View
11
Download
0
Category
Preview:
Citation preview
#completevisibility
Mitigating the risk of security breaches and minimizing compliance costsin the Enterprise
Speakers
Jeff MelnickManager, Sales EngineeringJeff.Melnick@netwrix.com888-638-9749 x 971
Danny MurphyPre-Sales EngineerDanny.Murphy@netwrix.com88-638-9749 x 2202
#completevisibility
Housekeeping
All microphones will be mutedfor the duration of the webinar
To submit text questions use the Question Pane
All questions, comments or opinions are greatly appreciated
The Question Pane
#completevisibility
Agenda
Security Breaches in the Enterprise
Compliance Standards and Regulations
Top Pain Points for the Enterprise
Case Study
Demonstration
Budget calculation and ROI
About Netwrix Corporation
Questions and Answers
Prize Drawing
#completevisibility
Security Incidents in the Enterprise
44% more incidents in 2014
A rich trove of information is under the risk – including: trade strategy documents, intellectual property, large volumes of consumer data and more.
#completevisibility
Financial losses
PWC Global State of Information Security Survey 2015:The annual estimated reported average financial loss for 2014 - $2.7 million – a
jump of 34% over 2013
Verizon Data Breach Investigations Report 2015:$400 million the estimated financial loss from 700 million compromised
records
Center for Strategic and International Studies:Estimated that the annual cost of cybercrime to the global economy ranges from
$375 billion to as much as $575 billion
World Bank, World Development Indicators Database:loss of trade secrets may range from $749 billion to as high as $2.2 trillion annually.
#completevisibility
Typical sources of security breaches
Insider Threats Internal employees Current and former service providers Consultants Contractors
Insider Threats are more costly and damaging
The Top Offenders of Insider Crimes
Source: http://www.pwccn.com/webmedia/doc/635527689739110925_rcs_info_security_2015.pdf
18% current service providers/
consultants/contractors
15% former service providers/
consultants/contractors
35% current employees
30% former employees
13% suppliers/business partners
11% customers
#completevisibility
Typical sources of security breaches
24
24
18
16
16
14
10
9
7
6
0 5 10 15 20 25 30
Hackers
Competitors
Unknown
Activists
Information brokers
Organized crime
Terrorists
Foreign organizations
Foreign nation-states
Domestic intelligence service
OUTSIDE SOURCES OF SECURITY BREACHES, 2013-2014, %
Source: http://www.pwccn.com/webmedia/doc/635527689739110925_rcs_info_security_2015.pdf
#completevisibility
Compliance Standards and Regulations
Best Practices, Standards and Regulations
ISO 27001, COBIT, NIST
PCI, HIPAA, SOX, FISMA, FFIEC/GLBA
Commonalities
Availability, Integrity, Security, Accountability
Policies, Implementation, Validation, Reporting
#completevisibility
Non-Compliance Consequences
ComplianceStandard
Financial and Non-Financial Consequences
PCIHome Depot - $43 millionTarget - $1 billion
HIPAANY and Presbyterian Hospital and Columbia University - $4.8 million
Cignet Health Center - $4.3 million
SOX
American International Group (AIG) - $800 millionWorldCom, Inc. – $750 million
#completevisibility
Budget
Enterprise: 5% increase in security spending for 2014
Overall, 3,8% of IT budget spent on information security
Source: http://www.pwccn.com/webmedia/doc/635527689739110925_rcs_info_security_2015.pdf
INFORMATION SECURITYBUDGET IN THE ENTERPRISE
$ BILLION
2013 2014
10,310,8
#completevisibility
Spending Priorities
Privileged user access
Account provisioning/deprovisioning
Role based access controls
Tools to discover unauthorized access
Data loss prevention tools
Tools to discover unauthorized access
Unauthorized use or access monitoring tools
Source: http://www.pwccn.com/webmedia/doc/635527689739110925_rcs_info_security_2015.pdf
#completevisibility
Top Pain Points for the Enterprise
Collect, consolidate, process of the audit data and manage changes overall
Provide monitoring of data and configurations integrity
Able to provision systems’ accounts and related privileges
Manage privileged accounts
Control access permissions
Audit changes to and configurations of the informational systems
Manage credential information
Able to perform data governance
SECURITY
#completevisibility
Top Pain Points for the Enterprise
Need a reliable tool to enact continuous compliance once implemented, while also improving and simplifying internal audit processes
Able to audit all the information, without a random sampling
Provide the direct access to the audit team rather than relying on the information provided
Automate the process of reports creation
Provide centralized and long-term data storage for comparison and recovery
COMPLIANCE
#completevisibility
Top Pain Points for the Enterprise
Ensure business continuity
Simplify the process of reports creation
Delegate access to audit data
Reduce time to investigate, find and fix changes
Response to arising problems faster
OPERATIONS
Netwrix Auditor
What We Do?
enables #completevisibility into both security configuration
and data access within your IT infrastructure
by providing actionable audit data
about who changed what, when and whereand who has access to what across
your IT infrastructure.
What We Do?
#completevisibility
Case Study
Enterprise Inns
Industry: Retail
Application:Active Directory, Microsoft Exchange, File Server, SQL Server
For us being secured means knowing what is going on. We can always refer to Netwrix Auditor to ensure that our networks are in a safe state.
- Tej Singh, Senior Systems Analyst, Enterprise Inns
#completevisibility
Case Study
Challenge: Lack of Visibility over Virtualized Data
Native logs would not provide us with necessary level of detail about what is happening across our network. So we were recommended to improve the visibility into the IT infrastructure with a change auditing solution.
- Tej Singh, Senior Systems Analyst, Enterprise Inns
#completevisibility
Solution: Non-Intrusive Auditing for Network Security
The main concern for Enterprise Inns has been a lack of visibility over amendments users made to files and folders, permissions, distribution and security groups.
Netwrix Auditor improves the security and helps us get complete visibility over the network easily. By running reports on specific changes we can detect and respond to odd modifications on the go.
- Tej Singh, Senior Systems Analyst, Enterprise Inns
Case Study
#completevisibility
Demonstration: Complete Visibility Into Changes With…
Netwrix Auditor
#completevisibility
Budget Calculation
I. Personnel costs: current change reporting issues and report preparation
Manual Process
NetwrixAuditor
Average monthly AD changes investigated manually 30 30
Average time ( hours) to investigate, find and fix each relevant change
7 0.25
Average time each month time (in hours) to investigate, find and fix relevant changes
210 7.5
Average time each month ( hours) to manually prepare reports for the auditors
12 0.5
Average time each month (hours) to manually restore AD Objects
8 0.05
Monthly average time (hours) to find and fix changes, restore objects and prepare reports
230 8.05
#completevisibility
Manual Process
NetwrixAuditor
Average annual salary + benefits cost for AD support personnel $65,000 $65,000
Average number of work days per year (49 weeks x 5 days/week) 245 245
Average hours worked per day 8 8
Average number of hours worked per year 1,960 1,960
Average hourly wage of a support person $33 $33
Average Monthly Cost to fix relevant current changes $7,628 $267
Average annual personnel cost to find/fix changes, restore objects and prepare reports $91,531 $3,204
Budget Calculation
#completevisibility
One Year ROI
II. First Year Net Savings Using Netwrix Auditor for AD
First Year License Cost $20,000
First year Support and Maintenance costs $4,000
Total Netwrix Product First Year Costs $24,000
Personnel costs for dealing with AD issues using Netwrix Auditor for AD $3,204
Total Cost Netwrix Auditor for AD and Personnel Time to use it $27,204
Cost personnel time manually dealing with AD issues $91,531
First Year Net Savings Using Netwrix Auditor for AD $64,327
One Year ROI Using Netwrix Auditor for AD 236 %
#completevisibility
Three Year ROI
III. Three Year Savings Calculation Using Netwrix Auditor for AD
First Year Costs - License plus Support and Maintenance $24,000
Second Year Support and Maintenance Costs $4,000
Third Year Support and Maintenance Costs $4,000
Three Year Costs Netwrix Auditor for AD Licenses and Support and Maintenance $32,000
Three Year Personnel Costs To Use Active Directory $9,611
Total Three Year Costs For Netwrix Auditor for AD $41,611
Three Year Costs Employing Manual Processes $274,591.84
Three Year Net Savings Using Netwrix Auditor for AD $232,981.12
Three Year ROI Using Netwrix Auditor for AD 560 %
#completevisibility
Key Resources Saved:
MONEY
TIME
EFFORTS
#completevisibility
Briefly About Netwrix
All awards: www.netwrix.com/awards
#completevisibility
Netwrix Corporation
Founded in 2006
HQ in Irvine, California
Philosophy – deliver complete visibility of IT infrastructure
Global customer base – 6000
6M user licenses
Global support North America, EMEA and Asia
Among the fastest growing software companies in the US (Inc 5000, Deloitte)
Corporate Headquarters:300 Spectrum Center Drive #820 Irvine, CA 92618888-638-9749www.netwrix.com
Additional Offices:Columbus, OHParamus, NJAtlanta, GAKent, UK
#completevisibility
Financial
Healthcare & Pharmaceutical
Federal, State, Local, Government
Industrial/Technology/Other
Our Customers
#completevisibility
Next Steps
Free Trial: setup in your own test environment
netwrix.com/freetrial
Test Drive: virtual POC, try in a Netwrix-hosted test lab
netwrix.com/testdrive
Live One-to-One Demo: product tour with Netwrix expert
netwrix.com/livedemo
Contact Sales to obtain more information
netwrix.com/contactsales
Webinars: join our upcoming webinars or watch the recorded sessions
netwrix.com/webinars
netwrix.com/webinars#featured
#completevisibility
Thank You for Your Attention!
Jeff Melnick
Manager of Sales Engineering
Jeff.Melnick@netwrix.com
888-638-9749 x 971
Danny Murphy
Pre-Sales Engineer
Danny.Murphy@netwrix.com
88-638-9749 x 2202
Questions?
#completevisibility
Prize Drawing
Haven’t won this time? Sign up for upcoming sessions: https://www.netwrix.com/webinars.html
Get Your GoPro
Hero4 Silver!
Recommended