Introducing Data Loss Prevention 14
Transcript of Introducing Data Loss Prevention 14
Introducing Data Loss Preven3on 14
Cheryl Tang Kedar Apte Sr. Product Marke/ng Manager Sr. Product Manager
Objec3ves
• This presenta/on is intended to provide you with an understanding of: – Customer challenges related to data in the cloud – Key benefits and features of “DLP for Cloud” offerings and DLP 14 – Where and how to iden/fy “DLP for Cloud” opportuni/es – How “DLP for Cloud” offerings are licensed
• What we won’t cover in this session – Compe//on – Objec/on Handling
Agenda
1 Market Overview and Customer Challenges
2 DLP for Cloud
3 Addi/onal Enhancements in DLP 14
4 Resources
Copyright © 2014 Symantec Corpora/on 3
Symantec Enterprise Security | PRODUCT STRATEGY
Copyright © 2015 Symantec Corpora/on 4
Informa3on is Everywhere Brings Produc3vity, Agility, Convenience ……and Problems
Copyright © 2015 Symantec Corpora/on 5
Cloud Mobile BYOD
Your security slows me down
I expect an insanely great user experience
You don’t own the device
I will use the device I want
You can’t lock my device down
You don’t own the app
You can’t say no
You don’t own the infrastructure
..and the Cloud is a Risky Place for Work Data
Copyright © 2015 Symantec Corpora/on 6
Informa3on Protec3on for the Cloud
Copyright © 2015 Symantec Corpora/on 7
Customer Challenges
• No visibility to what data is in the cloud – “I know my users are crea0ng and storing data in the cloud, but I have no idea if that data is sensi0ve and who is accessing the sensi0ve data.”
– “My users are syncing sensi0ve files to cloud storage sites.”
• No controls over what data can be stored/shared in the cloud – “How do I control sensi0ve data from leaking to the cloud?” – “We want to alert/educate users that they’re puEng sensi0ve files in the cloud puts the company at risk.”
• Security and compliance concerns holding back cloud adop/on – “We want to move to the cloud, but we’re worried about losing visibility and control over sensi0ve corporate data.”
– “Moving our data to cloud compromises our compliance requirements and puts us at risk for security breaches.”
Copyright © 2014 Symantec Corpora/on 8
What’s New in Data Loss Preven3on 14
Copyright © 2015 Symantec Corpora/on 9
Unified Management Extending Data Protec3on for the Cloud
Box Office 365 iOS Android
Email Web FTP IM
USB Hard Drives
Removable Storage Network Shares
Print/Fax Cloud & Web Apps
File Servers Exchange, Lotus
SharePoint Databases
Web Servers
Dozens of New Features in DLP 14!
Copyright © 2015 Symantec Corpora/on 10
14 VMware Fusion & Hyper-‐V support
Exchange 2013 Connector
Removeable storage for Mac
Browser-‐based uploads for Mac
Cloud Storage for Box
Media Transfer Protocol (MTP) support
Disable print screen
Auditor role for DLP policy management
Clipboard paste monitoring
PDF custom metadata tags
Enhanced Indexed Document Matching (IDM) algorithms
Enhanced SharePoint Connector
Cloud Prevent for Microsoh Office 365
Improved keyword matching performance
Modernized Enforce console
Mul/-‐language support for Endpoint pop-‐ups
Remote Index Data Matching (IDM) Indexer
Amazon Web Services support
Improved Exact Data Matching technology
40+ new interna/onal data iden/fiers
Cloud file sync and share (Endpoint Prevent)
Agenda
1 Market Overview & Customer Challenges
2 DLP for Cloud
3 Addi/onal Enhancements
4 Resources
Copyright © 2014 Symantec Corpora/on 11
DLP for Cloud
What it is
• Two new DLP products – Symantec DLP Cloud Storage (DLP 14.0)
– Symantec DLP Cloud Prevent for Microsoh Office 365 (DLP 12.5)
• Provide discovery, monitoring and remedia/on capabili/es for cloud-‐based storage and email
• An opportunity for you to make money – addi/onal licensing required
Benefits
• Enables customers to take advantage of the cloud with control and visibility
• Protects data regardless of it’s on-‐premise or in the cloud
• Easily and quickly extends current data loss policies and workflows to cloud apps
Copyright © 2014 Symantec Corpora/on 12
DLP Cloud Storage
Features
• Scan Box Business and Enterprise Accounts to discover and tag sensi/ve informa/on in Box
• Enable user self-‐remedia/on from Box (visual tags) and the DLP Self-‐Service Portal
• Seamlessly integrates with Box and your current DLP system
Benefits
• Provides visibility into the sensi/ve files that users are storing and sharing on Box
• Quickly and easily extends current data loss policies and workflows to Box
Copyright © 2014 Symantec Corpora/on 13
New in DLP 14!
DLP Cloud Storage: Incident List
DLP 14.0 Differences Training: Storage 14
DLP Cloud Storage: Incident Details
DLP 14.0 Differences Training: Storage 15
File Loca3on indicates the Username and the file loca3on in
the users Box account
DLP Cloud Storage: Incident Details
DLP 14.0 Differences Training: Storage 16
Collaborators and their roles are listed in the incident
DLP Cloud Storage: Incident Details
DLP 14.0 Differences Training: Storage 17
Shared link informa3on lists permissions assigned to the link
DLP Cloud Storage: Visual Tags in Box
Copyright © 2014 Symantec Corpora/on 18
Sensi3ve files are automa3cally tagged in Box
DLP Cloud Prevent for Microso[ Office 365
• Monitors and protects confiden/al email sent from your Microsoh-‐hosted instance of Exchange Online
• Seamlessly integrates with Exchange Online and your current Symantec DLP system
• Ensures email delivery via Symantec Email Security.cloud
Benefits Features
• Lowers total cost of ownership by reducing on-‐premises servers and overhead
• Delivers faster /me to value than on-‐premises solu/ons by leveraging IaaS
• Quickly and easily extends current data loss policies and workflows to Exchange Online
Iden3fying DLP for Cloud Opportuni3es DLP Installed Base
• Upsell Cloud Storage and/or Cloud Prevent to address cloud security and compliance concerns – Gain visibility into your sensi/ve data in the cloud – Implement controls for sensi/ve data stored and accessed by cloud apps – Accelerate cloud storage and cloud email adop/on with monitoring and protec/on capabili/es
• Key Buyers – CIO – CISO – VP or Director of Info Sec
Copyright © 2014 Symantec Corpora/on 20
“How do you determine if sensi1ve data is in the cloud?”
Discovery Ques3ons
Copyright © 2014 Symantec Corpora/on 21
What to Ask What to Listen/Probe For
“How do you monitor and protect cloud apps and data that LOB has implemented outside of IT?”
-‐ Shadow IT concerns -‐ Concerns about risky employee behavior
(“stop stupid”) -‐ Lack of visibility into what sensi/ve data is
stored and shared in cloud apps
-‐ No visibility into what sensi/ve data is stored and shared in the cloud
-‐ Challenges geqng cloud data under control -‐ Difficulty changing risky employee behavior
(“stop stupid”)
-‐ Security and compliance as a barrier for cloud adop/on
-‐ Increased use/adop/on of cloud apps by LOB -‐ Poten/al penal/es/fines related to breached
data or lack of compliance
“How concerned are you about data loss from cloud storage and email?”
Pricing
• Upside for YOU – Cloud Storage and Cloud Prevent require addi/onal licenses
Copyright © 2014 Symantec Corpora/on 22
Product SKU MSRP Meter License Type SYMC Buying Program Perpetual Subscrip3on EXP REW ACAD GOV VPA XGEO FLEX XSP
DLP Cloud Storage 14 $27.50 (USD) Managed User 12 month P P P P P P P P
DLP Cloud Prevent for Microsoh Office 365 Exchange 14 $10.99 (USD) Managed
User 12 month P P P P P P P P
Agenda
1 Symantec Informa/on Protec/on
2 DLP for Cloud
3 Addi/onal Enhancements in DLP 14
4 Resources
Copyright © 2014 Symantec Corpora/on 23
Cloud File Sync and Share
Copyright © 2014 Symantec Corpora/on 24
• Endpoint Prevent now monitors and prevents users from syncing sensi/ve files from their desktop to cloud storage sites
• Applica/ons monitored by default include:
– Box
– Dropbox
– Google Drive
– Hightail
– iCloud
– Microsoh OneDrive
Benefits Features
• Reduces risk of sensi/ve data loss
• Prevents sensi/ve informa/on from being sync’d to cloud storage sites
• Improves end-‐user awareness and educa/on of security policies
Improved Endpoint Agent for Mac OS
Copyright © 2014 Symantec Corpora/on 25
• Endpoint Prevent now monitors and prevents confiden/al data transfer between Mac endpoints and removable storage devices
– Save as and File copy opera/ons supported
• Endpoint Prevent now monitors and prevents confiden/al data uploads using browsers on Mac endpoints
– Safari, Chrome and Firefox browsers supported
• VMware Fusion 7 support monitors data in use on a virtual Windows machine and prevents unauthorized file transfer
Benefits Features
• Reduces risk of sensi/ve data loss Mac endpoints
• Prevents data loss from Mac endpoints
• Enables BYOD
Improved Endpoint Agent for Windows
Copyright © 2014 Symantec Corpora/on 26
• Chrome support monitors and prevents users from transmiqng from Chrome browsers
• Microso[ Hyper-‐V support protects data in use on virtual Windows machines residing on a Hyper-‐V Server
• Media Transfer Protocol (MTP) support monitors and prevents data transfer between Windows desktops and mobile devices using MTP.
Benefits Features
• Reduces risk of sensi/ve data loss
• Prevents data loss to mobile devices
• Enables BYOD
Improved Content Detec3on Technologies
Copyright © 2014 Symantec Corpora/on 27
• Improved keyword matching technology
• Exact Data Matching (EDM) now supports larger indexes (6 billion cells) and provides an enhanced algorithm – Previously supported 2 billion cells (3x increase)
• Enhanced indexed data matching
• New Remote Indexed Document Matching Indexer allows data owners to directly fingerprint documents
Benefits Features
• Up to 7x faster matching and significantly beter performance with added keyword rules
• Provides faster detec/on and improved accuracy for extremely large structured data sources (e.g. databases)
• Up to 50x smaller indices with faster matching and no loss of accuracy
• Reduces data moved across network, improves security and fans-‐out fingerprin/ng policy
Key Takeaways
Copyright © 2014 Symantec Corpora/on 28
1 DLP 14 extends data protec3on for cloud storage and email
DLP Cloud Storage scans, discovers and tags sensi/ve informa/on in Box
DLP Cloud Prevent for Microso[ Office 365 monitors and protects confiden/al email sent from Exchange Online
Endpoint Prevent now monitors and prevents users from syncing sensi/ve files to cloud storage sites with a new Cloud File Sync and Share feature
2 3
4
Agenda
1 Symantec Informa/on Protec/on
2 DLP for Cloud
3 Addi/onal Enhancements in DLP 14
4 Resources
Copyright © 2014 Symantec Corpora/on 29
Sales Tools and Resources
• DLP 14 sales training • What’s New/Reasons to Upgrade datasheet
• DLP for Cloud datasheet • Updated DLP datasheet • Updated DLP first mee/ng deck
• Updated SYMC vs. WebSense batlecard
• Updated SYMC vs. RSA batlecard
• Updated SYMC vs. McAfee batlecard
• Updated DLP Xcel course
Copyright © 2014 Symantec Corpora/on 30
& Q A
Copyright © 2014 Symantec Corpora/on 31
Thank you!
SYMANTEC PROPRIETARY/CONFIDENTIAL – INTERNAL USE ONLY Copyright © 2014 Symantec Corpora/on. All rights reserved.
Cheryl Tang, Kedar Apte