Download Vontu Protect v3 Overview

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
Document related concepts
no text concepts found
Transcript 
IAPP 2004
Insider Leakage Threatens Privacy
CONFIDENTIAL
2
Typical Customer Data Leakage Scenario
Number of Employees
50,000
Average Number of Outbound Emails per Day
1
Percentage of Outbound Emails Containing Customer NPI
2
0.03%
Average Number of Customer Records Per Incident
3
19
Number of Customer Records Leaked Per Year
1
2, 3
14
969,474
Ferris Research
Based on Vontu Risk Assessment Data
CONFIDENTIAL
3
Cost of Customer Data Breach
Potential Cost of Incident(s)
Number of Customers Affected by Incident(s)
Percentage of Notified Customers That May Leave
50,000
31%
1
Estimated Notification & Remediation Cost per Customer 2
$75
Customer Acquisition Cost
$500
Total Potential Loss
1
2
$11,500,000
2004 Ponemon Institute Customer Trust Study
Including incentives (e.g. free credit report), notification, PR and customer support costs
Plus potential embarrassment, damage to company’s
brand, regulatory fines, and civil lawsuits.
CONFIDENTIAL
4
Vontu Protect
Data Firewall software to accurately
identify, report and help prevent
confidential customer and company
information leakage.
CONFIDENTIAL
5
Define policies to enforce:
• Customer data and compliance
• Employee data
• Intellectual property
• Acceptable use
• Customize for the environment
CONFIDENTIAL
6
Monitor outbound flow of information
• Support email, web, FTP, and IM
• Monitoring does not impact network performance
• Multiple monitors for all exit points
CONFIDENTIAL
7
Example Customer Data Incident
CONFIDENTIAL
8
Executive Summary Report
Top Policy Violations
Incidents with most matches
Policy Trends for a Period
Incident Status
CONFIDENTIAL
9
Secure Data Profiles Drive Accuracy
Heuristics are limited to
approximate guesses.
SDPs drive exact matches.
False positives:
not Social
Security
numbers
False positive:
not customer
Social Security
number
Usernames,
passwords,
customer
names can
only be
detected
with SDP
Known
customer
record fields
CONFIDENTIAL
10
Fortune 25 Bank Case Study
• Goal
– Executive “mandate” to monitor for customer data loss (RFP)
– Regulatory requirements (PATRIOT Act, CA SB1386)
– Enforce other “acceptable use” policies
• Configuration
– Real-time scan of SMTP, HTTP, IM, and FTP for customer NPI
– Geographically distributed system
• Results
–
–
–
–
Amount of leakage dramatically decreased
Monitoring over 10GB of email and web mail traffic in U.S. per day
Global rollout to monitor to over 150k employees worldwide
NPI incident detection and response process in place
CONFIDENTIAL
11
Challenges and Opportunities
•
•
•
•
•
•
Balancing employee privacy vs. consumer privacy
Complexity of incident remediation for insider issues
Confusing regulatory environment
Classifying and identifying confidential information
Consistent policies across all channels, not just email
Slow adoption of encryption and DRM technologies
CONFIDENTIAL
12
Michael Wolfe
[email protected]
(415) 227-8107
Related documents
Competitive Analysis - Green Technology Asia Pte Ltd
Competitive Analysis - Green Technology Asia Pte Ltd
User Defined Tag 1 - DA Document Manager
User Defined Tag 1 - DA Document Manager
Databases at Risk - ESG - Enterprise Strategy Group
Databases at Risk - ESG - Enterprise Strategy Group
What is the Patient Safety Communication System? It is a system
What is the Patient Safety Communication System? It is a system
Customer Spend Profile
Customer Spend Profile
how protecting your customers` privacy builds your
how protecting your customers` privacy builds your
Sales and Marketing Executive Why you`ll be so
Sales and Marketing Executive Why you`ll be so
best practice clinical note taking
best practice clinical note taking
Marketing Mobile Money: Top 3 Challenges
Marketing Mobile Money: Top 3 Challenges
Humana Medical Risk Adjustment Presentation
Humana Medical Risk Adjustment Presentation
VERDEX – the first mobile Verified Data Extraction solution
VERDEX – the first mobile Verified Data Extraction solution
Corporate Marketing Plan Template
Corporate Marketing Plan Template