defcamp 2013 - drm to pown nsa in few easy steps

DRM to p0wn NSA in a few easy steps Dan Gheorghe, Software Engineer

docTrackr.com

ARE YOU IN CONTROL OF YOUR DATA?

Today’s Trend/Reality in the Cloud

Users Usage

Email

Download Documents

SYNC WITH OTHER SYSTEMS

DLP – an answer ?

CATEGORIES OF DLP •  NETWORK AKA DATA IN MOTION •  STORAGE AKA DATA AT REST •  ENDPOINT AKA DATA IN USE

… NOT REALLY

1.  IT’S CUMBERSOME FOR END USERS

2. NOT DESIGNED FOR COLABORATION

3. COMPLEX ENTREPRISE-WIDE DEPLOYMENT

4. NOT 100% RELIABLE (FALSE POSITIVES)

DLP IS TRANSMISSION CONTROL

NOT DESIGNED TO ALLOW SECURED DATA SHARING AND COLLABORATION WHILE PREVENTING DOCUMENT LEAKAGE

WHAT HAPPENS BEYOND ENTREPRISE BOUNDARIES?

Passwords ?

•  Password security which uses RC4 128bit encryption or 128-bit AES Adobe 8 Generation technology

•  Public Key Infrastructure (PKI) encryption

WE NEED A NEW APPROACH

“How can we assure that only authorized people read classified data?”

“How can we assure the recipients do not share unauthorized data ”

“How can we guarantee that data is not manipulated, unintentionally or fraudulently?”

DATA CENTRIC PROTECTION

If we cannot protect the data, why not let the data protect

itself?

Information Rights Management

Security Control

as a Service

Information Rights Management

1/ You create your document

as usual"

2/ Send it through a protection engine"

3/ The server monitors who can access the file and how."

And in 3 clicks you’ve got a doc ready to share securely!"

How does it work?

Once your recipient gets it"

Adobe PDF Reader"

Microsoft Office"

Once your recipient gets it"

He opens it with his or her

usual tools"

Adobe PDF Reader"

Microsoft Office"

1/ Checks if it’s the right version"

Adobe PDF Reader"

Microsoft Office"

1/ Checks if it’s the right version"

2/ If the recipient has permission"

Adobe PDF Reader"

Microsoft Office"

1/ Checks if it’s the right version"

2/ If the recipient has permission"

3/ And if yes, what he can do."

‣ Revocation ‣ Cut/Paste ‣ Edit ‣ Print ‣ ..."

Adobe PDF Reader"

Microsoft Office"

1/ Checks if it’s the right version"

2/ If the recipient has permission"

3/ And if yes, what he can do."

‣ Revocation ‣ Cut/Paste ‣ Edit ‣ Print ‣ ..."

Adobe PDF Reader"

Microsoft Office"

1/ Checks if it’s the right version"

2/ If the recipient has permission"

3/ And if yes, what he can do."

‣ Revocation ‣ Cut/Paste ‣ Edit ‣ Print ‣ ..."

docTrackr A new approach to IRM

No install Bridge on-premise

privacy & cloud needs

Security Adobe & Microsoft based encryption

Automatic Mirroring"

of changes

Analytics Extended audit trail

& files statistics

docTrackr

+"

docTrackr for Gmail

Secure your document attachments on the fly

http://bit.ly/1bJceQp

dan@doctrackr.com