data leakage prevention a pragmatic...
Post on 20-May-2020
5 Views
Preview:
TRANSCRIPT
1 1
Alexandre Diemer Council of Europe
www.coe.int
DATA LEAKAGE PREVENTION
A Pragmatic Approach
2
3 MAIN OBJECTIVES OF THIS PRESENTATION
1 WHAT TO PROTECT 2 WHY PROTECT 3 HOW TO PROTECT
3
WHAT TO PROTECT ?
1 DATA IN MOTION 2 DATA IN USE 3 DATA AT REST
4
DATA IN MOTION
DATA IN MOTION is data transmitted / moving in networks
5
DATA IN USE
DATA IN USE is data stored / handled on external devices
6
DATA AT REST
DATA IN REST is data stored in computer storages
7
WHY USING DATA LEAKAGE PREVENTION ?
Vast Data quantities Data Confidentiality Gaining visibility over
Data Repositories &
Rights
Trace & Chase Data Leakages
Facing Advanced Persistent Threats
8
PREREQUISITES
Data Classification Specialised Solutions
Demand it
Often Complex to
Deploy
Level of IT & Business Maturity
Large Budgets
9
DESPITE PREREQUISITES
10
DESPITE PREREQUISITES
DATA Classification is
a)Not in Place
b)Only Partially Deployed
11
SO WHAT ABOUT COMMERCIAL OFFERINGS?
12
Everybody has a plan until they get punched in the face !
Mike Tyson
13
PRAGMATIC PPROACH
No Data Classification = No Commercial Solution
Back to Basics or Finding a Balance between
user annoyance vs cost vs daily exploitation vs effectiveness
Switching from Silver Bullet to Multilayer Approach
• Technical
• Legal
• Organisational
14
TECHNICAL TIPS - DATA IN MOTION
Block services that can’t be secured. Rely on logs Content Tagging
Jump to Forensics
15
TECHNICAL TIPS - DATA IN USE
Use of endpoint logging for
Forensic investigation
EXTERNAL DEVICES
16
TECHNICAL TIPS - DATA IN USE
MDM
Forcing Mass storage Connection
Mode
SMART DEVICES
17
18
TECHNICAL TIPS - DATA IN USE
Extended use of Tracking
19
TECHNICAL TIPS - DATA IN USE
Security Information & Event
Management
20
TECHNICAL TIPS - DATA AT REST
Desktops/Databases: use Audit
Trails
Fileservers: Extended Tracking
Solution
(commercial)
21
NEVERTHELESS
We need to be lucky once …You need to be lucky every time
IRA to Margaret Thatcher after failed assassination attempt
22
OUTLOOK
Living with fact that breaches will
occur
23
OUTLOOK…
Living with fact that there will be
data leakage to some extent
24
OUTLOOK…
Targeting the right perimeter • Start small • Focus on specific data container
• Secure Sensitive Items
• Track user activity rather then unstructured data
25
OUTLOOK…
Focus on VIPs / Nomadic staff • Risk of device theft > data breach
• Disk/Device Encryption on nomadic devices
26
OUTLOOK…
Tracking Approach
Rather than
Blocking Approach
27
OUTLOOK…
Rely on Good Crisis & Incident Mgt • Technically with Advanced Forensics
• Communication Measures (Be prepared)
• Legal framework
28
top related