1
Secure File Sharing Using Norton Zone powered by Symantec
Walter Bogorad, Lead Architect
Aman Manik, Principal Product Manager
Secure File Sharing Using Norton Zone powered by Symantec
SYMANTEC VISION 2014
Agenda
• Norton Zone powered by Symantec
• Secure Access and Sharing Policies
• Mobile Security
• Encryption and Key Management
• Q & A
2 Secure File Sharing Using Norton Zone powered by Symantec
SYMANTEC VISION 2014 3
The explosive growth of mobility,
consumerization, and BYOD has
transformed the IT world like few trends
have before.
T. McClure Enterprise Strategy Group (ESG)
Secure File Sharing Using Norton Zone powered by Symantec
SYMANTEC VISION 2014
Growth driven by rapid employee adoption
• Employees are solving for themselves
• Creates a difficult situation for IT
• IT needs to maintain control and security of information assets
4 Secure File Sharing Using Norton Zone powered by Symantec
SYMANTEC VISION 2014
What is EFSS?
• Enterprise file sync and share
• Largely consumer beginnings
• Enables sharing files for collaboration, synching across devices
• Addresses limitations of sharing via e-mail and FTP
• Offered in public cloud, hybrid and private on premise models
5 Secure File Sharing Using Norton Zone powered by Symantec
SYMANTEC VISION 2014 6
Norton Zone is the first public cloud sync
and share service with advanced
encryption and key management.
M. Fleming, C. Kolodgy, C. Gopal IDC
Secure File Sharing Using Norton Zone powered by Symantec
SYMANTEC VISION 2014 7
Norton Zone is a secure file sharing solution for anytime, anywhere access
• 100% SaaS offering
• Unlimited storage
• Strong security
• Convenient control interface for IT
• Sync across multiple platforms
• Ideal for easily sharing files with anyone
Secure File Sharing Using Norton Zone powered by Symantec 7
SYMANTEC VISION 2014 8
• Protecting 135+ million consumers via Norton brand
• Protecting 100% of the Fortune 500
• Threat modeling
• Penetration testing
• Security auditing from multiple experts
• SOC1 and ISO 27001 certified
Symantec focuses on file safety and security first
25+ years of experience in securing the world’s data
• SYMC runs its own data center for security
• Files encrypted using patented key encryption
• Files are scanned for malware and viruses before being shared
Norton Zone is built and managed by Symantec experts who understand IT needs
Employs Industry leading security testing
Secure File Sharing Using Norton Zone powered by Symantec
SYMANTEC VISION 2014 Secure File Sharing Using Norton Zone powered by Symantec 9
Secure Access and Sharing Policies
SYMANTEC VISION 2014
Norton Zone enables single sign on using industry standard SAML 2.0
• Ability to authenticate and import user details
• Automated user provisioning and de-provisioning
• Enterprise 2-factor authentication options
Secure File Sharing Using Norton Zone powered by Symantec 10
2FA Provider
OTP App
SYMANTEC VISION 2014 Secure File Sharing Using Norton Zone powered by Symantec 11
Norton Zone Security and Sharing Policies
• Restrict Sharing Links
• Restrict Sharing By Domain
• Restrict Sharing to Business Users
Collaboration
• Set Inactivity Timeout
• Disable Desktop Sync
Security
• Specify Mobile Access
• Enable Offline Viewing
• Disable Desktop Sync
• Restrict Sharing` Links
Individual
SYMANTEC VISION 2014 Secure File Sharing Using Norton Zone powered by Symantec 12
Mobile Security
SYMANTEC VISION 2014
Mobile Security
13
Centralized SSO Data Encryption Data Containment
Directory authentication
Encryption of offline data Open-in controls, copy/paste, share controls,
etc.
Zone manages these security elements through
Mobile Policies Device Management App Wrapping
Secure File Sharing Using Norton Zone powered by Symantec
SYMANTEC VISION 2014 Secure File Sharing Using Norton Zone powered by Symantec 14
Norton Zone Mobile Policies
• Require Additional Passcode
• Restrict Access By Platform
• Prevent Offline Viewing
SYMANTEC VISION 2014 Secure File Sharing Using Norton Zone powered by Symantec 15
Norton Zone Device Management
• View All Devices Linked to a User
• Remotely Unlink
• Remotely Wipe Local Content
SYMANTEC VISION 2014
Norton Zone and Symantec App Center
• Separate Wrapped Zone Apps managed through Symantec App Center
• Encryption (FIPS) at rest on mobile device
• Disable iOS7 features
• Apply mobile specific policies
Secure File Sharing Using Norton Zone powered by Symantec 16
Symantec App Center
Policies
SYMANTEC VISION 2014 Secure File Sharing Using Norton Zone powered by Symantec 17
Encryption and Key Management
SYMANTEC VISION 2014
Data susceptibility to breach
18
Data at Rest Data in Transit
Duration Long (days) Short (ms)
Persistent Volatile
Deterministic (file system)
Non-Deterministic (server farm VM)
Medium
Breach Susceptibility More Less
Location
Secure File Sharing Using Norton Zone powered by Symantec
SYMANTEC VISION 2014
Encryption approaches
19
Server Side Client Side
Implementation and management effort
Low High
High Low
Provider Client
Ability to include add-on services
Privacy Provider can
access data at will Complete
Confidentiality
Key location
Secure File Sharing Using Norton Zone powered by Symantec
SYMANTEC VISION 2014
Client side encryption constraints
Popular sentiment among bloggers
BUT
Client side encryption has significant constraints
20
“Trust No One”
Enterprises need:
• DLP
• e-Discovery
• off-boarding, etc.
Value Add-Ons:
• Search
• Thumbnail Generation
• Antivirus Scan
Trust Required to
Install Client Anyway
Secure File Sharing Using Norton Zone powered by Symantec
SYMANTEC VISION 2014
Introducing Symantec Multiblind™ Key Encryption (MBKE)
Secure File Sharing Using Norton Zone powered by Symantec 21
Client side encryption
• Data Confidentiality At Rest
• Provider cannot access customer data at will
Server side encryption
• Easy File Sharing
• Support for Add-ons
• DLP
• eDiscovery
• Anti-virus
MBKE
Drawing benefits from both approaches
SYMANTEC VISION 2014
Encryption Primer
Symmetric Asymmetric
Secure File Sharing Using Norton Zone powered by Symantec
SYMANTEC VISION 2014
MBKE in action: User uploads file
User A Record
Encrypted Private Key
User A File Record
Public Key
File Key
Public Key
SYMANTEC VISION 2014
MBKE in action: User A Shares File with User B
User A Record
Encrypted Private Key
User B Record
Encrypted Private Key
File Record for A
User A
User B
File Record for B
Public Key
Public Key
SYMANTEC VISION 2014
MBKE integration with Symantec Encryption Management Server (SEMS)
User A Record
Encrypted Private Key
File Record
User A
SEMS
Public Key
SYMANTEC VISION 2014
Future of encryption and key management
Secure File Sharing Using Norton Zone powered by Symantec 26
• Currently on Mobile devices
• Extend to desktops
• Provide DRM capabilities
Encryption on end points
Encryption outside public clouds
• Provider cannot see neither key no content
• Encryption either on-prem or in private cloud
• Patent pending
SYMANTEC VISION 2014
Key Takeaways
• File sharing is increasingly becoming an enterprise requirement
• Success requires addressing end user desires but also corporate operational and information security needs
• Norton Zone is robust and easy-to-use secure file sharing with:
Secure File Sharing Using Norton Zone powered by Symantec 27
– Security minded design
– A patented encryption approach
– Highly rated end user apps
– Easy Administration
– Secure authentication
– Mobile security
– Symantec owned datacenters
Thank you!
28
YOUR FEEDBACK IS VALUABLE TO US!
Please take a few minutes to fill out the short session survey available on the mobile app—the survey will be available shortly after the session ends. Watch for and complete the more extensive post-event survey that will arrive via email a few days after the conference.
To download the app, go to https://vision2014.quickmobile.com or search for Vision 2014 in the iTunes or Android stores.
Thank you!
Copyright © 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
Secure File Sharing Using Norton Zone powered by Symantec 29
Walter Bogorad Aman Manik
[email protected] [email protected]
(925) 963-9551 (650) 336-4551
Top Related