• Home

  • Technology

  • Perpetual Information Security - Driving Data Protection in an Evolving Compliance Landscape
14
© SafeNet Confidential and Proprietary Perpetual Information Security Driving Data Protection in an Evolving Compliance Landscape Trisha Paine

Perpetual Information Security - Driving Data Protection in an Evolving Compliance Landscape

  • Upload
    safenet

  • View
    461

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Perpetual Information Security - Driving Data Protection in an Evolving Compliance Landscape

© SafeNet Confidential and Proprietary

Perpetual Information SecurityDriving Data Protection in an Evolving Compliance

Landscape

Trisha Paine

Page 2: Perpetual Information Security - Driving Data Protection in an Evolving Compliance Landscape

2

© SafeNet Confidential and Proprietary

Market Trends, Threat DriversT

HR

EA

T D

RIV

ER

S

MARKET FORCES

Compliance and regulations

Breach Notification Laws

Loss of critical IP

Mobile workforce

removable media

Virtualization

Cloud

Computing

Outside Breaches

Penalties and Fines

Compliance

The Outsider becomes The Insider

Data Loss, Theft

Identity Theft

Cyber Crime

Page 3: Perpetual Information Security - Driving Data Protection in an Evolving Compliance Landscape

3

© SafeNet Confidential and Proprietary

Lesson #1: Develop an Overreaching

Security Business Model

Source: Information Systems Audit and Control Association (ISACA)

Page 4: Perpetual Information Security - Driving Data Protection in an Evolving Compliance Landscape

4

© SafeNet Confidential and Proprietary

Lesson #2: Know Where Sensitive Data is Located

Page 5: Perpetual Information Security - Driving Data Protection in an Evolving Compliance Landscape

5

© SafeNet Confidential and Proprietary

Lesson #3: Map Regulations and Find

Overlaps

Page 6: Perpetual Information Security - Driving Data Protection in an Evolving Compliance Landscape

6

© SafeNet Confidential and Proprietary

Lesson #3: Map Regulations and Find Overlaps

Page 7: Perpetual Information Security - Driving Data Protection in an Evolving Compliance Landscape

7

© SafeNet Confidential and Proprietary

Lesson #4: Look Forward to How Security

Needs are Evolving

Data Protection Now

• Perimeter focused security

• All-or-nothing encryption

• Keep bad guys out, authorized users get full access

• Multiple products to meet business and security needs

• High level or very specific policy only, •No proper central policy management

• Data-centric protection—intelligence to protect the data itself throughout its lifecycle

• Granular, selective protection over subset of unstructured or structured data (files, fields, and columns)

• Granular data protection for authorized users, assure compartmentalization

• Centrally managed solution that addresses business, compliance, data governance & security

• Centralized policy and key management providing data use tracking and control

Data Protection Then

Page 8: Perpetual Information Security - Driving Data Protection in an Evolving Compliance Landscape

8

© SafeNet Confidential and Proprietary

MediaFlash-

drive

Laptop

Mobile

Branch Office

Lesson #4: Look Forward to How Security

Needs are Evolving

Web 2.0 Application

Remote Replication

Data Center

• Cryptographic Perimeter

• Application & DB Data

• File-based Endpoints

• Removable Media

contained

• Each Data-use is Tracked

• Granular Access Controls

• Assured User Authentication

• Mobile Data LOCKED!

Forever Protection Ubiquitous Controls

Internet

SaaS Cloud

Extranet

WAN

Page 9: Perpetual Information Security - Driving Data Protection in an Evolving Compliance Landscape

9

© SafeNet Confidential and Proprietary

Lesson #4: Look Forward to How Security

Needs are Evolving

The approaches

• Web/Application Encryption

• Database Encryption

• File Encryption

• Storage Encryption

• Tokenisation

The considerations

• Know your threat models

• Application transparency

• Performance

• Business logic embedded within database environments

• Batch processing & bulk import/export operations

• Indexing and primary/foreign key pairs

• Searching on encrypted data

Page 10: Perpetual Information Security - Driving Data Protection in an Evolving Compliance Landscape

10

© SafeNet Confidential and Proprietary

Lesson #5: Tackle Requirement 3 and

Reduce the Key Management Scope

Source: Oasis

Page 11: Perpetual Information Security - Driving Data Protection in an Evolving Compliance Landscape

11

© SafeNet Confidential and Proprietary

Lesson #5: Tackle Requirement 3 and Reduce the

Key Management Scope

What’s the cost of unmanageable key management?

Planning time:

Some organizations spent up to a year planning for key management issues

including breaches and notifications*

Audit prep time

Demonstrate which apps and networks are using the keys and where in the

world they are

Data Loss:

Up to 39 percent of organizations who have experienced key loss also lose

data permanently or disrupt business operations.

Maintenance costs:

Disparate systems means no economy of scale for maintenance costs. Each

encryption system and key management solution could have 15-20% annual

maintenance fees.* Source: TrustCatalyst

Page 12: Perpetual Information Security - Driving Data Protection in an Evolving Compliance Landscape

12

© SafeNet Confidential and Proprietary

Lesson #5: Tackle Requirement 3 and Reduce the

Key Management Scope

Page 13: Perpetual Information Security - Driving Data Protection in an Evolving Compliance Landscape

13

© SafeNet Confidential and Proprietary

Lesson #5: Tackle Requirement 3 and Reduce the Key

Management Scope

Benefits of Lifecycle Key Management

Reduce Administration

Costs

Centralized management for

lifecycle key management

Standards based with key

versioning

Ease Proof of Compliance

Common logs and audits for multiple data types eases

reporting

Separation of duties between security officers

and data stewards

Protect More Data Types

Funnel both symmetric and asymmetric key

materials into one appliance

HSM options for key vaults, FIPS

140 Level 3 *(upon NIST Approval)

Page 14: Perpetual Information Security - Driving Data Protection in an Evolving Compliance Landscape

14

© SafeNet Confidential and Proprietary

Summary: Evaluate Every OptionAdaptable, Flexible, Manageable…

SCALABLE FOR

GROWTH

Hardened Appliance

ApplicationProtection

Application and

Web Servers

IntellectualProperty

ProtectionFile Servers Databases

Database Security

Endpoints

Laptop

Tokenization

0000

000 00

LegacyProtection

Mainframes

Benefits:

• Flexibility to evolve

• Ease proof of compliance

• Streamline administration

and enforcement of

protection policies

• Strong lifecycle key

management

Consider an unified platform with the choices to adopt the

method that’s right for you to achieve compliance.


OUR LADY OF PERPETUAL HELPOUR LADY OF PERPETUAL HELP

OUR LADY OF PERPETUAL HELPOUR LADY OF PERPETUAL HELP

Documents
Oyster Perpetual 36 - Rolex › watches › oyster-perpetual › m...The Oyster Perpetual 36 with a white dial and an Oyster bracelet. The aesthetics of the Oyster Perpetual models

Oyster Perpetual 36 - Rolex › watches › oyster-perpetual › m...The Oyster Perpetual 36 with a white dial and an Oyster bracelet. The aesthetics of the Oyster Perpetual models

Documents
Evolving Our Differentiated Model: Community Banking ... · Evolving Our Differentiated Model: Community Banking ... Prospecting to grow households 0.5 1.0 Driving increased calling

Evolving Our Differentiated Model: Community Banking ... · Evolving Our Differentiated Model: Community Banking ... Prospecting to grow households 0.5 1.0 Driving increased calling

Documents
Perpetual Remembrance Book Perpetual Remembrance Book

Perpetual Remembrance Book Perpetual Remembrance Book

Documents
DRIVING FORCES, UNCERTAINTIES, and FOUR SCENARIOS …newsroom.cisco.com/dlls/2010/ekits/Evolving_Internet_… ·  · 2010-08-27THE EVOLVING INTERNET DRIVING FORCES, UNCERTAINTIES,

DRIVING FORCES, UNCERTAINTIES, and FOUR SCENARIOS …newsroom.cisco.com/dlls/2010/ekits/Evolving_Internet_… ·  · 2010-08-27THE EVOLVING INTERNET DRIVING FORCES, UNCERTAINTIES,

Documents
ACCOUNTANTS FOR BUSINESS Driving SME growth through an … · 2020. 5. 27. · DRIVING SME GROWTH THROUGH AN EVOLVING FINANCE FUNCTION 5 To help explain how finance formalisation

ACCOUNTANTS FOR BUSINESS Driving SME growth through an … · 2020. 5. 27. · DRIVING SME GROWTH THROUGH AN EVOLVING FINANCE FUNCTION 5 To help explain how finance formalisation

Documents
Oyster perpetual

Oyster perpetual

Education
Perpetual Pavement Synthesis

Perpetual Pavement Synthesis

Documents
The evolution in self-driving vehicles - EY - United StatesFILE/... · 3 The evolution in self-driving vehicles An evolving competitive environment All major car manufacturers are

The evolution in self-driving vehicles - EY - United StatesFILE/... · 3 The evolution in self-driving vehicles An evolving competitive environment All major car manufacturers are

Documents
Perpetual Traveler

Perpetual Traveler

Documents
Perpetual Motion.ppt

Perpetual Motion.ppt

Documents
Perpetual Remembrance Book Perpetual Remembrance Book · 1 day ago · Perpetual Remembrance Book Perpetual Remembrance Book 1st October 2nd October Name Anniversary Date Reg Liersch

Perpetual Remembrance Book Perpetual Remembrance Book · 1 day ago · Perpetual Remembrance Book Perpetual Remembrance Book 1st October 2nd October Name Anniversary Date Reg Liersch

Documents
The Driving Evolution · The Driving Evolution RX2 Series High performance inverter Evolved Heritage Usability Evolving In Constant Evolution 2 RX2 Series High performance inverter

The Driving Evolution · The Driving Evolution RX2 Series High performance inverter Evolved Heritage Usability Evolving In Constant Evolution 2 RX2 Series High performance inverter

Documents
Perpetual Trophies - annapolisyc.com Perpetual Trophies Format... · Perpetual Trophies Annual Regatta Trophies J. M. Elizalde Perpetual Trophy for the 20’ Round Bottom Class (Philippine

Perpetual Trophies - annapolisyc.com Perpetual Trophies Format... · Perpetual Trophies Annual Regatta Trophies J. M. Elizalde Perpetual Trophy for the 20’ Round Bottom Class (Philippine

Documents
Perpetual Peace Immanuel Kant PERPETUAL PEACE · perpetual peace. Therefore, to forbid this credit system must be a preliminary article of perpetual peace all the more because it

Perpetual Peace Immanuel Kant PERPETUAL PEACE · perpetual peace. Therefore, to forbid this credit system must be a preliminary article of perpetual peace all the more because it

Documents
Perpetual Motion

Perpetual Motion

Documents
Perpetual money making_machine_checklist

Perpetual money making_machine_checklist

Entertainment & Humor
EVOLVING INTELLIGENCE, SURVEILLANCE & RECONNAISSANCE … · 2014. 6. 3. · of cyberspace operations is driving an imperative to evolve Intelligence, Surveillance and Reconnaissance

EVOLVING INTELLIGENCE, SURVEILLANCE & RECONNAISSANCE … · 2014. 6. 3. · of cyberspace operations is driving an imperative to evolve Intelligence, Surveillance and Reconnaissance

Documents
ACCOUNTANTS FOR BUSINESS Driving SME … FOR BUSINESS Driving SME growth through an evolving finance function 2 This paper uses data from over 10,000 interviews with UK SMEs to show

ACCOUNTANTS FOR BUSINESS Driving SME … FOR BUSINESS Driving SME growth through an evolving finance function 2 This paper uses data from over 10,000 interviews with UK SMEs to show

Documents
Our Lady of Perpetual Help ChurchOur Lady of Perpetual

Our Lady of Perpetual Help ChurchOur Lady of Perpetual

Documents
Evolving a rule system controller for automatic driving in ... · Evolving a rule system controller for automatic driving in a car racing competition Diego Perez, Yago Saez Member,

Evolving a rule system controller for automatic driving in ... · Evolving a rule system controller for automatic driving in a car racing competition Diego Perez, Yago Saez Member,

Documents
Create A Perpetual Lead Generation Machine - Yahleads · logo, trademark, graphic or image ... CREATE A PERPETUAL LEAD GENERATION MACHINE: The 7 Must Know Strategies For Driving Local

Create A Perpetual Lead Generation Machine - Yahleads · logo, trademark, graphic or image ... CREATE A PERPETUAL LEAD GENERATION MACHINE: The 7 Must Know Strategies For Driving Local

Documents
Perpetual Trophies

Perpetual Trophies

Documents
RESEARCH REPORT FRAGILE BUT NOT HELPLESS Scaling Up ... But... · political and security environment locks partners into a perpetual humanitarian mode of intervention. Evolving beyond

RESEARCH REPORT FRAGILE BUT NOT HELPLESS Scaling Up ... But... · political and security environment locks partners into a perpetual humanitarian mode of intervention. Evolving beyond

Documents
Perpetual College

Perpetual College

Documents
Perpetual Calendar

Perpetual Calendar

Technology
Perpetual beta

Perpetual beta

Education
Perpetual Inventory

Perpetual Inventory

Documents
Perpetual fifo

Perpetual fifo

Education
Perpetual Light

Perpetual Light

Documents