Unifying Data Protection —Across Endpoint, Network and Cloud Dave Bull | Director, Data Protection Solutions
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Unifying Data Protection—Across Endpoint, Network and Cloud
Dave Bull | Director, Data Protection Solutions
2
Elastic productivity is here to stay
3
New ChallengesHow do you address:
“Limited visibility”
“Increasing use of cloud applications”
“unauthorized access and oversharing?”
“Consistent management of policies on multiple
environments?”
“Compliance and data residency standards”
4
Drawing Boardroom Attention
68%of data breaches
required public disclosures1
5
Key Statistics
0Out of 27 cloud app providers
found to be responsible
researchedcloud vendors
for the security of your data
is the number of
53%Over 1000 security professionals
definitively tracked the distribution of
malware back to cloud applications
6
Primary Challenges
Regulatory Compliance and PrivacyDemonstrate ease of meeting compliance initiatives
Risk and Threat Prevention Lower the overall risk on and off network
Centralized Data GovernanceProtect data wherever it resides
7
Challenge: Lack of centralized data governance
Desired Outcome: Improved business
efficiency; consistent multi-environmentdata control
8
CASB
Encryption
DLP
WebPervasive
DataProtection
How does one obtain Centralized Data Governance?Leverage Several Intersecting Technologies
9
McAfee ePO
Centralized Data Governance
Verify API availability
Cover Endpoints, Networks, and Cloud Environments
Cloud API Connectors
Policy / Incident SyncDLP Endpoint
Endpoint
Network
DLP Prevent Email & Web Gateway
Data Repositories
DLP Monitor
DLP Discover
FirewallSwitch Internet
CloudePO CloudCloud Data Protection is one of several technologies that run on the ePO Cloud platform. Others include:
§ Cloud Visibility
§ Web Gateway Cloud Service
§ Cloud Threat Detection
10
Centralized Data GovernanceStart Connecting All Environments
Endpoint§ PCs§ Macs§ Mobile devices§ Removable media
Network§ File shares§ Databases§ Enforcement at
egress points (web & email gateways)
Web§ Visibility into Shadow IT§ Enforce cloud application
control§ SSL Decryption§ AntiMalware
Cloud§ Data stored in cloud-based
applications§ Discover and remediate data
in cloud storage§ Scan data uploaded to and
downloaded from the cloud
11
Challenge: Little visibility into risk and threat sources
Desired Outcome: Quickly identify risks and
respond to threats
12
Understanding Data Exfiltration
Who wants the data? How are thieves getting data out?
Where is data being taken from?
60%Electronic means
40%Physical means
2/3of breaches occur on traditional networks
1/3occur in cloud infrastructures
57%External actors
43%Internal actors
13
Increased Visibility Into Risky Events
§ Dashboards:§ Cloud Apps Used
§ Application Risk Scores
§ Endpoint Health Status
§ Where is my Sensitive Information?
§ Users sharing sensitive data
Prioritized risky events
Cloud-based single pane-of-glass across multiple environments.
14
~.05ms
URL Category
Maximum Prevention of Malware IntrusionsZero-day threat emulation leads the industry in real-time malware defense
Filter Known Bad (~80% detected)
Sandbox / Reverse-engineering (zero-day) (~0.5% detected)
Real-time Behavioral Emulation (zero-day)
(~19.5% detected)
McAfee Web Protection McAfee Advanced Threat Defense
AV
~8ms
Gateway Anti-Malware
~5ms
Input Quantity
Depth of Inspection
~.08ms
URL Rep.
Dynamic and Static Analysis
~90s
15
Real-time Feedback Alone: ~75% reduction in risky behavior
Coach and Monitor End-user BehaviorEducates employees; alleviate administrative burden; reduce risky behavior
Real-time Feedback
My manager approved this transmission
This content is not sensitive
Sorry, I didn’t know
Enter Justification
16
Challenge: Keeping up with regulatory compliance and enable privacy
Desired Outcome: Help meet compliance needs; pass audits with
ease, and filter when appropriate
17
Hard Drive Encryption Locks Down Lost DataSafe Harbor
Audit physical thefts to avoid fines and public disclosure requirementsDrive and Native Encryption
“FileVault” “McAfee Drive Encryption”
“BitLocker”
McAfee ePO
18
McAfee, Titus, Bolden James…
Classification and RemediationEnable employees; alleviate administrative burden
Manual Classification
Public
Confidential
Partner
Self Remediation
Scan DetailsScan Name: Local File SystemScan Date: 15-Jul-2016 18:04:53Files Scanned: 31Files Monitored: 31Files Quarantined: 2
19
Extend compliance to the cloud
§ Maintain consistent policy –wherever the data goes
§ Shared data classification and encryption keys proves you have equal protection
§ Use McAfee ePO and ePO Cloud for endpoint and cloud compliance reporting to simplify workflows
Avoid fines and gain confidence with common policy and reporting
20
Pervasive Data Protection
Regulatory Compliance and PrivacyDemonstrate aiding compliance initiatives
Risk and Threat Prevention Lower the overall risk on and off network
Centralized Data GovernanceProtect data wherever it resides
21
Centralized Data GovernanceStart Connecting All Environments
Endpoint§ PCs§ Macs§ Mobile devices§ Removable media
Network§ File shares§ Databases§ Enforcement at
egress points (web & email gateways)
Web§ Visibility into Shadow IT§ Enforce cloud application
control§ SSL Decryption§ AntiMalware
Cloud§ Data stored in cloud-based
applications§ Discover and remediate data
in cloud storage§ Scan data uploaded to and
downloaded from the cloud
22
Tailored Opportunitieswww.mcafee.com/PervasiveDataProtection
Need centralized data governance? Schedule a POC to see how the integrated PDP solution can help!
Must have risk and threat prevention?Sign up for Cloud Visibility; or try our Web Gateway Cloud Service.
Trying to improve regulatory initiatives? Ask about a regulatory compliance jumpstart service package.
23
It’s time for Q&A
To learn more about protecting your data from endpoint to cloud
VISIT: www.mcafee.com/PervasiveDataProtection
Dave Bull McAfee, Director, Data Protection Solutions@DaveBullsEye
Send in your questions now.
McAfee, the McAfee logo are trademarks or registered trademarks of McAfee LLC or its subsidiaries in the U.S. and/or other countries.Other names and brands may be claimed as the property of others. Copyright © 2017 McAfee LLC.
Related Documents
