1 Proprietary & Confidential
Persistent Data Immunization
Yuval Eldar
Founder
March 2015
Proprietary & Confidential
2 Proprietary & Confidential
Agenda
• Secure Islands at a Glance
• A Changing Threat Landscape
• Introducing: Data Immunization
• How it Works
• Some useful Tips
3 Proprietary & Confidential
Secure Islands at a Glance
Leader in Information Protection & Control (IPC)
Introduced IQProtector™ in 2010
Offices in US, UK, Germany, Switzerland, Israel
Strategic OEM agreement with HP
Patented, field-proven technology
4 Proprietary & Confidential
Selected Customers
Global 2000 companies
• Financial
• Legal
• Manufacturing
• Retail
• Energy
• Telecommunications
5 Proprietary & Confidential 5
HOW SECURE IS YOUR DATA
6 Proprietary & Confidential
How Secure is Your Data?
6Proprietary & Confidential
7 Proprietary & Confidential 7
A CHANGING THREAT ENVIRONMENT
8 Proprietary & Confidential
The Threat Vectors
8
AS SOON AS A DOCUMENT IS CREATED – IT IS EXPOSED
Cyber Attacks
Partners / OffshorePrivileged Users& Cloud Providers
The Insider Threat
Users & Devices
Applications Storage
9 Proprietary & Confidential
The Threat Vectors
9
AS SOON AS A DOCUMENT IS CREATED – IT IS EXPOSED
Cyber Attacks
Partners / OffshorePrivileged Users& Cloud Providers
The Insider Threat
Users & Devices
Applications Storage
Can you ever be sure that your data is secure?
10 Proprietary & Confidential
You Are Not Alone
83% Of IT Professional don't know where their company’s sensitive data is located
88% are NOT confident in their ability to detect
a data breach involving unstructured data
Source: Ponemon Institute (2014)
Data Proliferates Beyond Traditional IT Perimeters
11 Proprietary & Confidential
CISOs Are Faced With Tough Challenges
• Secure information that inevitably ends up on multiple devices and machines
• Protect information when it no longer “resides” anywhere
• Maximize security in the cloud, without crippling cloud elasticity
• Ensure that data is fully protected without relying on a 3rd party’s security measures
• Guarantee that information remains safe even if an attacker gains access
12 Proprietary & Confidential 12
Many promises; Ends in “monitoring mode”
Data LossPrevention
Classic Rights Management
Extreme dependency on user involvement
CloudEncryption GW
Protects the perimeter –doesn’t protect the data
But Don’t Receive Enough Answers
Existing Paradigm:Attempt to control data wherever it goes
13 Proprietary & Confidential 13
LET’S CHANGE THE PARADIGM
14 Proprietary & Confidential
Active Data Immunization
14
Protect data from the moment of creation, throughout its entire lifecycle
StoreConsumeCreate ArchiveCollaborate
Tip for success: A good protection is persistent protection
15 Proprietary & Confidential 15
What is Active Data Immunization?
16 Proprietary & Confidential
Capture Data Where & When It’s Created
16
Endpoint
Mobile & ServerData
RepositoriesClassify pre existent data
and enable IT processes
Applications
(Exchange, SharePoint,
Office 365, Salesforce, SAP,
Open Text….)
Tip for success: Support every device, every application & every file-format
17 Proprietary & Confidential
Capture Data Where & When It’s Created
17
Encryption & Usage Rights
Classification & Tagging
Usage Tracking
Policy
Tip for success: Capture data as close to the source as possible
Classify & Protect on Creation
18 Proprietary & Confidential
100% accurate classification
18
Based on file context & content
FinanceUser
Generate Financial Report
in SAP
SalesforceReport
Sales Rep User
Files moved to an M&A folder in Share Point
19 Proprietary & Confidential 19
Minimizing Friction With The User
Information Classification Prism: from fully automatic – to user based classification
FULLY automatic
& seamless classification
System
recommendation
User based Tip for success: Take the user out of the equation as much as possible
20 Proprietary & Confidential
“IRM-ing” any Application
20
User
Seamless experience with native apps without compromising security
Leverage Microsoft RMS
Persistent encryption of
ANY file type (e.g. CAD designs,
audio, source code, and any other)
Use encrypted files in
their native apps - while
enforcing protection
and usage rights!
21 Proprietary & Confidential 21
LET’S SEE HOW IT’S DONESolution Demo
22 Proprietary & Confidential
5 Tips To Take Home
• Classify & Protect data as close to the source as possible -preferably, on creation
• Keep Security In-Line with Enterprise Policy
• Take the User Out of the Equation (When Possible)
• Check that the solution supports ALL applications & file formats natively
• Make sure that protected content is accessible to utilities like anti-virus/anti-malware, eDiscovery etc.
22
23 Proprietary & Confidential 23
THANK YOU
www.secureislands.com