7m ago
4.11 MB
68 Pages
Last View : 4m ago
Last Download : 2m ago
Upload by : Bennett Almond


THE DEFINITIVE GUIDE TO DATA LOSS PREVENTIONTABLE OF CONTENTS03 Introduction04 Part One: What is Data Loss Prevention08 Part Two: How DLP Has Evolved11 Part Three: The Resurgence of DLP24 Part Four: The Shift to Data-Centric Security28 Part Five: Determining the Right Approach to DLP40 Part Six: Business Case for DLP47 Part Seven: Buying DLP53 Part Eight: Getting Successful with DLP62 Part Nine: Digital Guardian—Next Generation Data Protection66 Conclusion67 Resources at a Glance2

INTRODUCTIONWHY READ THIS GUIDE?WHAT'S OLD IS NEW AGAINAs security professionals struggle with how to keep up with non-stop threats from every angle, a 10 year old technology, data loss prevention (DLP) is hot again. A number ofmacro trends are driving the wider adoption of DLP. But as we looked at the resources out there, we couldn’t find one source that could provide all the essential information inone place. So we created this guide to provide answers to the most common questions about DLP all in an easy to digest format.HOW TO USE THIS GUIDEIF YOU ARE. GO TO.New to DLPPart One: What is Data Loss PreventionFamiliar with DLP, but want to learn what’s newPart Two: How DLP has EvolvedNot sure where to start?Part Four: A Data Centric Security FrameworkTrying to determine the best DLP architecture for your organizationPart Five: Determining the Right Approach to DLPLooking to buy DLPPart Six: Buying DLPLooking for a quick win deploymentPart Eight: Getting Successful with DLPLooking to understand what makes Digital Guardian differentPart Nine: Digital Guardian’s Next Generation Data Protection3


PART ONE: WHAT IS DATA LOSS PREVENTION?DLP DEFINED“DLP [Data Loss Prevention] is a system that performs real-time scanning of data at rest and in motion,evaluates that data against existing policy definitions, identifies policy violations and automaticallyenforces some type of pre-defined remediation actions such as alerting users and administrators,quarantining suspicious files, encrypting data or blocking traffic outright.”DLP BASICSWHO USES DLP?WHAT: In short, DLP is a set of technology tools and processes thatensure sensitive data is not stolen or lost.COMPANY SIZES: Large enterprises in the Fortune Global 500have invested in DLP for almost 15 years. Today’s DLP puts thiscritical security strategy within the reach of mid-size enterprises.HOW: DLP detects and protects your organization’s sensitive data by: Scanning data in motion, in use and at rest Identifying sensitive data that requires protection Taking remedial action—alert, prompt, quarantine, block, encrypt Providing reporting for compliance, auditing, forensics andincident response purposesWHY: accidental (i.e. employee error) or malicious actions (i.e. cybercriminal breach) put your organization's data at risk.INDUSTRIES: Historically DLP has been heavily utilized in regulatedindustries such as financial services, healthcare, manufacturing,energy, even government. But new and motivated adversaries aren’tlimiting themselves; services companies across a wide range ofindustries are a major target for example.–451 Research, “TheData Loss PreventionMarket by the Numbers,”July 201550%OF ORGANIZATIONShave some form of DLP in place, but Gartnerpredicts that will rise to 90% by 2018. (source:Gartner “Magic Quadrant for Enterprise DataLoss Prevention”, 1 February, 2016 , Brian Reedand Neil Wynne)5

PART ONE: WHAT IS DATA LOSS PREVENTION?DO WE NEED DLP?Take a look at these common situations. If any of them apply to your organization, DLP will almost always make sense.DLP OBJECTIVES CHECKLISTOBJECTIVESITUATIONPersonal InformationProtection / ComplianceYour organization is required by national or local regulations to ensure protection andconfidentiality of your customers' information such as Personally Identifiable Information(PII), Personal Health Information (PHI), or payment card information (PCI).Intellectual Property (IP) ProtectionYour organization has valuable intellectual property, trade secrets or state secretsthat, if lost or stolen by a malicious employee or accidentally shared by an unwittingemployee, would cause significant monetary or brand damage.Your organization is the target of industry competitors or nation states who are tryingto break into your networks and pose as legitimate insiders to steal sensitive data.Business Partner ComplianceYour organization is contractually obligated to ensure that your customers' intellectualproperty is protected. Failure to do so would require you to pay a large financialpenalty to the customer.Your corporate clients are auditing you to determine that you have the ongoing securitymechanisms necessary to protect the sensitive data they have entrusted with you.Check if thisapplies to youCASESTUDYCompliance:St. CharlesHealth SystemCASESTUDYIP Protection:F50 EnergyCompanyCASESTUDYBusiness PartnerCompliance: Jabil6

THEGREATBRAINROBBERYDID YOU KNOW?SEE OUR BLOGTo learn more werecommend, WIPOut:The DevastatingBusiness Effects ofIntellectual PropertyTheft on our blog.Intellectual propertyis increasingly beingcompromised.In January 2016, 60 Minutes ran a feature, "The Great Brain Robbery," by Lesley Stahl that covered China’s widescale attack on U.S. companies to steal their intellectual property. Rather than competing with the U.S. economythrough innovation and development, the 60 Minutes report shows how China is committed to stealing IP throughacts of cyber-espionage.The Justice Department declared that China’s espionage activities are so wide in scale that they constitute anational security emergency, as China targets almost every sector in U.S. business. According to 60 Minutes, thisactivity is costing U.S. companies hundreds of billions of dollars in losses and more than 2 million jobs.7

PART ONE: WHAT IS DATA LOSS PREVENTION?ENTERPRISE DLPOR INTEGRATED DLP?THOUGHT LEADER INSIGHT: JARED THORKELSON, PRESIDENT DLP EXPERTSDG: Because of the increased interest and thedemand for DLP, more security vendors are addingDLP functionality into their products in what isreferred to as integrated DLP. So we asked JaredThorkelson of DLP Experts, to explain the differencebetween Enterprise DLP and Integrated DLP.JT: Enterprise or Full Suite DLP or technologies, arefocused on the task of preventing sensitive data lossand providing comprehensive coverage. They providecoverage across the complete spectrum of leakagevectors. Significantly, Full Suite DLP addresses thefull range of network protocols, including email,HTTP, HTTPS, FTP and other TCP traffic. Anothercritical distinction of most Full Suite DLP solutionsis the depth and breadth of their sensitive datadetection methodologies, which translates intomeaningful increases in DLP effectiveness. Anotherunique and critical feature of Full Suite DLP solutionsis a central management console. This eliminatesthe need for multiple management interfaces andsignificantly reduces the management overhead of acomprehensive DLP initiative.FREEDOWNLOAD· Get the DLP Experts2016 DLP VendorReview Report.Integrated DLP or Channel DLP solutions weredesigned for some function other than DLP thenwere modified to add some DLP functionality.Common Channel DLP offerings include emailsecurity solutions, device control software andsecure web gateways. In each case, Channel DLPsolutions are limited in their coverage and detectionmethodologies.8


PART TWO: HOW DLP HAS EVOLVEDDLP BACK IN THE LIMELIGHTDLP DeploymentsDLP came to market with big interest and bigger expectations. Demand softened as organizations struggled withthe cost and complexity of deploying first generation DLP software. The dramatic increase in big breaches, coupledwith factors such as DLP as a service, DLP functionality extending into the cloud and advanced threat protection,have put DLP back into the limelight.Steep Learning Curve,Significant ResourceRequirementInsider Threat ProtectionIP ProtectionMitigate Internaland External ThreatsCloud Data ProtectionHackers Breach Sony and Leaka Wide Range of DataDLP as a Managed ServiceComplianceData Loss IncidentFactors driving DLP deployment growth200420062008201020122014201610

PART TWO: HOW DLP HAS EVOLVED3 MYTHS OF DATA LOSSPREVENTIONToday’s DLP is sophisticated, automated and within the reach of more enterprises than ever. DLP’s history has beenone of hype and disillusionment, resulting in a few myths that need to be dispelled up front.MYTH 1:MYTH 2:MYTH 3:DLP REQUIRES SIGNIFICANTINTERNAL RESOURCES TOMANAGE AND MAINTAIN.DLP REQUIRES AT LEAST 18MONTHS TO DELIVER VALUE.DLP REQUIRES POLICYCREATION FIRST.DLP implementations are no longer a “big bang” thattake up to two years to return measurable value.Organizations can see results in days rather thanmonths or years. Today’s DLP solutions are modular andallow for iterative deployment as part of a continuouslyevolving, ongoing data protection program.Today’s DLP does not depend on a policy drivenapproach to get started. Context-aware DLP enablesyou to collect information on data usage and movement,and then work with the business unit leader to definethe right policies.While this was true in the past, new DLP options require no dedicated internal resources to manage andmaintain. The introductions of automation and managedsecurity services have eased what was perceived as the“heavy lift” of DLP: hosting, setup, ongoing monitoring,tuning and maintenance.11

THE DEFINITIVE GUIDE TO DATA LOSS PREVENTIONPART THREETHE RESURGENCEOF DLPDLP is no longer exclusively for the largest enterprises in the most data-dependent industries. A number of macrotrends such as cloud computing and big data are driving the wider adoption of DLP. Let’s examine them 12

PART THREE: THE RESURGENCE OF DLPTREND #1WELCOME TOA PERIMETERLESS WORLDTRADITIONAL BOUNDARIES HAVE SHIFTED The information ecosystem is built around a model of open collaboration andtrust—the very attributes being exploited by an increasing number of globaladversaries. Constant information flow is the lifeblood of the business ecosystem. Data isdistributed and disbursed throughout the ecosystem, expanding the domainrequiring protection. Adversaries are actively targeting critical data assets throughout the ecosystem—significantly increasing exposure and impact to businesses.TODAY'S GLOBAL INFORMATION ECOSYSTEMPressures and changes whichcreate opportunity and turalTechnology(source: Best Practices for Data Security & Data Breach Protocol, PwC, 2015)13

PART THREE: THE RESURGENCE OF DLPTREND #2THERE ARE MORE PLACES TOPROTECT YOUR DATACloud computing creates complexity as data increasingly leaves corporate boundaries and flows essentially uncheckedacross networks and devices you no longer control. The use of cloud services in the enterprise is at a tipping point.69%of organizations report cloud computinginitiatives have made security operations andmanagement more difficult.LESS THAN 1/2MORE62% THAN 1/3 80%of organizations report mobilecomputing initiatives havemade security operations andmanagement more difficult.have formal policies defining whatapplications may run in the cloud.of companies surveyed do not involvetheir company’s security professionals invetting cloud service providers.ONLY 1/2of cloud purchases are madeby line-of-business forprojects enjoying the directoversight or involvement of IT,which is the good news.have guidelines for how cloudapplications are to becontracted and approved.(sources: Enterprise Strategy Group; Verizon/Harvard Business Review)14

PART THREE: THE RESURGENCE OF DLPTREND #3BAD GUYS ARE AFTER YOUR DATALet’s face it: the bad guys are probably already on your networks and endpoints. These new and variedadversaries include cybercrime, nation states, hacktivists, and employees all chasing your sensitive data.They differ in motive and target, but they represent big risks to your organization.A WIDE RANGE OFADVERSARIES.Nation StateWHO ARE HIGHLYMOTIVATED.Trade SecretsEconomic, political, and/ormilitaryadvantageEconomic,political, and/orTrade rmationTradeSecretsEmerging technologiesCritical infrastructureEmergingtechnologiesLoss of competitiveadvantageLoss of competitiveadvantageto criticalDisruption· Economic, political, and/or militaryadvantageLoss ofof competitivecompetitiveLossmilitary advantageEconomic,Economic, political,political, and/orand/ormilitarymilitary advantageadvantageImmediate financial tureCriticalCritical sFinancial paymentinfrastructureadvantageDisruption to n toto tory inquiriesandpenaltiesinquiriesRegulatoryand penaltiesLawsuitsRegulatory inquiriesRegulatory inquiriessystemsPII,PCI,PHICyber Criminalsfinancial· ent gainandpenaltiesCollect gainsinformationfor futureLawsuitsImmediatefinancial ncesystemsfinancial gainsPII, PCI, rmationforfuturefinancialgainsLawsuitsLossof confidenceCollect information for futureLawsuitsfinancialgainsfinancial gainsInfluence political and/orsocialchangeInfluencepolitical and/orHacktivistssocial changesocialchangePressurebusiness to ion of tionof oyees,InformationofInformationof keykeycustomers, etcexecutives,executives, employees,employees,Sales,deals, marketcustomers,etccustomers, etcstrategiesSales, deals, marketstrategiessecrets, IP, R&DCorporateSales, deals,deals, marketmarketSales,strategiesCorporatesecrets, IP, R&DstrategiesBusinessoperationsmonetary gainProfessionalrevengePersonalPersonal sm revengeProfessionalPatriotismPatriotismCREATING UNPRECEDENTED RISKSFOR YOUR ORGANIZATION· Trade secrets· Business information· Emerging technologies· Critical infrastructure· Loss of competitive advantage· Disruption to critical infrastructure· Financial / Payment situations· PII, PCI, PHI· Direct financial loss· Regulatory inquiries and penalties· Lawsuits· Loss of confidence· Corporate secrets· Business information· Information about key executives, employees,customers· Disruption of business activities· Damage to brand and reputation· Loss of consumer confidence· Sales, deals, market strategies· Corporate secrets, IP, R&D· Business operations· Personnel information· Trade secret disclosure· Operational disruption· Brand and reputation· National security impactDisruptionof businessLoss ofof confidenceconfidenceLossactivitiesDisruption of businessactivitiesBrandand reputationDisruptionof businessbusinessDisruptionofactivitiesBrandand reputationactivitiesLoss of consumerconfidenceBrandreputationLoss nsumerLoss of consumerTradesecret disclosureconfidenceconfidenceTrade secretdisclosureOperationaldisruption· Influence political and/or social change· Pressure businesses to change their practicestheir practicesPressure businessbusiness toto changechangePressuretheir practicespracticestheirPersonal advantage,monetaryPersonal gainadvantage,InsidersPII,PII, PCI,PCI, PHIPHICorporatesecretsARE TARGETING YOURSENSITIVE DATA.Tradesecret etBrandandreputationOperationaldisruptionBrand dandreputationCorporatesecrets,R&DBusiness informationoperationsCorporatesecrets, IP,IP,monetaryR&D· ersonnelinformationBusinessoperations· Professional revengeNationalNational securitysecurity on· Patriotism15

PART THREE: THE RESURGENCE OF DLPTREND #3 (CONT.)BAD GUYS ARE AFTER YOUR DATAAND THERE IS A BIG "DETECTION DEFICIT" BETWEENTHEIR ATTACKS AND YOUR DETECTION.“Figure 5 offers a new twist on one of our favorite chartsfrom the 2014 DBIR. It contrasts how often attackers areable to compromise a victim in days or less (orange line)with how often defenders detect compromises within thatsame time frame (teal line). Unfortunately, the proportionof breaches discovered within days still falls well belowthat of time to compromise. Even worse, the two linesare diverging over the last decade, indicating a growing“detection deficit” between attackers and defenders. Wethink it highlights one of the primary challenges to thesecurity industry.”–Verizon 2015 Data Breach Investigations ReportVERIZON 2015 DATA BREACH INVESTIGATIONS REPORT100%Hackers Ability to CompromiseWITHIN “DAYS OR LESS”70%67%55%55%61%67%62%67%89%62%77%45%Lag time Differential50%Defenders Ability to Detect20%WITHIN “DAYS OR LESS”0%200420062008201020122014Figure 516

PART THREE: THE RESURGENCE OF DLPTREND #4DATA BREACHES AREFREQUENT AND LARGEShow this page to any data owner who might be skeptical of the need for better data protection.79,790SECURITYINCIDENTS—an “incident” is any event thatexposes and compromises theconfidentiality, integrity oravailability of an information asset2,122DATA BREACHES—the frequency of breaches,defined as incidents thatresult in confirmed datadisclosure to unauthorizedparties, is growing1 BILLION 154.00RECORDS LOST 3.79 MILLION—the average cost of recoveringfrom a single data breach—the average cost per lost/stolen record 56%—the increase in theft of“hard” intellectual propertyover 2014(sources: Verizon Data Breach Investigations (VBDIR) Report 2015; Ponemon Institute’s “2015 Annual Study: U.S. Cost of a Data Breach”; PWC “The Global State of Information Security Survey 2016”)17

PART THREE: THE RESURGENCE OF DLPTREND #4 (CONT.)DATA BREACHES AREFREQUENT AND LARGEThe size of data breaches is growing. 2015 was yet another year of massive data breaches, with an increase of 193reported incidents from 2014’s total. Here’s a roundup of the ten biggest data breaches last year, by total records lost.ORGANIZATION# RECORDS BREACHEDExcellus BlueCross BlueShield10 million9Premera11 million8VTech11.3 million7MacKeeper13 million6T-Mobile15 million5US Office of Personnel Management21.5 million4Ashley Madison37 million3Securus Technologies70 million2BCBS Anthem80 million1Database of US Voters191 million10SEE OUR BLOGGet more details aboutthese breaches at ourblog.18

ANATOMYOF A DATABREACH00101010 1 1 MEANS Tools, resources, and skills provide adversaries capability todominate the Kill Chain, while remaining completely undetected.MOTIVE State Sponsored: Acquire intelligence for military, politicalor economic advantage. Cyber criminals: Make money using any meansnecessary. Hacktivists: Promote their own political agenda.1 1 0 1 0 1 0 1 1 0 1OPPORTUNITY Timing and knowledge of the target increasesMeansthe chances of a successful intrusion. Attackers leverage this information11010101101to achieve their objectives.HACKED CUSTOMER00101010 1 1 1 DATA CAN ERASE MILLIONS IN PROFITS WITHIN WEEKSThe UK telecommunications firm TalkTalkthe110101011011 0 0 1 1was0110 victim of a cyber-attack in late 2014. Theattack resulted in the theft of personal data on 150,000 customers, including names, addresses, phonenumbers and TalkTalk account numbers. According to the company the cost to the company was around 60 million,or 88 million at current exchangerates.MotiveOpportunitySTOLEN011011 INTELLECTUAL PROPERTY CAN ERASE COMPETITIVE ADVANTAGE1 1 0 1 0VALUE101101AND 011000ERODE SHAREHOLDERMeansAmerican Superconductors 1Corporationwas targeted by Chinese economic espionage. AMSC1 0 1 0 1 0 1 1(AMSC)01created the code and controls to operate large wind turbines and partnered with a Chinese-governmentbacked private company, Sinovel Wind Group. Co, to manufacture the turbines themselves. After a booming business launch thatsaw AMSC grow revenue from 50 million to 500 million, ASMC eventually lost over a billion dollars in share value as Sinovel stoleall of its intellectual property and began creating and selling its own turbines. ASMC is suing Sinovel for over 1.2 billion dollars inChinese courts, and has been in litigation with them for years.PRIVACY ABUSES CAN BRING UNWANTED SCRUTINY AND FINES FROMREGULATORS WHILE INFLICTING REPUTATIONAL DAMAGEThe US HHS Office for Civil Rights recently closed a pair of HIPAA breach settlements: 3.9 million fine—Feinstein Institute for Medical Research 1.55 million fine—North Memorial Health Care of Minnesota19

PART THREE: THE RESURGENCE OF DLPTREND #5YOUR ORGANIZATION’SSTOLEN DATA IS WORTH MOREThe underground economyprofiting from cyber crimehas sophisticated pricing andpackaging models for sellingyour stolen data. The "DarkWeb" of limited-access sitesis used for illegal or criminalactivity, offering any would becyber thief global marketplacesin which to buy and sell stoleninformation.The breadth of products now available for sale on the "Dark Web" has evolved toinclude almost every type of data as part of a formal and an efficient value hierarchy.Every bit of stolen information has value, anywhere from .55 to 1,200 per record.The massive amount of private data traded in this complex underground hastransformed the economics of DLP.Counterfeit driver's license 100-150Social media account credentials 50Basic payment card data (including primary account number, cardverification code, expiration date). 5-12 per individual (US) 25-30 (EU).plus billing address, PIN, SSN, DOB 30 (US) 45 (EU)Bank account credentials (username & password) to an account witha 2,000 balance. 190 per compromised an account with a 6,000 balance an account with a 20,000 balance 1,200Patient medical records or health insurance account info (includingSSN, history, prescriptions, member ID number, claims information) 50 per individual recordCounterfeit Social Security cards ready-to-use 250-400Complete identity profile plus a matching utility bill 350(source: Dell SecureWorks)20

WHATHAPPENSTOSTOLENMEDICALPATIENTDATA?90%Cyber criminals monetize healthcare data in a different way thanfinancial data, because it has a longer shelf life. Healthcare fraud maygo undiscovered for months or years, making stolen medical identitiesamong the most valuable. Medical identity fraud takes the form of eitherfraudulent billing by unethical providers or misuse of another person'smedical records to obtain care. Criminals have become incredibly adeptat monetizing stolen identities on a massive scale. 363136%HIGHERthan the global average costof a data breach per lost orstolen recordAverage cost of alost/stolen data recordfor healthcare companies 154Average cost of alost/stolen datarecord for otherorganizations(source: IBM/Ponemon Institute)21

PART THREE: THE RESURGENCE OF DLPTREND #6THERE’S MORE DATATHAT’S WORTH STEALINGThe definition of what constitutes sensitive informationhas vastly expanded. It’s no longer enough just toprotect personally identifiable information (PII) andtraditional intellectual property. Sensitive data includesall kinds of intangible assets such as pricing model orbusiness methodologies that are pivotal drivers ofcompetitive advantage and shareholder value.INTANGIBLE ASSETS (SUCH AS IP) HAVE GROWNFROM 17% OF THE S&P 500’S MARKET VALUE IN1975 TO 84% IN 2015Components of S&P 500 Market 52005201580%60%40%20%0%Tangible AssetsIntangible Assets(source: Ocean Tomo, Annual Study of Intangible Asset Market Value)22

PART THREE: THE RESURGENCE OF DLPTREND #7THE SECURITY TALENTSHORTAGE IS HERE TO STAYCybersecurity has become a big business. As a result, it’s become an IT specialty that can’t find qualified practitioners fastenough to address the growing threats. Maybe you’ve already felt this pinch in your IT group. As an organization, you shouldbe betting that this trend continues, because the security talent shortage is not going away anytime soon.209,000Number of cybersecurity jobs in theU.S. that remained unfilled at thestart of 2016.74%Rise in the number of job postings over thepast five years.ONEMILLIONNumber of cybersecurity jobopenings worldwide, a backlog thatcould take up to 20 years to fill.53%Growth in demand for information security professionalsexpected over the next two years.6 MILLIONNumber of information security professionals neededglobally by 2019, with a projected shortfall of 1.5 million.(sources: Forbes; Stanford University analysis of Bureau of Labor Statistics; Cisco 2014 Annual Security Report; Bureau of Labor Statistics; Cisco)23

PART THREE: THE RESURGENCE OF DLPDLP BY THE NUMBERS“FEAR OF DATA LOSS OR THEFT” RANKEDAS THE TOP SECURITY CHALLENGE OVERTHE NEXT 12 MONTHS DLP RANKED #2 AMONG PLANNEDINFORMATION SECURITY PROJECTSACROSS MORE THAN 20 CATEGORIES BIGGEST SECURITY CHALLENGE—NEXT 12 MONTHSINFORMATION SECURITY PROJECTS—TOP CATEGORIESQ: What is your top information security challenge for the next 12 months?Firewall Management· To learn more, downloadthe 451 Research report,"The Data Loss PreventionMarket by the Numbers,"2015Fear of Data Loss/TheftDLPTimely Detection of AttacksSIEMLack of Internal Security Skill SetsFREEDOWNLOADMobile Device ManagementAccurate, Timely Risk VisibilityDetecting Intentional Risk ActivityIdentity ManagementRisk of Malicious Insider ActivityVulnerability AssessmentAddressing Cloud ComplianceSecurity OrganizationSecurity ControlsChallenge Data IntegrityInability to RecoverFrom Larger AttackSecurity Awareness2H 20142H 2013Threat Information OverwhelmingSecurity OperationsData Sovereignty IssuesCompliance ResponseSecurity Solutions Require Too ManyAdditional Sensors0%5%10%15%20%25%30%24

THE DEFINITIVE GUIDE TO DATA LOSS PREVENTIONPART FOURTHE SHIFT TO DATACENTRIC SECURITY“S&R pros must take a data-centric approach that ensures security travels with dataregardless of user population, location, or even hosting model.”–The Future Of Data Security And Privacy: Growth And Competitive Differentiation", Forrester Research, Inc., July 10, 201525

PART FOUR: THE SHIFT TO DATA-CENTRIC SECURITYALL THE TRENDS LEAD TODATA-CENTRIC SECURITYTHE SECURITY PARADIGMS THAT SERVEDIN THE PAST MUST EVOLVEDATA-CENTRIC SECURITYTechnology Reliability and ComplexityADVANCED THREATPREVENTIONFocus onpreventing targetedattacksDEFENSEIN DEPTHPERIMETERSECURITYFocused on securitytechnology for traditionalnetwork perimeter.1990Perimeter beginsto dissolve.Recognition that wecannot prevent every attack!Focused on enhanced layersof security, adoption ofincremental securitysolutionsSecurity teams and budgets in the commercial enterprisetoo small to deliver on the promise of a layered approach.200020102015 Simply stated, DLP is the foundation for data-centric security.26

PART FOUR: THE SHIFT TO DATA-CENTRIC SECURITY“DIGITAL BUSINESSES REQUIREA DATA-CENTRIC APPROACH.”“In this new reality, traditional perimeter-based approachesto security are insufficient. S&R pros must take a data-centricapproach that ensures security travels with the data regardlessof user population, location, or even hosting model.”(source: The Future Of Data Security And Privacy: Growth And Competitive Differentiation, Forrester Research, Inc., July 10, 2015)27

PART FOUR: THE SHIFT TO DATA-CENTRIC SECURITYA DATA-CENTRIC SECURITYFRAMEWORKMany organizations need help getting started. Forrester has created a framework to guide you on this journey. Their“Data Security & Control Framework” (figure below) breaks the problem of controlling and securing data into threesteps: Define, Dissect, Defend. With these steps completed organizations better understand their data and can thenallocate resources to more efficiently protect critical assets.DEFINEData discoveryDEFINE: This involves data discovery and data classification.Data classificationDISSECTData intelligenceData analyticsDEFENDAccessInspectDisposeKillDISSECT: This involves data intelligence (extracting informationabout the data from the data, and using that information to protect the data) and data analytics (analyzing data in near real-timeto protect proactively toxic data).FREEDOWNLOAD· To learn more aboutdata-centric security,get Dan Geer's "5Myths Holding YourSecurity Program Back"eBookDEFEND: To defend your data, there are only four levers you canpull — controlling access, inspecting data usage patterns for abuse,disposing of data when the organization no longer needs it, or “killing” data via encryption to devalue it in the event that it is stolen.(source: The Future Of Data Security And Privacy: Growth And Competitive Differentiation, Forrester Research, Inc., July 10, 2015)28


PART FIVE: DETERMINING THE RIGHT APPROACH TO DLPSTEP 1DETERMINE YOUR PRIMARYDATA PROTECTION OBJECTIVEThe most important consideration before undertaking a DLP project is to determine your organization’s primary dataprotection objective. Traditionally, organizations adopt DLP to achieve one of three objectives:COMPLY WITH REGULATIONSPROTECT INTELLECTUAL PROPE

2 THE DEFINITIVE GUIDE TO DATA LOSS PREVENTION 03 Introduction 04 Part One: What is Data Loss Prevention 08 Part Two: How DLP Has Evolved 11 Part Three: The Resurgence of DLP 24 Part Four: The Shift to Data-Centric Security 28 Part Five: Determining the Right Approach to DLP 40 Part Six: Business Case for DLP 47 Part Seven: Buying DLP 53 Part Eight: Getting Successful with DLP

Related Documents:

May 02, 2018 · D. Program Evaluation ͟The organization has provided a description of the framework for how each program will be evaluated. The framework should include all the elements below: ͟The evaluation methods are cost-effective for the organization ͟Quantitative and qualitative data is being collected (at Basics tier, data collection must have begun)

On an exceptional basis, Member States may request UNESCO to provide thé candidates with access to thé platform so they can complète thé form by themselves. Thèse requests must be addressed to esd rize unesco. or by 15 A ril 2021 UNESCO will provide thé nomineewith accessto thé platform via their émail address.

̶The leading indicator of employee engagement is based on the quality of the relationship between employee and supervisor Empower your managers! ̶Help them understand the impact on the organization ̶Share important changes, plan options, tasks, and deadlines ̶Provide key messages and talking points ̶Prepare them to answer employee questions

Chính Văn.- Còn đức Thế tôn thì tuệ giác cực kỳ trong sạch 8: hiện hành bất nhị 9, đạt đến vô tướng 10, đứng vào chỗ đứng của các đức Thế tôn 11, thể hiện tính bình đẳng của các Ngài, đến chỗ không còn chướng ngại 12, giáo pháp không thể khuynh đảo, tâm thức không bị cản trở, cái được

Le genou de Lucy. Odile Jacob. 1999. Coppens Y. Pré-textes. L’homme préhistorique en morceaux. Eds Odile Jacob. 2011. Costentin J., Delaveau P. Café, thé, chocolat, les bons effets sur le cerveau et pour le corps. Editions Odile Jacob. 2010. Crawford M., Marsh D. The driving force : food in human evolution and the future.

Le genou de Lucy. Odile Jacob. 1999. Coppens Y. Pré-textes. L’homme préhistorique en morceaux. Eds Odile Jacob. 2011. Costentin J., Delaveau P. Café, thé, chocolat, les bons effets sur le cerveau et pour le corps. Editions Odile Jacob. 2010. 3 Crawford M., Marsh D. The driving force : food in human evolution and the future.

MARCH 1973/FIFTY CENTS o 1 u ar CC,, tonics INCLUDING Electronics World UNDERSTANDING NEW FM TUNER SPECS CRYSTALS FOR CB BUILD: 1;: .Á Low Cóst Digital Clock ','Thé Light.Probé *Stage Lighting for thé Amateur s. Po ROCK\ MUSIC AND NOISE POLLUTION HOW WE HEAR THE WAY WE DO TEST REPORTS: - Dynacó FM -51 . ti Whárfedale W60E Speaker System' .

Glossary of Social Security Terms (Vietnamese) Term. Thuật ngữ. Giải thích. Application for a Social Security Card. Đơn xin cấp Thẻ Social Security. Mẫu đơn quý vị cần điền để xin số Social Security hoặc thẻ thay thế. Baptismal Certificate. Giấy chứng nhận rửa tội