#completevisibility

Mitigating the risk of security breaches and minimizing compliance costsin the Enterprise

Speakers

Jeff MelnickManager, Sales EngineeringJeff.Melnick@netwrix.com888-638-9749 x 971

Danny MurphyPre-Sales EngineerDanny.Murphy@netwrix.com88-638-9749 x 2202

#completevisibility

Housekeeping

All microphones will be mutedfor the duration of the webinar

To submit text questions use the Question Pane

All questions, comments or opinions are greatly appreciated

The Question Pane

#completevisibility

Agenda

Security Breaches in the Enterprise

Compliance Standards and Regulations

Top Pain Points for the Enterprise

Case Study

Demonstration

Budget calculation and ROI

About Netwrix Corporation

Questions and Answers

Prize Drawing

#completevisibility

Security Incidents in the Enterprise

44% more incidents in 2014

A rich trove of information is under the risk – including: trade strategy documents, intellectual property, large volumes of consumer data and more.

#completevisibility

Financial losses

PWC Global State of Information Security Survey 2015:The annual estimated reported average financial loss for 2014 - $2.7 million – a

jump of 34% over 2013

Verizon Data Breach Investigations Report 2015:$400 million the estimated financial loss from 700 million compromised

records

Center for Strategic and International Studies:Estimated that the annual cost of cybercrime to the global economy ranges from

$375 billion to as much as $575 billion

World Bank, World Development Indicators Database:loss of trade secrets may range from $749 billion to as high as $2.2 trillion annually.

#completevisibility

Typical sources of security breaches

Insider Threats Internal employees Current and former service providers Consultants Contractors

Insider Threats are more costly and damaging

The Top Offenders of Insider Crimes

Source: http://www.pwccn.com/webmedia/doc/635527689739110925_rcs_info_security_2015.pdf

18% current service providers/

consultants/contractors

15% former service providers/

consultants/contractors

35% current employees

30% former employees

13% suppliers/business partners

11% customers

#completevisibility

Typical sources of security breaches

24

24

18

16

16

14

10

9

7

6

0 5 10 15 20 25 30

Hackers

Competitors

Unknown

Activists

Information brokers

Organized crime

Terrorists

Foreign organizations

Foreign nation-states

Domestic intelligence service

OUTSIDE SOURCES OF SECURITY BREACHES, 2013-2014, %

Source: http://www.pwccn.com/webmedia/doc/635527689739110925_rcs_info_security_2015.pdf

#completevisibility

Compliance Standards and Regulations

Best Practices, Standards and Regulations

ISO 27001, COBIT, NIST

PCI, HIPAA, SOX, FISMA, FFIEC/GLBA

Commonalities

Availability, Integrity, Security, Accountability

Policies, Implementation, Validation, Reporting

#completevisibility

Non-Compliance Consequences

ComplianceStandard

Financial and Non-Financial Consequences

PCIHome Depot - $43 millionTarget - $1 billion

HIPAANY and Presbyterian Hospital and Columbia University - $4.8 million

Cignet Health Center - $4.3 million

SOX

American International Group (AIG) - $800 millionWorldCom, Inc. – $750 million

#completevisibility

Budget

Enterprise: 5% increase in security spending for 2014

Overall, 3,8% of IT budget spent on information security

Source: http://www.pwccn.com/webmedia/doc/635527689739110925_rcs_info_security_2015.pdf

INFORMATION SECURITYBUDGET IN THE ENTERPRISE

$ BILLION

2013 2014

10,310,8

#completevisibility

Spending Priorities

Privileged user access

Account provisioning/deprovisioning

Role based access controls

Tools to discover unauthorized access

Data loss prevention tools

Tools to discover unauthorized access

Unauthorized use or access monitoring tools

Source: http://www.pwccn.com/webmedia/doc/635527689739110925_rcs_info_security_2015.pdf

#completevisibility

Top Pain Points for the Enterprise

Collect, consolidate, process of the audit data and manage changes overall

Provide monitoring of data and configurations integrity

Able to provision systems’ accounts and related privileges

Manage privileged accounts

Control access permissions

Audit changes to and configurations of the informational systems

Manage credential information

Able to perform data governance

SECURITY

#completevisibility

Top Pain Points for the Enterprise

Need a reliable tool to enact continuous compliance once implemented, while also improving and simplifying internal audit processes

Able to audit all the information, without a random sampling

Provide the direct access to the audit team rather than relying on the information provided

Automate the process of reports creation

Provide centralized and long-term data storage for comparison and recovery

COMPLIANCE

#completevisibility

Top Pain Points for the Enterprise

Ensure business continuity

Simplify the process of reports creation

Delegate access to audit data

Reduce time to investigate, find and fix changes

Response to arising problems faster

OPERATIONS

Netwrix Auditor

What We Do?

enables #completevisibility into both security configuration

and data access within your IT infrastructure

by providing actionable audit data

about who changed what, when and whereand who has access to what across

your IT infrastructure.

What We Do?

#completevisibility

Case Study

Enterprise Inns

Industry: Retail

Application:Active Directory, Microsoft Exchange, File Server, SQL Server

For us being secured means knowing what is going on. We can always refer to Netwrix Auditor to ensure that our networks are in a safe state.

- Tej Singh, Senior Systems Analyst, Enterprise Inns

#completevisibility

Case Study

Challenge: Lack of Visibility over Virtualized Data

Native logs would not provide us with necessary level of detail about what is happening across our network. So we were recommended to improve the visibility into the IT infrastructure with a change auditing solution.

- Tej Singh, Senior Systems Analyst, Enterprise Inns

#completevisibility

Solution: Non-Intrusive Auditing for Network Security

The main concern for Enterprise Inns has been a lack of visibility over amendments users made to files and folders, permissions, distribution and security groups.

Netwrix Auditor improves the security and helps us get complete visibility over the network easily. By running reports on specific changes we can detect and respond to odd modifications on the go.

- Tej Singh, Senior Systems Analyst, Enterprise Inns

Case Study

#completevisibility

Demonstration: Complete Visibility Into Changes With…

Netwrix Auditor

#completevisibility

Budget Calculation

I. Personnel costs: current change reporting issues and report preparation

Manual Process

NetwrixAuditor

Average monthly AD changes investigated manually 30 30

Average time ( hours) to investigate, find and fix each relevant change

7 0.25

Average time each month time (in hours) to investigate, find and fix relevant changes

210 7.5

Average time each month ( hours) to manually prepare reports for the auditors

12 0.5

Average time each month (hours) to manually restore AD Objects

8 0.05

Monthly average time (hours) to find and fix changes, restore objects and prepare reports

230 8.05

#completevisibility

Manual Process

NetwrixAuditor

Average annual salary + benefits cost for AD support personnel $65,000 $65,000

Average number of work days per year (49 weeks x 5 days/week) 245 245

Average hours worked per day 8 8

Average number of hours worked per year 1,960 1,960

Average hourly wage of a support person $33 $33

Average Monthly Cost to fix relevant current changes $7,628 $267

Average annual personnel cost to find/fix changes, restore objects and prepare reports $91,531 $3,204

Budget Calculation

#completevisibility

One Year ROI

II. First Year Net Savings Using Netwrix Auditor for AD

First Year License Cost $20,000

First year Support and Maintenance costs $4,000

Total Netwrix Product First Year Costs $24,000

Personnel costs for dealing with AD issues using Netwrix Auditor for AD $3,204

Total Cost Netwrix Auditor for AD and Personnel Time to use it $27,204

Cost personnel time manually dealing with AD issues $91,531

First Year Net Savings Using Netwrix Auditor for AD $64,327

One Year ROI Using Netwrix Auditor for AD 236 %

#completevisibility

Three Year ROI

III. Three Year Savings Calculation Using Netwrix Auditor for AD

First Year Costs - License plus Support and Maintenance $24,000

Second Year Support and Maintenance Costs $4,000

Third Year Support and Maintenance Costs $4,000

Three Year Costs Netwrix Auditor for AD Licenses and Support and Maintenance $32,000

Three Year Personnel Costs To Use Active Directory $9,611

Total Three Year Costs For Netwrix Auditor for AD $41,611

Three Year Costs Employing Manual Processes $274,591.84

Three Year Net Savings Using Netwrix Auditor for AD $232,981.12

Three Year ROI Using Netwrix Auditor for AD 560 %

#completevisibility

Key Resources Saved:

MONEY

TIME

EFFORTS

#completevisibility

Briefly About Netwrix

All awards: www.netwrix.com/awards

#completevisibility

Netwrix Corporation

Founded in 2006

HQ in Irvine, California

Philosophy – deliver complete visibility of IT infrastructure

Global customer base – 6000

6M user licenses

Global support North America, EMEA and Asia

Among the fastest growing software companies in the US (Inc 5000, Deloitte)

Corporate Headquarters:300 Spectrum Center Drive #820 Irvine, CA 92618888-638-9749www.netwrix.com

Additional Offices:Columbus, OHParamus, NJAtlanta, GAKent, UK

#completevisibility

Financial

Healthcare & Pharmaceutical

Federal, State, Local, Government

Industrial/Technology/Other

Our Customers

#completevisibility

Next Steps

Free Trial: setup in your own test environment

netwrix.com/freetrial

Test Drive: virtual POC, try in a Netwrix-hosted test lab

netwrix.com/testdrive

Live One-to-One Demo: product tour with Netwrix expert

netwrix.com/livedemo

Contact Sales to obtain more information

netwrix.com/contactsales

Webinars: join our upcoming webinars or watch the recorded sessions

netwrix.com/webinars

netwrix.com/webinars#featured

#completevisibility

Thank You for Your Attention!

Jeff Melnick

Manager of Sales Engineering

Jeff.Melnick@netwrix.com

888-638-9749 x 971

Danny Murphy

Pre-Sales Engineer

Danny.Murphy@netwrix.com

88-638-9749 x 2202

Questions?

#completevisibility

Prize Drawing

Haven’t won this time? Sign up for upcoming sessions: https://www.netwrix.com/webinars.html

Get Your GoPro

Hero4 Silver!