Welcometo

SOPHOS DATA LEAKAGE PREVENTION AND

DATA PROTECTION SEMINAR

28 JAN 2010HOTEL EQUATORIAL KL

Thank you

SC Systems Sdn Bhd

http://www.scsystems.com.my/

http://www.youtube.com/watch?v=bySYNTXtb6U

http://www.facebook.com

https://twitter.com/scsystems

The Team

SC Systems Sdn Bhd

Charles Kong Kevin Ho Caren Lee

Carol Chai Mohd Fedli

Eugene TEH Johnny Yeo

MF Che

SC Systems Sdn Bhd Team

Sophos Malaysia Team

Invited Guest SpeakerMr Ogie Tabor

Sophos Philippines

Our Support and Blogs

SC Systems Sdn Bhd

Phone Support +603-9200 6220 (Normal Office Hour)+603-80767467 (03-80SOPHOS) 24 x 7

support@scsystems.com.my supportasia@sophos.com

support@scsystems.com.my

Normal Office Hour – 2 to 4 hours respond

Normal Office Hour – Immediately *

www.sophos.com/support Sophos Products Knowledgebase- 24 x 7

http://scsys.blogspot.com/

http://www.sophos.com/blogs/gc/

http://www.sophos.com/blogs/duck/

Sophos Malaysia

Mr Che Mun Foong

14

Data Leakage Prevention

Charles Kong S. C.charles@scsystems.com.my

15

What isData Leakage Prevention (DLP)?

Lost Data = Big Problems

16

How is this data exposed?

17

Loss of devices

Leakage via email and web

Leakage via USB

* Data is representative and uses an IDC data point on the split between accidental and deliberate data loss.

Email represents the single greatest potential liability for data loss

Headlines To Be Avoided

NUS Data leakage – 1st April 2009

NUS accidentally leaks personal data of some 15,700 alumni

members

Consequences of personal data falling into the wrong hands

What can organisation do to prevent accidental data leakage?

Source : http://www.zaobao.com.sg/sp/sp090416_501.shtml

NUS Dataleak recommendation

CitiBank Staff Fine !

Hong Kong : Police confidential Data Leak

26th May 2008, police confidential and classified documents

discovered by Foxy King

The documents include information on three undercover police

officers who have bought illegal substances in a dubious Mong

Kok disco and cars used by people suspected of thefts from

motor vehicles in Wong Tai Sin

Source : HKCERTSource : HKCERT

Headlines are the tip of the iceberg

27

Brand damage

Loss of customers

Incremental internal costs

Direct costs of intellectual property loss

Today’s ChallengesRise of stolen/lost Confidential Information

???? Notebook

Lost or stolen weekly at the eight largest airports in EMEA

???? Notebooks

Lost or stolen weekly in US airports (estimated)

July 2008www.vnunet.com/vnunet/news/2223012/eu-travellers-losing-laptops-airports

Today’s Challenges2. Rise of stolen/lost Confidential Information

3.300 Notebook

Lost or stolen weekly at the eight largest airports in EMEA

12.000 Notebooks

Lost or stolen weekly in US airports (estimated)

July 2008www.vnunet.com/vnunet/news/2223012/eu-travellers-losing-laptops-airports

5000 notebooks forgotten in London

Taxis during a 6 months period www.theregister.co.uk/2005/01/25/taxi_survey

Lost laptop orother device

35%

2. Rise of stolen/lost Confidential Information

70% of all company data are stored redundant on Endpoints

(notebooks, desktops, USB Memory sticks), not only on

serversPonemon Institute, U.S. Survey: Confidential Data at Risk, August 2007

Cost of data break will increase 20% per year through 2009Gartner Symposium/ ITxpo , Oct. 2007

Top - reason for Data Breaches in EnterprisesPonemon Institute, 2007 , Anual Study: Costs of Security Breaches

In Asia….

32

Data Leakage Prevention And Regulatory Compliance

Compliance – worldwide explosion

33

Regulation Country Topic

HIPAA Health Insurance Portability and Accountability Act

USA Protection of patients data

GLBA Gramm-Leach-Bliley Act USA Protection of personal financial data

SB 1386 California Senate Bill 1386

CA, USA Protection of personal data

of residents in the state of California

PIPEDAPersonal Information Protection and Electronic Documents Act

Canada Protection of personal data

in business relations

PIPLPersonal Information Protection Law

Japan Comparable to German data protection act

BDSG Bundesdatenschutzgesetz Germany Protection of personal data

DPA Data Protection Act UK Protection of personal data

95/46/EC European Union Directive

Europe European data protection directive

SOX (Euro SOX)Sarbanes-Oxley Act

USA(worldwide)

Increased liability of companies concerning the

presentation of business development

Basel II Europe Policies to control and mitigate operational risk. Optimization of risk management as necessary

34

Finding Data Leaks

Eg;Customer presentation, competitive information

36

Encryption keys lost or stolen

Lost or stolendata on mobile devices

Data theft via removablemedia

Unauthorizedinternal serveraccess

E-mailinterception

Insecure outsourcing

Today’s Challenges

Intellectual Property

39

How Sophos addresses Data Loss Protection

Real integration with unified console, engine and agent

Anti-Virus

Application Control

Behavior (HIPS)

Anti-Spyware

Firewall

PUAs

GenotypeNAC LIGHT

Device Control

Wireless Block

Anti-Rootkit

Endpoint

Security and

Control 9

Data Leakage

Prevention

Real integration with unified console, engine and agent

Anti-Virus

Application Control

Behavior (HIPS)

Anti-Spyware

Firewall

PUAs

GenotypeNAC LIGHT

Device Control

Wireless Block

Anti-RootkitEndpoint

Security and

Control 9.5

Data Leakage

Prevention

Encyrption

42

Data Leakage Prevention- How Sophos Protects You!

So how does it all actually work ?

58

Best explained with a typical “use case”

An example = Bill in HR and his laptop

59

At 4:30pm Bill‘s boss asks him to get some budget figures together

about staffing levels and wages for next year. Bill‘s boss needs it

10am Monday morning for a meeting

Bill‘s bus leaves at 5:10pm and he doesn‘t like taking his laptop on

the bus......so he exports the raw staff data from the ERP sytem and

dumps it to a spreadsheet on his hard drive.

Bill‘s plan is to copy the file to his usb sitck and

leave a bit early (he‘s going to be working all

weekend anyway......)

An example = Bill in HR and his laptop

60

So he plugs in his trusty US key and tries to save the spreadsheet to

his E:

He get‘s a nice pop up messages from SESC9 explaining that the file

trasfer has been blocked. Bill shouldn‘t be doing this (a customisable

message)

An example = Bill in HR and his laptop

61

So he opens explorer and tries copying the file to E:

An example = Bill in HR and his laptop

62

Next he tries to burn to a CD....

An example = Bill in HR and his laptop

63

..... I know !!

An example = Bill in HR and his laptop

64

So he tries to email it to home, via the corporate Outlook email

client....

An example = Bill in HR and his laptop

65

So he tries his Gmail account .....

It’s 4:50... Bill is getting desperate. His bus leave in 20 minutes

66

An example = Bill in HR and his laptop

67

So he tries one last option. Bill zips and encypts the file and

password protects it. And then he tries copying that to his USB

stick....

Potential CNN Moment Averted !!!

68

At 4:55pm Bill realises that he needs to pack up his laptop and take it

with him.

What about encryption ?

You might think that Bill would have been OK to

encrypt the file and take it home.

Bill’s I.T. Department would disagree. While it’s

true that a properly encrypted file, provides

protection for the data transit, what happens when

he unzips it on his home PC ?

Does the I.T. Department control the state of Bill’s

home PC ?

Can they be sure it has up to date AV and is not

compromised by hackers ?

69

71

Demo

SOPHOS Endpoint Security and Data Protection

77

Terms and Conditions apply-excluded migration services-Promo valid until 01 MARCH 2010

Pls acknowledge.

Anti-Virus

Application Control

Behavior (HIPS)

Anti-Spyware

Firewall

PUAs

GenotypeNAC LIGHT

Device Control

Wireless Block

Anti-Rootkit

Endpoint

Security and

Control 9

Data Leakage Prevention

Validity 01 March 2010

No of Devices 12 + 3 months software Support and subscription10-24 RM 21625-49 RM 19450-99 RM 174

100-249 RM 157  250-499   RM 138

500 and above RM 118

78

Free Media Kit (worth RM 250), Free Home Use, Extra 3 months Free software support.

FREE 3 months Software Support and subscription

CNY Services Promo

Version Upgrade Onsite Services (within Klang Valley)

RM 1800 RM 1288 *

Onsite Maintenance (within Klang Valley)

RM 8000 RM 6688 ^ (500 devices and below)

RM 12500 RM 9988 ^ (501 – 999 devices)

Validity by 01 March 2010

79

(*) Upgrade from Ver 8 Management server only(^) total 50 support hours within 1 year. Includes preventive maintenance, version onsite upgrade, hands-on training,Documentation, infection alert, remote monitoring (if applicable), priority support.

80

Thank you

Charles Kong S. C.charles@scsystems.com.my