NTXISSACSC3 - Security at the Point of Storage by Todd Barton
-
Upload
north-texas-chapter-of-the-issa -
Category
Presentations & Public Speaking
-
view
89 -
download
1
Transcript of NTXISSACSC3 - Security at the Point of Storage by Todd Barton
![Page 1: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/1.jpg)
@NTXISSA #NTXISSACSC3
Security at the Point of Storage
Todd Barton
Director of Solution Architects
DataGravity
October 3, 2015
![Page 2: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/2.jpg)
@NTXISSA #NTXISSACSC3
Are you Data Aware? 3 Questions to ask
2
1. What do you know about your data?
2.Do you have sensitive information that requires compliance?
1. How does your current storage help you understand your data?
![Page 3: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/3.jpg)
@NTXISSA #NTXISSACSC3 3
Today’s Challenge: More Data, More Problems
Your problem isn’t your
storage, it’s your data.
![Page 4: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/4.jpg)
@NTXISSA #NTXISSACSC3
Where’s My Data?
4
![Page 5: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/5.jpg)
@NTXISSA #NTXISSACSC3
What’s In My Data?
5
![Page 6: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/6.jpg)
@NTXISSA #NTXISSACSC3NTX ISSA Cyber Security Conference – October 2-3, 2015 6
“We need to rethink the way data is managed”
Major trends in the market
• Incredible human generated data growth with no insight
• Increased flow of data in and out of corporations - High cost of securing
data
• The cloud is not universally adopted – People rethinking security of public
clouds
• Collapsing silos across primary, back-up and archive data – Lots of profit
in disaggregation
• Market demand for more intelligence from Infrastructure (Alerting,
Tracking, Autonomic) “Business Leverage”
![Page 7: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/7.jpg)
@NTXISSA #NTXISSACSC3
Every Organization Stores Sensitive Data
What are your “crown jewels”
• Employee data
• Customer data
• Proprietary information
• Trade secrets
What are the consequences?
Where are you at risk?
![Page 8: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/8.jpg)
@NTXISSA #NTXISSACSC3
Data Loss Is Inevitable
8
From Inside And OutAll Companies Face It
?
![Page 9: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/9.jpg)
@NTXISSA #NTXISSACSC3 9
It Can and Will Happen to You
ALL companies are vulnerable
Percentage of Data
Breaches by Industry
Sector (2005-2014)
![Page 10: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/10.jpg)
@NTXISSA #NTXISSACSC3 10
What Are the Consequences to Your Business?
• Failed Audits and Fines
• Expensive and Difficult Analysis
• Costly Efforts to Report and Notify
• Disruption and Lost Productivity
• Tarnished Brand and Reputation
• Lost Revenues and Lawsuits
• Competitiveness, Profits,
Jobs and Corporate Viability
![Page 11: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/11.jpg)
@NTXISSA #NTXISSACSC3 11
Most Organizations Do Not Fully Understand Their Risks
WHAT data do you have?
WHERE is it?
WHO has access to it?
WHEN did they access it?
WHY are they accessing it?
Knowing what’s in your data &
how it is being used are essential
to assessing your risks
![Page 12: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/12.jpg)
@NTXISSA #NTXISSACSC3 12
Understanding Risk
Risk Ignorance
“Never in all history have we harnessed such formidable technology. Every scientific advancement known to man has been incorporated into its design. The operational controls are sound and foolproof!”
E.J. Smith, Captain of the Titanic
Vision Needs to
Extend Beyond What
You Can See
Risk Awareness
![Page 13: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/13.jpg)
@NTXISSA #NTXISSACSC3 13
Data Compliance is Resource Intensive
Policies
Training
Assessments
Monitoring
Remediation
Reporting
Two essential tenets
1
2
Find, protect and secure sensitive information and systemsensure information is available to the people who should have it, and protected from the people who should not
Provide audit/activity/forensics capabilities
![Page 14: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/14.jpg)
@NTXISSA #NTXISSACSC3 14
Security begins at the point of storage
FIREWALL
APPLICATION
SERVER
NETWORK
DATA
STORAGE All infrastructure layers must be fortified
Authenticated access and firewalls are not enough
![Page 15: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/15.jpg)
@NTXISSA #NTXISSACSC3
Best Way To Preempt Data Loss
15
Become Data Aware
![Page 16: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/16.jpg)
@NTXISSA #NTXISSACSC3
Traditional Approach: Complex Software
16
• $$$$$$$$$$$$$$$• Delayed Discovery• Requires Dedicated
Resources• Storage & Network
Performance impact
A la carte
Can span across multiple storage systems
![Page 17: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/17.jpg)
@NTXISSA #NTXISSACSC3
Modern Approach: Data-Aware Storage
17
Near real-time analytics
Can coexist with
existing storage
No impact on network
performance
Plug and play simplicity
Low cost of ownership
No dedicated resources
required
Is a primary storage array
![Page 18: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/18.jpg)
18
![Page 19: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/19.jpg)
@NTXISSA #NTXISSACSC3
DataGravity – The First Data-Aware Storage
State-of-the-art primary storage
Instant recovery and zero-impact
protection
Integrated discovery and
search
Enhanced data governance
Fully integrated platform - Consolidated management - No impact to production
• Content extraction from over 400
file types
• Unstructured data correlation
across people, time, activities
and content
• Search, navigate & discover
• Real-time, file-level,
user activity tracking,
even within VMs
• User access profiles
• Sensitive content and content
access identification
• File-level restores, even inside
VMs
• End user self-service discovery
and recovery
• Dynamic protection policies and
storage allocation
• Unified, flash-optimized, hybrid architecture
• All-inclusive software
• Inline storage optimization
![Page 20: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/20.jpg)
@NTXISSA #NTXISSACSC3 20
How do you address the following….
Report on sensitive data found in share or VM – Who has had access?
Employee is leaving, need an audit trail and user forensics for what (s)he has seen
Any anomalous behavior (Mass deletions, copies, uploads)?
Recover from CryptoLocker attack
Define new content tags and intelligence profiles
Subscribe to content alerts
![Page 21: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/21.jpg)
@NTXISSA #NTXISSACSC3 21
Apply Security Profiles to Sensitive Data
![Page 22: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/22.jpg)
@NTXISSA #NTXISSACSC3 22
Who is
consuming the
most space?
Who are the
most active
users on the
array?
Is there
dormant data I
can move off
primary storage
or defensibly
delete?
How many really
large files are we
storing?
Do we have any
sensitive
information on the
file shares?
What type of data
are we storing?
How many videos
or audio files?
Has it changed
over time?
“Data About the Data” is Key to Security
![Page 23: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/23.jpg)
@NTXISSA #NTXISSACSC3 23
File Forensics – Determine Risk Exposure
![Page 24: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/24.jpg)
@NTXISSA #NTXISSACSC3 24
Track and Audit User Activity
![Page 25: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/25.jpg)
@NTXISSA #NTXISSACSC3
Recovery from Ransomware
25
![Page 26: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/26.jpg)
@NTXISSA #NTXISSACSC3
Our Customers Are Data-Aware
26
Government agency
found 600 files with
exposed PII
Compliance & Security
Risk
ManagementStorage
Efficiency
Disgruntled employee
copied files to Dropbox
before leaving
Government employee
stored Lego movies
on file share
Manufacturer
recovered from
CryptoLocker
without paying fine
Admin inadvertently
copied exec credit card
# into public share
Students stored
personal MP3s on
school servers
![Page 27: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/27.jpg)
@NTXISSA #NTXISSACSC3 27
Data-Aware Storage Is Simple and Effective
![Page 28: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/28.jpg)
@NTXISSA #NTXISSACSC328
![Page 29: NTXISSACSC3 - Security at the Point of Storage by Todd Barton](https://reader031.fdocuments.net/reader031/viewer/2022030310/58f0db511a28ab9d6c8b4693/html5/thumbnails/29.jpg)
@NTXISSA #NTXISSACSC3@NTXISSA #NTXISSACSC3
Thank you
The Collin College Engineering Department
Collin College Student Chapter of the North Texas ISSA
North Texas ISSA (Information Systems Security Association)
NTX ISSA Cyber Security Conference – October 2-3, 2015 29