Steal This Data!Email Is the #1 Channel For Lost Data…

What Can You Do About It?

Let’s Talk - Agenda

• Your Presenter: Allan Cole• What Is DLP?• Why Do You Need it?• Regulations You Face• Case Study• How To Evaluate DLP• Why GalaxyTech• Next Steps

Who Is Allan Cole?

• 15 years of information security, privacy and education experience

• Specializes in risk assessment, gap analysis, policy content development, awareness training, strategy development and implementation.

• Senior Security Architect/Manager for McAfee Inc. for 11 Years. Designed and lead the implementation of complex security solutions for the financial, governmental, and healthcare business sectors.

What Is DLP?

Data loss prevention (DLP) solution is a system that is designed to detect potential data breach / data ex-filtration transmissions and prevent them by monitoring, detecting & blocking sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage) .

Why Do You Need DLP?

• Regulatory Compliance• Acceptable Use• Intellectual Property Protection

Regulatory Compliance

• Regulatory Compliance• HIPAA, GLBA, PCIDSS, SOX Regulations• Scan for sensitive information and block infractions• Secure business partner communication

Acceptable Use

• Acceptable Use• Block offensive content• Enforce messaging policy (attachment size, etc)• Add legal disclaimers to outgoing mails

Intellectual PropertyProtection

• Intellectual Property Protection• Block messages containing confidential data• Prevent email communication with competitor

Regulations You Face

• HIPAA- Health Insurance Portability and Accountability Act

• GLBA- Gramm, Leach, Bliley Act• PCIDSS- Payment Card Industry Data Security Standards• SOX- Sarbanes – Oxley Act of 2002

Case Study: The Problem

Customer Profile

Printing company servicing small business to fortune 500 corporations.

Challenges

The company was being sued by an employee that had been receiving emails with nudity embedded in the content of the email. These emails were being sent by another employee repeatedly and they had no solution to prevent this context from entering their environment. As a part of the legal settlement they to had to implement countermeasures to provide this from happens in the future.

Case Study: The Solution

Solution

Galaxytech recommend Cisco’s Ironport email security appliance with DLP and image analysis to ensure their acceptable use policy was being enforced.

How To Evaluate DLP

Things to think about when evaluating a DLP solution• The solution must be able to discover and protect confidential data wherever

it is stored or used • The solution must monitor all data usage and prevent confidential data from

exiting any network gateway or endpoint• Accuracy is critical• Automate policy enforcement• Visibility and control over encrypted data • Safeguard employee privacy• Proven global scale and architecture

Why GalaxyTech ?

Next Steps

• Let’s Review Your Needs• Pre Call Form • Conference Call With Director of Engineering

• Proof Of Concept