Embed Size (px)
Citation preview
IAPP 2004
2 CONFIDENTIAL
Insider Leakage Threatens Privacy
3 CONFIDENTIAL
Typical Customer Data Leakage Scenario
Number of Employees 50,000
Average Number of Outbound Emails per Day 1 14
Percentage of Outbound Emails Containing Customer NPI 2 0.03%
Average Number of Customer Records Per Incident 3 19
Number of Customer Records Leaked Per Year 969,474
1 Ferris Research2, 3 Based on Vontu Risk Assessment Data
4 CONFIDENTIAL
Cost of Customer Data Breach
Plus potential embarrassment, damage to company’s brand, regulatory fines, and civil
lawsuits.
1 2004 Ponemon Institute Customer Trust Study2 Including incentives (e.g. free credit report), notification, PR and
customer support costs
Potential Cost of Incident(s)
Number of Customers Affected by Incident(s) 50,000
Percentage of Notified Customers That May Leave 1 31%
Estimated Notification & Remediation Cost per Customer 2 $75
Customer Acquisition Cost $500
Total Potential Loss $11,500,000
5 CONFIDENTIAL
Vontu Protect
Data Firewall software to accurately identify, report and
help prevent confidential customer and company information leakage.
6 CONFIDENTIAL
Define policies to enforce:• Customer data and compliance• Employee data• Intellectual property• Acceptable use• Customize for the environment
Define policies to enforce:• Customer data and compliance• Employee data• Intellectual property• Acceptable use• Customize for the environment
7 CONFIDENTIAL
Monitor outbound flow of information• Support email, web, FTP, and IM• Monitoring does not impact network
performance• Multiple monitors for all exit points
Monitor outbound flow of information• Support email, web, FTP, and IM• Monitoring does not impact network
performance• Multiple monitors for all exit points
8 CONFIDENTIAL
Example Customer Data Incident
Example Customer Data Incident
9 CONFIDENTIAL
Executive Summary ReportExecutive Summary Report
Policy Trends for a Period Policy Trends for a Period Top Policy ViolationsTop Policy Violations
Incident StatusIncident StatusIncidents with most matchesIncidents with most matches
10 CONFIDENTIAL
Secure Data Profiles Drive Accuracy
Heuristics are limited to approximate
guesses.
SDPs drive exact matches.
False positive: not customer
Social Security number
False positive: not customer
Social Security number
False positives:not Social Security numbers
False positives:not Social Security numbers
Usernames, passwords, customer
names can only be
detected with SDP
Usernames, passwords, customer
names can only be
detected with SDP
Known customer
record fields
Known customer
record fields
11 CONFIDENTIAL
• Goal– Executive “mandate” to monitor for customer data loss (RFP)– Regulatory requirements (PATRIOT Act, CA SB1386)– Enforce other “acceptable use” policies
• Configuration– Real-time scan of SMTP, HTTP, IM, and FTP for customer NPI – Geographically distributed system
• Results– Amount of leakage dramatically decreased– Monitoring over 10GB of email and web mail traffic in U.S. per
day– Global rollout to monitor to over 150k employees worldwide – NPI incident detection and response process in place
Fortune 25 Bank Case Study
12 CONFIDENTIAL
• Balancing employee privacy vs. consumer privacy
• Complexity of incident remediation for insider issues
• Confusing regulatory environment• Classifying and identifying confidential
information• Consistent policies across all channels, not just
email• Slow adoption of encryption and DRM
technologies
Challenges and Opportunities
