH’s thousands of endpoints. We chose Safend because its auditing and alerting capabilities were superior to other products we tested. Additionally, Safend offers a tamper proof agent that is unbeatable,” ” - DMH’s Departmental Security Officer Jeff Zito

Download ppt "Endpoint Data Protection and Leakage Prevention Edy Almer VP Product Management & Marketing."

Similar presentations

Ads by Google