Data Loss Prevention (DLP) and
Social Media Monitoring (SMM)Workshop
CIO MIDDLE EAST SUMMIT (September 2012, Dubai)
Alexander Zarovsky
Chief Business Development Officer
InfoWatch
Group of companies founded in 2003 as the spin off of
Headquarters: Moscow City / Russia, Subsidiary in Germany, actively present in Middle East (UAE, Saudi Arabia, Bahrain, Qatar, Oman)
Global Partnership Alliances in Russia & CIS, Asia, Middle East, Europe and South America
8 years of experience in data analysis and information control, over 150 successful projects in enterprise segment
Who We Are
Focus on: Data Loss Prevention
& Protection (DLP) Intellectual Property Protection IT Security Risk Management
and Compliance Social Media Monitoring (SMM)
and Reputation Management
Data Loss Prevention & Social Media Monitoring Workshop
Selected Customers
Data Loss Prevention & Social Media Monitoring Workshop
Customer data for banking, retail, insurance, telecom
Source code, “know-how”, R&D technologies
Intellectual property (patents, trademarks, copyrighted materials, trade secrets)
Contract details, financial reports, employee data, patient records, etc.
Digital Assets of a CompanyInformation is often the most valuable asset of a company
Data Loss Prevention & Social Media Monitoring Workshop
Grow rapidly: at least 2 incidents per day
Intentional leaks are growing
Most of the leaks go unannounced
Cost more: average incident clean up cost is $8M per leak in 2011
No 100% efficient solution yet: prevention of accidental leaks mostly
Data Leakage / Misuse Trends
Problem awareness is growing
Data Loss Prevention & Social Media Monitoring Workshop
Data Leakage / Misuse Trends
Number of leaks occurred at organizations, that were subsequently published in mass media
2006 2007 2008 2009 2010 2011
Number of leaks 198 333 530 747 794 801
50
150
250
350
450
550
650
750
850
Number of leaks
Data Loss Prevention & Social Media Monitoring Workshop
2011 Worst Incidents in Numbers
Sony Online EntertainmentSize: 101 million user accountsType of Data: name, home and e-mail addresses, login credentials, some credit card information
Epsilon, Alliance Data SystemsSize: Unknown; 60 million records estimatedType of Data: e-mail addresses, some names
HBGary FederalSize: 60,000 recordsType of Data: corporate emails, presentations, client reports
WordPressSize: Unknown, 18 million records estimated Type of Data: source code, API keys, passwords
Data Loss Prevention & Social Media Monitoring Workshop
Inadvertent or Intentional?
53%42%
5%
2010Accidental leaks Intentional leaks
Unspecified
43%
42%
15%
2011Accidental leaks Intentional leaks
Unspecified
Data Loss Prevention & Social Media Monitoring Workshop
Data Leaking Channels
5.0%
12.0%
25.0%
8.0%
16.0%
7.0%
20.0%
2.0%5.0%
2010Unspecified
Laptops, smart phones
Personal computers
Removable media
Web
Paper documents
Spare copy media
Other
16.2%
9.6%
13.9%
6.2%
13.6%6.2%
19.1%
8.5%
6.6%
2011
Data Loss Prevention & Social Media Monitoring Workshop
Data Leaks by Industry Segment
70%
16%
12%
2%
2010
Commercial leaks
Governmental leaks
Educational leaks
Unspecified
45%
20%
30%
4%
2011
Commercial leaks
Governmental leaks
Educational leaks
Unspecified
Data Loss Prevention & Social Media Monitoring Workshop
Which Sensitive Data are Leaking Out
Personal data keeps a leading position in announced incidents
92%
3%3% 1%
Types of Leaks, 2011
Personal data
Commercial secret
State secret
Unspecified
Data Loss Prevention & Social Media Monitoring Workshop
Forecast
Hardly probable registered data leaks growth in English speaking countries. Possible decline.
Growth of data leaks incident amount and probability increase of their overseas disclosure
Gradual adoption of mandatory leak incident notice worldwide
DLP technology adoption by country
Mass adoption: USA, Great Britain, Australia
Emerging adoption, rapid growth: East Europe, Asia, Middle East
Careful reconsideration of data security practices in favor of DLP in Western Europe as a result of legislation amendements
World Data Leaks Trends
Data Loss Prevention & Social Media Monitoring Workshop
Global penetration
E-channel for marketing & reputation management
Instant information exchange
Very difficult to control or block
Legal compliance is not matured (especially in India)
Social Networking Challenge
Data Loss Prevention & Social Media Monitoring Workshop
Reputation is the Key
Make or break company's bottom line
Boost or kill sales
Attract or put off investment and business partners
Recruit or deter employees
Influence legislators and regulators
Literally touch every audience
Reputation can
Data Loss Prevention & Social Media Monitoring Workshop
The market is immature and forced by leading vendors
More technologies doesn’t protect you at 100%, while more security policies doesn’t mean that you’re getting a better data protection
Company needs a mixture of technology and methodology for working with its information assets
Data classification is still an issue
Remote access to business applications is not completely secured by DLP, but is highly required
DLP Marketing vs. Reality
Data Loss Prevention & Social Media Monitoring Workshop
Mitigating information security risks with DLP toolset
Forensics, investigation of incidents and retrospective analysis
Reputation management with social media monitoring
IT Security Risk Management vs. DLP and SMM
DLP Business Processes Challenge Product design and manufacturing
Suppliers
Partners
Highly proprietary intellectual property, product designs
Manufacturer
Healthcare
DoctorsHealthcare providers
Digital X-ray, CAT scans, other medical information
Real estate transaction documents
Mortgage lenders
Real estate Homebuyers and sellers
Real estate agents
DLP solution that blocks access or quarantines sensitive information
creates a barrier, interrupting the flow of data or blocking it altogether
Data Loss Prevention & Social Media Monitoring Workshop
InfoWatch DLP Architecture
Data Loss Prevention & Social Media Monitoring Workshop
Data Analysis
• Formal attributes (sender/recipient attributes, file digital hash, etc.)
• Content
• Linguistics including Arabic
• Digital fingerprints
• Templates
• OCR
• Allow
• Block
• Further processing
• Centralized unchangeable archive
• Responsibility zones management
• Monitoring of current actions with sensitive data
• Retrospective analysis and investigation
• Software agents at employees’ workstations
• Gateway Traffic interceptors
• Server-side plug-ins (e.g. OWA)
Interception AnalysisDecision Making
Storage
InfoWatch DLP Technology Circuit
Data Loss Prevention & Social Media Monitoring Workshop
Pre-DLP
•Information security audit•Information assets classification on the fly •Regulatory documents development
DLP
•DLP software implementation•Software adjustment in accordance with customer approved regulations•DLP system maintenance
Post-DLP
•Qualified digital evidence collection •Internal investigation assistance•Legal proceeding against violator
Data Loss Prevention & Social Media Monitoring Workshop
InfoWatch DLP Lifecycle
Sensitive documents are encrypted as they leave your organization
Only intended users outside of your organization can view the document/file and only if you provide them with a Key
The Key you provide limits the rights of the end user and the amount of time you authorize a document’s lifecycle
The use of the document/file is locked to the end-user computer
Documents remain encrypted so the risk of copying and sharing without your authorization is eliminated
InfoWatch CrypKey DRM as DLP add on
Data Loss Prevention & Social Media Monitoring Workshop
Highly Secure
Uses same encryption level as bank transactions
Document use is locked to end-user computer
Rights Management
Printing can be blocked
Copy/Paste and Screen Capture can be blocked
Use of document can be time or use limited
Document Management
Back-end activation server used to manage document use
Receive alert when document is activated
Application
PDF, PPT, XLS, DOC and many other file types
InfoWatch CrypKey DRM Key Features
Data Loss Prevention & Social Media Monitoring Workshop
InfoWatch CrypKey DRM – How it Works
Data Loss Prevention & Social Media Monitoring Workshop
Preloaded industry-specific rules, policies and reports
Forensic Storage for automatic data classification and incident investigation
Gateway and endpoint components for traffic management, device control and transparent data encryption with DRM
Robust proprietary data analysis technologies:linguistics, OCR, templates analyzer, file header analysis, etc.
Securely managed remote access to corporate infrastructure
Proven enterprise-grade scalable architecture Support of up to 20,000+ users in one Data Center
InfoWatch DLP Technology Advantages
Data Loss Prevention & Social Media Monitoring Workshop
Forensic storage (archive) and investigation tools
Control over the information flow with sophisticated real-time and historical reports
Data security with encryption, IRM & DRM
InfoWatch DLP Compliance Enabler
Data Loss Prevention & Social Media Monitoring Workshop
InfoWatch DLP in Large Enterprise Topology
AlertsForensic Data
ConfigurationRules
Shadow Copies
Device MonitorPrint MonitorCryptoStorage
Data Loss Prevention & Social Media Monitoring Workshop
2 000 000 000 Internet users worldwide 900 000 000 in Facebook 300 000 000 in Twitter
Social media is #1 activity on the Web 91% of online adults use social media
in a typical month
Social media are websites which content is created by users: blogs, microblogs, forums, social networks, media portals, etc.
In social media people share opinions (especially negative) about everything, including brands, services, actions, etc.
Social Media Monitoring: Where Reputation is Built and Lost
Data Loss Prevention & Social Media Monitoring Workshop
Facebook Statistics Usage in Middle East Countries# in global
ratingCountry No of Users
Growthin last 6 month
Growth %in last 6 month
Penetration in population
21. Egypt 11 447 040 +985 360 +9.41% 14.22%
29. Pakistan 6 945 140 +534 320 +8.34% 3.92%
32. Saudi Arabia 5 239 040 +92 880 +1.80% 20.36%
48.United Arab
Emirates3 075 840 +168 140 +5.78% 61.82%
56. Jordan 2 458 720 +233 300 +10.48% 38.38%
62. Iraq 2 086 280 +432 640 +26.13% 7.03%
86. Kuwait 771 400 -126 700 -14.10% 27.66%
89. Qatar 698 540 +217 240 +45.13% 83.07%
103. Oman 485 060 +62 860 +14.89% 16.34%
111. Bahrain 355 480 +9 280 +2.68% 48.17%
Data Loss Prevention & Social Media Monitoring Workshop
Source: Facebook Statistics by Country by Socialbakers, Sep 2012 http://www.socialbakers.com/facebook-statistics/?interval=last-6-months#chart-intervals
Facebook Statistics Usage in Southeast Asia# in global
ratingCountry No of Users
Growthin last 6 month
Growth %in last 6 month
Penetration in population
3. India 53 624 320 8 604 540+19.11% 4.57%
4. Indonesia 39 817 960 533 440+1.23% 16.39%
16. Thailand 16 399 820 2 176 160+15.29% 24.70%
18. Malaysia 12 818 680 452 920+3.66% 49.00%
27. Vietnam 7 185 380 4 011 900+126.42% 8.02%
51. Singapore 2 801 900 197 520+7.59% 59.60%
95. Cambodia 632 720 142 480+28.99% 4.29%
98. China 552 920 107 160+23.95% 0.04%
Data Loss Prevention & Social Media Monitoring Workshop
Source: Facebook Statistics by Country by Socialbakers, Sep 2012 http://www.socialbakers.com/facebook-statistics/?interval=last-6-months#chart-intervals
What This Means for a Company
* According to a TNS research.This ratio reaches 65% for people aged 25-34
People often share negative experience and trust each other
Corporate reputation suffers
Company should react fast to claims
and questions online
57% customers start problem solving
on the Web *
People expect interactive communications online
Company should monitor social media in the internet
Online comments = direct customer feedback
Opportunity to develop market-leading
products, manage services, protect business
Company should collect, analyze and manage
online comments
Data Loss Prevention & Social Media Monitoring Workshop
Web 2.0 environment Information volume is growing fast Information is spread instantly Unstructured data, informal spoken language
Manual Reporting No QA & transparency: no idea of actual coverage and quality No options for direct customer interactions No instant information delivery and ad hoc reporting No integration with IT systems
Is Manual Monitoring Efficient?
Data Loss Prevention & Social Media Monitoring Workshop
Cloud-based system for social media monitoring and analysis for reputation and customer experience management online
Collects customer feedback in Social Media sources (forums, blogs, news media)
Automatically analyses topics and scores sentiment (emotional attitude)
Manages customer feedback processing workflow
Generates sophisticated reports in real time
InfoWatch KRIBRUM: the SMM Solution
Based on
proprietary
data extraction
and text
analysis
technologies
Data Loss Prevention & Social Media Monitoring Workshop
InfoWatch KRIBRUM: More Interfaces
Data Loss Prevention & Social Media Monitoring Workshop
InfoWatch KRIBRUM Vertical Solutions
Retail Banking Telecom Airlines
Data Loss Prevention & Social Media Monitoring Workshop
Data Extraction Quality
Searching all kinds of online media
Spam and duplicates filtering out (up to 95%)
Close-to-real-time monitoring
Automatic content analysis and sentiment scoring
Industry-specific context consideration
Automatic sentiment scoring: Positive/Neutral/Negative (80%)
Automatic content categorization by topics
Multi-language support (incl. English and Arabic)
Competitive comparisons
Audience identification: most active communities, brand advocates & critics, opinion leaders, geography and social demographics, and more
InfoWatch KRIBRUM Features
Data Loss Prevention & Social Media Monitoring Workshop
Customer Interaction Workflow
Direct response to comments from the service console
Direct links to comments with full text available within the system
Extensive Reporting
Visual interactive reports, flexible data filtering for viewing
Export to XLS, XML, etc.
Corporate Usage
Multi-user support, role-based access model
Cloud-based (SaaS) service
No software installation, all functionality within a web browser
API for integration with IT systems (BI, CRM, Call Center, etc.)
Data Loss Prevention & Social Media Monitoring Workshop
InfoWatch KRIBRUM Features
KRIBRUM is not only an efficient tool for sales & marketing and support teams, but also a means of control for top management:
An objective comprehensive outlook at any moment: How customers perceive the brand, particular services, etc. What competitors are doing and how customers are reacting What goes on in the public information field
Complete unbiased information, not distorted while being transferred through hierarchy levels
Visual analytics easily available at any time right in web browser
InfoWatch KRIBRUM for Top Management
Data Loss Prevention & Social Media Monitoring Workshop
Goal: manage subscribers’ loyalty via improving customer support and communications in social mediaStart: January 201110 objects monitored: MTS + 8 other telecom operators + MTS mobile phones
Data collected and analysed by May 2012: Total 2 300 000 posts, incl. nearly 1 000 000 original posts Among them 850 000+ posts (350 000 originals) related to MTS Daily traffic: up to 4000 posts, including up to 2000 on MTS
(with occasional peaks of 10 000 publications and more) Profiles of 803 000 authors of telecom-related postings
System usage: Used by Department of service support in Moscow and Russian regions Several hundreds reply messages per day are posted online Team work with collaboration workflow is in place
Result and plans: Customer is satisfied with the delivered quality, plans to expand the monitoring scope and integrate KRIBRUM with Call Center/CRM system
InfoWatch KRIBRUM Case Study #1
The leading telecom group
in Russia, Eastern Europe
and Central Asia
Data Loss Prevention & Social Media Monitoring Workshop
The largest credit institution
in Russia and CIS
Goal: improve customer satisfaction via listening to the Voice of Customer and developing direct communications with clients in social media
Project start: March 2012
Average data volume: 1500 - 2000 posts daily, 50 000 - 60 000 posts monthly (on Sberbank and major competitors)
Current usage – Customer Care service (PR department): Ad hoc research and analysis of online customer feedback:
Satisfaction with the customer service in offices Regional differentiations in customer claims and requirements Product improvements expected by clients, etc.
Direct responding to client’s questions and claims online Analytical reports to top management
Vision and plans: Intensify the usage of monitoring data for loyalty management Involve regional branches into online activities (not just in HQ) Integration with corporate IT systems
Data Loss Prevention & Social Media Monitoring Workshop
InfoWatch KRIBRUM Case Study #2
Securing corporate reputation and managing customer experience in social media
Reduction of financial loss / increase of operations efficiency with effective IT security risk management and data leakage prevention
Protection of digital assets & intellectual property
Compliance with international standards (ISO, SOX, Basel III, PCI DSS and other)
Benefits from InfoWatch
Data Loss Prevention & Social Media Monitoring Workshop
+7 495 22 900 22 [email protected]
Contact Info
www.infowatch.com
Alexander ZarovskyChief Business Development OfficerInfoWatch
Thank you!
Dubai 2012
Data Loss Prevention & Social Media Monitoring Workshop