Professional Documents
Culture Documents
By
The Wanderers
Outline of contents
[Scott]
[Angel]
Proposed Solution
[Koonal]
Business Problem
Problem
Cision
1200 Employees, 30+ offices, 8 countries
Confidential Data
Out of Scope
Anti Virus, Firewall, Intrusion Detection Systems, Email Spam Filtering
Limited Other legal requirements: No HIPPA or SOX requirements
Source: http://www-uxsup.csx.cam.ac.uk/~fanf2/hermes/doc/talks/2008-04-techlinks/data-protection.jpg
DLP Background
Definition of Data Loss Prevention
Other TLAs
Data Loss Protection
Data Leak Prevention/Protection
Information Loss Prevention/Protection
Information Leak Prevention/Protection
Extrusion Prevention System
Content Monitoring and Filtering
Content Monitoring and Protection
DLP Background
Identify where holes or exit points where leaks may occur
Instant messaging (Yahoo Instant Messaging, Windows Live)
P2P file sharing (e.g. LimeWire case as reported by LA Times)
Media streaming
Web mail (Yahoo mail, Gmail, Hotmail)
USB storage devices (ZDNet story from UK)
Removable drives
Devices connected through external ports (Firewire, serial, parallel)
FTP server
Printouts
DLP Background
DLP Background
How data are flagged and identified
Data Discovery
Looks into the content and not just the file type
Examine context considerations (factor in parent directories, user group
matching)
Structured data matching (SSN, credit card numbers, etc)
Unstructured data matching (diagrams, source codes, media files)
Fingerprint the data by using one way hash and saved in the database
Information can then be used to identify confidential data elsewhere
DLP Background
Three different levels of DLP
solution
Data in Motion
Data at Rest
DLP Background
Technical Feature Considerations
Centralized Management
Automated remediation
Market Presence
Staffing Needs
Solution Selection
The Selection
Given that the business problem of to be able to exchange
confidential information securely and easily,
We believe that a DLP solution have the ability to address such need
by identifying and securing confidential data in a comprehensive and
efficient manner as described in the guidelines above,
We select Websense as a representative of such DLP solution which
has met all criteria mentioned above.
Websense
Global leader in integrated Web security, data security, and email
security solutions.
Protects approximately 40 million employees at more than 40,000
organizations worldwide
Core strength in Web filtering, discovery and classification of content
Source: http://www.websense.com/content/aboutus.aspx
DLP Solution:
Websense Data Security Suite
Data Discovery
Data Protect
Data Monitor
Data Endpoint
DLP Solution:
Data Discovery
Software-based solution that remotely scans specified network file
shares, databases, email servers, data repositories, and desktops to
discover and classify confidential data on these systems
Automated remediation of unsecured confidential data on data
repositories, such as encryption, file removal, etc
370 different types of file definitions
DLP Solution:
Data Protection
Protects data with policy-based controls that map to business
processes
Automated, policy-based enforcement options including block,
quarantine, file removal, encrypt, audit and log, user notification in
real time.
DLP Solution:
Data Monitor
Monitors and identifies what customer data is at risk; who is using
the data in real time; and where this data is going
Precise ID technology
DLP Solution:
Data Endpoint
Provides endpoint security and control over what confidential data
is and should be stored (through local discovery)
Who is using it
How it is being used (with what applications)
Where it is being transferred (USB storage, printer)
DLP Solution:
Websense Data Security Suite
in Action
(Case: Miss Bea Haven)
Strengths
Weaknesses
Symantec
Websense
RSA(EMC)
DLP Solution
Deployment Architecture
DLP Solution
Deployment Architecture
Company Implementation
Project Implementation Cost Estimates
1st Year Fees / Component
Websense Data Security Suites
Estimated Discount (25% of list)
Implementation Consulting
Qty
1200
Price
$65
Total
$78,300
1200
-$16
-$19,575
80
$175
$14,000
Hardware
$18,000
Totals
$90,725
Qty
Price
Total
1200
$65
$78,300
1200
-$16
-$19,575
$58,725
Company Feasibility
Requirements Support
Requirement
Websense
Supported Notes
Legal Requirements
Regional / Language Requirements
X
X
Centralized Administration
Auto Identify Confidential Data
Limit End Point data actions
Industry Recognized Leader
X
X
X
X
Other Considerations
Limitations / Concerns
Software sold as subscription software (yearly ongoing costs)
Websense cannot detect data within image
Will users be able to easily create new controlled data sets
Data Privacy rules are regional and may conflict
PCI
8 countries
Conclusion
Cision needs to add DLP capabilities to their
current security solutions to meet the
business needs.
Websense meets the requirements
Websense is well positioned to grow with
Cisions future needs.
Your mileage may vary
Tanong? Perguntas? ?