Embed Size (px)
Citation preview
Protection from internal threats:Evolution of DLP or Who sets trends
EARLY DLP
Tasks that DLPs were designed to address:
Control of maximum number of communication channels
Corporate data leakage prevention
Archiving business communications
Incidents management
DEVELOPMENT OF DLP
Email messages, including encrypted ones FTP/FTPS, HTTP/HTTPS file transfer Skype, Viber, ICQ and other IMmessages and files
Messages in social networks, blogs, forums, chats
External devices, СD/DVD,printers
Audio monitoring
USER ACTIVITY MONITORING SYSTEMS
Control of work hours
Logging user actions
Application activity monitoring
Reporting
THE EMERGENCE OF COMPREHENSIVE INSIDER THREAT PROTECTION SYSTEMS
ConventionalDLP system
User ActivityMonitoring
System
User ActivityMonitoring
System
ConventionalDLP system
REQUIREMENTS TO COMPREHENSIVE INSIDER THREAT PROTECTION SYSTEMS
can control the maximum number of data transmission channels
are easily integrated into any network with no need to change infrastructure
operate on gateway level and on endpoints both
are modularized
are easily installed and configured, show high performance along with inconsiderable impact on endpoint operation
are user-friendly and easy to interact with
Market needs solutions that:
AN INTEGRATED APPROACH TO PROTECTION FROM INTERNAL THREATS
Information flows control and data leak protection
Work processes control
Operational risk management
Reputational risk management
SHIFT OF TRENDS
TOP 7 REASONS FOR DISMISSAL IN 2014
According to Falcongaze Analytics Center
Misuse of work hoursand internet — 37 %
Corruption and bribery — 21 %
Comments on management boardand corporate policy — 17 %
Search for new job — 11 %
Violation of corporate rules — 6 %
Negligent treatmentof confidential data — 4 %
Industrial espionage — 4 %
USER ACTIVITY STATISTICS
WORK HOURS MONITORING
INFORMATION ON VISITED SITES
USER RELATIONS GRAPH ANALYZER
USE OF APPLICATIONS ANALYSIS
REPORTING
CURRENT TRENDS
Fast introduction
Deployment in high complexity networks
Flexibility — several ways to intercept traffic
Comprehensive tool for information and economic security
Usability
Modularity
Low TCO
Thank you
