quick wins with data loss prevention how to make dlp work
play

Quick Wins with Data Loss Prevention How to Make DLP Work for You - PowerPoint PPT Presentation

Dec 15, 2023 •602 likes •951 views

Quick Wins with Data Loss Prevention How to Make DLP Work for You Mark Moroses, Assistant CIO, John Dasher, Senior Director, Rich Mogull, CEO & Analyst Continuum Health Partners Data Protection, McAfee Securosis, L.L.C. Agenda Rich

  1. Quick Wins with Data Loss Prevention How to Make DLP Work for You Mark Moroses, Assistant CIO, John Dasher, Senior Director, Rich Mogull, CEO & Analyst Continuum Health Partners Data Protection, McAfee Securosis, L.L.C.

  2. Agenda • Rich Mogull, CEO & Analyst, Securosis, L.L.C. – Low-Hanging Fruit: Quick Wins with DLP • Mark Moroses, Assistant CIO, Continuum Health Partners – How Continuum uses McAfee DLP to protect sensitive patient data • John Dasher, Senior Director, Data Protection, McAfee – McAfee DLP solution overview 2

  3. Quick Wins with Data Loss Prevention ! Rich Mogull ! Securosis, LLC !

  4. DLP Fears ! • Too complex to deploy. ! • Too many false positives. !

  5. The Quick Wins Process !

  6. "Products that, based on central policies, identify, monitor, and protect data at rest, in motion, and in use through deep content analysis." ! -Rich Mogull !

  7. What DLP Provides ! • Helps you identify where you store sensitive information. ! • Helps you understand how that information is used and moved throughout your organization. ! • Proactively protects your information, while limiting impact on legitimate business processes. !

  8. Defining Process !

  9. Process Workflow !

  10. Prepare Directory Servers ! • Why? DLP policies are typically user and group based. ! • Need to correlate activities back to warm bodies. ! • Poor directories are a leading obstacle to DLP deployments. ! • Email vs. Web vs. Endpoint !

  11. Integrate with Infrastructure ! • Passive sniffer • Software • Admin (SPAN/ deployment ! credentials ! Mirror) ! • Email (MTA) ! Network ! Endpoint ! Storage !

  12. Integration Recap ! • For all deployments: Directory services (usually your Active Directory and DHCP servers). ! • Network deployments: Network gateways and mail servers. ! • Endpoint deployments: Software distribution tools. ! • Discovery/storage deployments: File shares on the key storage repositories (you generally only need a username/password pair to connect). !

  13. Choose Flavor ! Single Data Type ! Information Usage !

  14. Choose Deployment Type ! Network ! Storage ! Endpoint !

  15. Define Policies ! Single Type ! Information Usage ! • • Leverage an existing category Turn on (nearly) everything. ! when possible. ! • Collect as much as possible to • Tune later. ! identify usage patterns. ! • False positives are good! !

  16. Monitor ! ID ! Time ! Policy ! Channel ! Severity ! User ! Action ! Status ! 1138 ! 1625 ! PII ! Email ! 1.2 M ! rmogull ! Blocked ! Open ! 1139 ! 1632 ! HIPAA ! IM ! 2 ! jsmith ! Notified ! Assigned ! 1140 ! 1702 ! PII ! HTTP ! 1 ! None ! Closed ! 192.168.0.213 ! 1141 ! 1712 ! R&D/Product X ! USB ! 4 ! bgates ! Notified ! Assigned ! 1142 ! 1730 ! Financials ! Storage ! 4 ! Encrypt ! Escalated ! 192.168.1.94 ! Source Code ! 12 ! sjobs ! Confirm ! Open ! Cut/Paste ! 1143 ! 12/1/08 !

  17. Analyze ! • Top violations by data type. ! • Top violations by business unit. ! • Top violations by volume. ! • False positive patterns. ! • Different violations from same source. ! • Unusual origins. !

  18. What Did We Accomplish? ! • Established a flexible incident management process. ! • Integrated with major infrastructure components. ! • Assessed broad information usage. ! • Set foundation for later. !

  19. Deployment Best Practices ! Evaluate results ! Integrate with Define Initial Baseline scan ! Tune policy ! Infrastructure ! Policy ! Expand scan Add scope ! protection !

  20. Rich Mogull ! Securosis, L.L.C. ! rmogull@securosis.com ! http://securosis.com ! AIM: securosis ! Skype: rmogull ! Twitter: rmogull !

  21. Continuum Health Partners Deploying Data Loss Prevention Mark Moroses, Assistant CIO, Continuum Health Partners

  22. Background • Who is Continuum Health Partners? • Drivers – Regulations - HIPAA – Joint commissions to certify best practices – Regular audits • Failure not an option • Policy – Must be able to ensure enforcement – Need to prove policies are being followed 22

  23. Solution • Business Enablement – IT supporting physician’s needs • Allow liberal web access while still having monitoring capabilities • Data Risk Assessment – Documented inappropriate data leakage, which helped secure budget • Investigative Support – McAfee DLP has become the starting point for investigations – Investigations now able to occur much faster • Passing Audits – Proving compliance with policies and demonstrating working controls – Predictable technology and process speed future audits, reduce manpower requirements 23

  24. Lessons Learned • Executive sponsorship – Physician with prior first-hand experience • Deployment – “Soft opening” – Communicated roll-out plan • Response Plan – No “ready, fire, aim” – Work closely with HR & Legal stakeholders 24

  25. McAfee Data Loss Prevention John Dasher, Senior Director, Data Protection, McAfee

  26. Static DLP Leaks Data Data Violations 26 McAfee Data Protection

  27. Static DLP Leaks Data Data Violations Bit Bucket 27 McAfee Data Protection

  28. McAfee DLP Leverages Data Data Violations 28 McAfee Data Protection

  29. McAfee DLP Leverages Data Data Violations Data Intelligence Capture Fast, accurate policy creation and rapid, in- depth investigations 29 McAfee Data Protection

  30. McAfee DLP 9 Advantages Tight Product Integration • Integrated technologies provide superior protection • Optimized oversight and control Deployment Velocity • Protected sensitive data more quickly • Drive down deployment and ongoing costs Data Analytics • Build better policy, conduct fast investigations • Anticipate risks before they become problems

  31. McAfee DLP Solution – What Others Say NetworkWorld found that McAfee has a “very practical understanding of the role of DLP in a modern organization” with “innovative features, excellent user interfaces, and a clear vision for the future of DLP.” SC Magazine finds McAfee Host DLP “to be a good value for customers looking for a lot of features and a lot of flexibility in both data leakage control and enterprise rights management.” 31

  32. McAfee DLP Resources • Optimized Security Architecture for Data Protection http://www.mcafee.com/us/enterprise/optimize/data_protection.html – 10 Steps to Protecting Your Data – Low Hanging Fruit: Quick Wins with DLP – Forrester Research Total Economic Impact of McAfee DLP – McAfee 48-hour Data Risk Assessment • http://dataprotection.mcafee.com/forms/RiskAssessment • Data Protection section of McAfee.com http://www.mcafee.com/us/enterprise/products/data_protection/ data_loss_prevention/index.html – Continuum and BCI customer case studies • Data Protection Blogs http://siblog.mcafee.com/category/data-protection/ 32

  33. Q&A

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Prevention WINS & Media Inga Manskopf Adolescent Medicine Prevention WINS: Overview

Prevention WINS & Media Inga Manskopf Adolescent Medicine Prevention WINS: Overview

Community Prevention & Wellness Initiative June 20, 2014 Training Prevention WINS & Media Inga Manskopf Adolescent Medicine Prevention WINS: Overview Adolescent Medicine Prevention WINS: Overview Individual programs & community

609 views • 23 slides
Quick wins for an accessible website Baris Wanschers & Marloes Bosch - LimoenGroen Quick wins

Quick wins for an accessible website Baris Wanschers & Marloes Bosch - LimoenGroen Quick wins

Quick wins for an accessible website Baris Wanschers & Marloes Bosch - LimoenGroen Quick wins For an accessible website Who are we? Baris Marloes Frontend developer @ LimoenGroen. Partner @ LimoenGroen. Co-organizer of Frontend

944 views • 60 slides
Quick Wins in Cost Efficiency? RPA for SMEs Tadzio Schilling German Business Center, EY

Quick Wins in Cost Efficiency? RPA for SMEs Tadzio Schilling German Business Center, EY

Quick Wins in Cost Efficiency? RPA for SMEs Tadzio Schilling German Business Center, EY Robotics Process Automation (RPA) defined RPA delivers repetitive process executions and data handling that humans do across legacy, desktop and web

514 views • 12 slides
Data Loss Prevention Academic Senate Meeting October 18, 2017 Data Protection Program

Data Loss Prevention Academic Senate Meeting October 18, 2017 Data Protection Program

Data Loss Prevention Academic Senate Meeting October 18, 2017 Data Protection Program Empower users with the Secure critical data assets, ability to use new protect data confidentiality, and technologies while managing minimize

329 views • 4 slides
Data Loss Prevention Overview Jeff Silver, CISSP Delaware DLP Technical Specialist AGENDA: I.

Data Loss Prevention Overview Jeff Silver, CISSP Delaware DLP Technical Specialist AGENDA: I.

Data Loss Prevention Overview Jeff Silver, CISSP Delaware DLP Technical Specialist AGENDA: I. Introduction II. WHY Data Loss Prevention III. DLP Architecture and Fundamentals IV. Examples of DLP Violations IV. Examples of DLP

554 views • 38 slides
Digital Quick Wins for Manufacturers Innovate Your Way Out of the Crisis Hosted by Waleed

Digital Quick Wins for Manufacturers Innovate Your Way Out of the Crisis Hosted by Waleed

Digital Quick Wins for Manufacturers Innovate Your Way Out of the Crisis Hosted by Waleed Shihadah Goodies and hackathon We are giving away this presentation and a best practice guide for MS Teams In the intermission we will tell you about

751 views • 47 slides
Data Loss Prevention @ Duquesne University Brad Maloney | maloneyb@ duq.edu Manager, Secure

Data Loss Prevention @ Duquesne University Brad Maloney | maloneyb@ duq.edu Manager, Secure

Data Loss Prevention @ Duquesne University Brad Maloney | maloneyb@ duq.edu Manager, Secure Integrated Infrastructure Michael Muto | mutom@ duq.edu Sr. Information Security Engineer Reasons for DLP Assessing where your organizations

329 views • 20 slides
Marketing Mashup Ideal Customers Relationships Matter Quick Wins Ideal Customer

Marketing Mashup Ideal Customers Relationships Matter Quick Wins Ideal Customer

Marketing Mashup Ideal Customers Relationships Matter Quick Wins Ideal Customer Stop chasing every deal Stop trying to be all things Go deeper than Target Market Ideal Customer Ask 5 questions Simple things will

254 views • 10 slides
with DLP Real World Scenarios My Journey into Patient Data Protection 10+ years in Data Loss

with DLP Real World Scenarios My Journey into Patient Data Protection 10+ years in Data Loss

Stopping PHI Theft with DLP Real World Scenarios My Journey into Patient Data Protection 10+ years in Data Loss Prevention Dozens of customer installations across the finance and healthcare industries Chris Leffel My story in

603 views • 32 slides
HOLIDAY MARKETING QUICK WINS Brought to you by Whereoware #WOWWEBINAR Private and Confidential.

HOLIDAY MARKETING QUICK WINS Brought to you by Whereoware #WOWWEBINAR Private and Confidential.

HOLIDAY MARKETING QUICK WINS Brought to you by Whereoware #WOWWEBINAR Private and Confidential. Property of Whereoware, LLC. 1 MEET OUR SPEAKER BRADY COMPTON TWEET USING #WOWWEBINAR BRADY COMPTON Marketing PM 2 ABOUT US Award-Winning

755 views • 56 slides
Using Loss Data to Win Over Clients Webinar: June 29 th @ 11am EDT How can you use loss data to

Using Loss Data to Win Over Clients Webinar: June 29 th @ 11am EDT How can you use loss data to

Using Loss Data to Win Over Clients Webinar: June 29 th @ 11am EDT How can you use loss data to justify your coverage recommendations and help determine appropriate limits? When clients ask you for relevant loss examples, how do you respond and

341 views • 18 slides
EDA Quick View A new interface for visualizing arousal Elena Agapie & Caroline Pires The

EDA Quick View A new interface for visualizing arousal Elena Agapie & Caroline Pires The

EDA Quick View A new interface for visualizing arousal Elena Agapie & Caroline Pires The Problem How to make live arousal data more accessible? Make EDA data intuitive to non- scientists Real time arousal monitoring

1.01k views • 56 slides
AFP YEAR 2 - AWLN ACHIEVEMENTS AND QUICK WINS PRESENTED AT AFP PARTNERS MEETING MARCH 2015

AFP YEAR 2 - AWLN ACHIEVEMENTS AND QUICK WINS PRESENTED AT AFP PARTNERS MEETING MARCH 2015

AFP YEAR 2 - AWLN ACHIEVEMENTS AND QUICK WINS PRESENTED AT AFP PARTNERS MEETING MARCH 2015 AWLN ADVOCACY FOCUS FOR YEAR 2 NATIONAL/SUB-NATIONAL LEVEL ADVOCACY FOCUSING ON ADDING VALUE TO ONGOING ADVOCACY IN AFP FOCUS COUNTRIES TO

60 views • 5 slides
Loss Prevention Committee Richard Decker, Chairman AIG / President Global Marine September

Loss Prevention Committee Richard Decker, Chairman AIG / President Global Marine September

Loss Prevention Committee Richard Decker, Chairman AIG / President Global Marine September 18, 2013 Loss Prevention Committee Members 2013 Richard Decker, USA, Chairman Raymond Ng, Hong Kong John Aston, UK Terje Paulsen, Norway Massimo

366 views • 18 slides
Prevention Presented by: Paul Robertson, Construction Safety Services Director Integrated Loss

Prevention Presented by: Paul Robertson, Construction Safety Services Director Integrated Loss

Slip, Trip and Fall Prevention Presented by: Paul Robertson, Construction Safety Services Director Integrated Loss Control, Inc . September 19, 2017 Objectives Review Loss Study Info Review Applicable Standards and Best Industry Practices

645 views • 29 slides
Diabetes Prevention in the Arab American Community Nadia Syed MPH Agenda ACCESS Who are

Diabetes Prevention in the Arab American Community Nadia Syed MPH Agenda ACCESS Who are

Diabetes Prevention in the Arab American Community Nadia Syed MPH Agenda ACCESS Who are Arab Americans? 1817 Grant Work Doctor-DPP Relationships Barriers Misses/Wins . Arab Community Center for Economic and Social

694 views • 20 slides
8 STEPS TO BUILD A PROFITABLE SPORTS BETTING MODEL HERE IS WHAT YOU WILL LEARN 8 STEPS

8 STEPS TO BUILD A PROFITABLE SPORTS BETTING MODEL HERE IS WHAT YOU WILL LEARN 8 STEPS

8 STEPS TO BUILD A PROFITABLE SPORTS BETTING MODEL HERE IS WHAT YOU WILL LEARN 8 STEPS PROCESS TO BUILD A MODEL AND START WINNING IN SPORTS BETTING BONUS: Practical - I will show you how to calculate your first winning percentages and

1.92k views • 157 slides
How to Win an Innocent Spouse Case The Workshop Eric L. Green, Esq. 1 About Tax Rep LLC Tax Rep is

How to Win an Innocent Spouse Case The Workshop Eric L. Green, Esq. 1 About Tax Rep LLC Tax Rep is

How to Win an Innocent Spouse Case The Workshop Eric L. Green, Esq. 1 About Tax Rep LLC Tax Rep is a member driven community that helps each other build their representation practice and help taxpayers, with members being able to do so knowing they

486 views • 32 slides
Roulette The game of roulette serves as a nice introduction to some of the key ideas relating to

Roulette The game of roulette serves as a nice introduction to some of the key ideas relating to

Roulette The game of roulette serves as a nice introduction to some of the key ideas relating to probability. Alan H. SteinUniversity of Connecticut Roulette The game of roulette serves as a nice introduction to some of the key ideas relating to

1.14k views • 64 slides
UsingOSCARtoWintheCluster Challenge UniversityofAlberta

UsingOSCARtoWintheCluster Challenge UniversityofAlberta

UsingOSCARtoWintheCluster Challenge UniversityofAlberta PaulGreidanus,GordonKlok 1 TheClusterChallenge NewchallengeeventintroducedatSuper CompuFng2007.

380 views • 11 slides
The Value of Working With Wine Bloggers Panelists : Ilona Thompson, CWAS www.Palatexposure.com

The Value of Working With Wine Bloggers Panelists : Ilona Thompson, CWAS www.Palatexposure.com

The Value of Working With Wine Bloggers Panelists : Ilona Thompson, CWAS www.Palatexposure.com Miki Finnin www.TheVineyardTrail.com Moderator : Jason Stubblefield (Stub) www.CorkEnvy.com Overview Intro of Panelists Who Blogs About

711 views • 27 slides
CSE 158/258 Web Mining and Recommender Systems Assignment 2 Assignment 2 Open-ended Due

CSE 158/258 Web Mining and Recommender Systems Assignment 2 Assignment 2 Open-ended Due

CSE 158/258 Web Mining and Recommender Systems Assignment 2 Assignment 2 Open-ended Due Dec 3 (Tuesday) Submissions should be made via gradescope Assignment 2 Basic tasks: 1. Identify a dataset to study and describe its

670 views • 43 slides
10 Credit Bundle Save up to 40% on report purchases Select from any type of report available:

10 Credit Bundle Save up to 40% on report purchases Select from any type of report available:

WINE INTELLIGENCE REPORTS SHOP 10 Credit Bundle Save up to 40% on report purchases Select from any type of report available: We see great Landscape Reports value in Wine Intelligence reports. The Landscape reports A comprehensive view

518 views • 4 slides
W orldwide I ntelligence N etwork E nvironment (WINE) Symantec s Data

W orldwide I ntelligence N etwork E nvironment (WINE) Symantec s Data

W orldwide I ntelligence N etwork E nvironment (WINE) Symantec s Data Sharing Program Darren Shou and Tudor Dumitra Symantec Research Labs Goals of WINE

168 views • 14 slides

More recommend