Ochrana zdravotných informácií a mapovanie ich tokov Igor Urban Territory Account Manager
Kto je Forcepoint? Forcepoint was purpose-built to enable the next generation of cybersecurity Created by Raytheon in 2016 to commercialize defense-grade technologies for large enterprises. One of the largest private cybersecurity companies in the world – more than 13,000 customers, operations in more than 150 countries, 2,700 employees across 50 offices, and 27 data centers worldwide. Leading partner to the global intelligence community and for high assurance cyber missions. One of the most comprehensive and integrated security product portfolios in the industry. [OPTIONAL SLIDE FOR THOSE PROSPECTS NOT FAMILIAR WITH FORCEPOINT] Forcepoint’s creation was led by Raytheon with its acqusition of Websense in 2016 and its merge with Raytheon’s Cyber Products business. In January 2016, Raytheon also acquired the Stonesoft NGFW. These three companies formed the initial backbone of Forcepoint. Forcepoint has made subsequent acquistions of a CASB company (Skyfence) and a UEBA company (RedOwl). Forcepoint is actually one of the largest private cybersecurity companies in the world with more than $600M in revenue, more than 10K customers, and offices throughout the globe. It has been and continues to be a close partner to the global intelligence community and organizations with high assurance cyber missions – its has enterprise technologies at its core. It has one of the most comprehensive product portfolios in the industry, across key control points that include Data Protection, NGFW, Web Security, Email Security, CASB, Insider Threat, UEBA, and Sandboxing. Forcepoint Proprietary
Ako dnes ja osobne fungujem v ”cyber priestore”? Môj osobný život: Môj pracovný život: Moje zariadenia:
Kto má moje dáta a na ktorých mi reálne záleží? ”Giganti” Apple, Google, Facebook, Microsoft, atď. Štát Štátne inšitúcie (vrátane “zdravotníctva”) Finančný sektor Banky, poisťovne, poradcovia a pod. Biznis Telko operátori, obchodné siete, biznis partneri, zamestnávatelia a pod.
Ako sú tieto údaje chránené? Som schopný chrániť moje údaje, ktoré nie sú u mňa? Ako mi jednotlivé subjekty garantujú ochranu týchto dát? Zistím, keď sa “niečo pokazí”? Vynucuje to niekto? Ako je na tom zdravotníctvo?
eHealth a jeho bezpečnosť eHealth a jeho zabezpečenie Plechová skriňa s kartotékou vs IT infraštruktúra Kto je v systéme a s akými dátami (aj portál na objed.) Čo na to “compliance”?
Aké sú úniky dát a ako im zabrániť? Náhodné – interné DLP Cielené – interné Cielené – externé V tomto prípade je otázka, aká je Vaša celková úroveň zabezpečenia (webový aj emailový kanál, NGFW)
What Action Who Where How DLP – ako to funguje? Confirm Block Notify Human Resources Source Code Evernote File Transfer Confirm Customer Service Credit Card Data Dropbox Web Block Marketing Personal Data Business Partner Instant Messaging Notify Finance M&A Plans Facebook Peer-to-Peer Remove Accounting Employee Salary OneDrive Email Encrypt Sales / Marketing Because of our deep integration, the actions we can perform are varied (Depends on platform – i.e. email, Web, Endpoint etc.) Financial Report Malicious Server Print Quarantine Legal Customer Records Removable Media File Copy Confirm Technical Support Manufacturing Docs Competitor Print Screen Audit Engineering Research Customer Copy/Paste Notify
V čom môže DLP reálne pomôcť? Inventory Personal Data Map, Manage & Control PERSONAL DATA FLOWS PREPARE TO Respond in a Timely manner 72 DLP: Discover, Cloud, Endpoint DLP: Gateway, Endpoint Web & Email Security modules TRITON Manager & Insider Threat Command Center
Endpoint – dáta v používaní Forcepoint DLP riešenie pokrýva všetky oblasti, kde môžu byť osobné údaje uložené, sprístupnené, používané alebo presúvané: Endpoint – dáta v používaní Forcepoint DLP – Endpoint chráni citlivé dáta na Windows a Mac koncových pracovných staniciach vo Vašej firemnej sieti, ako aj v režime off-line. Zahŕňa pokročilú ochranu a kontrolu dát v pokoji (tzv. Discovery), v pohybe a počas ich používania. Network – dátat v pohybe Forcepoint DLP – Network zabezpečuje kritický bod ochrany citlivých dát v pohybe, a to vynútiteľné zastavenie ich úniku cez emailový a webový kanál (HTTP/HTTPS/FTP/SMTP). Discover – dáta v pokoji Forcepoint DLP – Discovery identifikuje a chráni citlivé dáta v rámci siete ako aj dáta na úložiskách a dáta na cloud službách ako Office 365 a BOX Enterprise. WHO WE ARE Purpose-built by Raytheon to provide the next generation cyber security solution Now one of the largest private cybersecurity companies in the world Global footprint, 1000s of customers, and a presence in over 150 countries Also have one of the most comprehensive and broadest security portfolios in the industry
Cloud – dáta v pokoji, pohybe ako aj v používaní Forcepoint DLP – rozšírenia: Cloud – dáta v pokoji, pohybe ako aj v používaní Forcepoint DLP – Cloud Applications je modul, ktorý rozširuje pokročilé analytiky a DLP kontrolu využívaním Forcepoint CASB (Cloud Access Security Broker) na DLP kontrolu pre kritické cloud aplikácie ako Office 365, Salesforce, Google Apps, Box a mnohé ďalšie. Umožňuje kontrolu dát, ktoré sú v Cloude Toto je prostredníctvom API rozhrania a teda je to “spätne” od ver. 8.6 pribudne Data Discovery v Cloud-e od ver. 8.7 sa plánuje tzv. “Reverzná proxy”, tj.ochrana dát v cloude v reálnom čase Forcepoint Dynamic Protection Kombinácia DLP Endpoint Agenta s UEBA Forcepoint Dynamic Protection Add-On add-on k existujúcemu DLP Endpoint / Data Suite WHO WE ARE Purpose-built by Raytheon to provide the next generation cyber security solution Now one of the largest private cybersecurity companies in the world Global footprint, 1000s of customers, and a presence in over 150 countries Also have one of the most comprehensive and broadest security portfolios in the industry
Remediate - Encrypt/Pseudonymize Ako to vyzerá v praxi? Workflow - DPO Remediate - Encrypt/Pseudonymize Escalate - Incident Source Channel Destination Action Forensics
Embedded Security Analytics Demos really well
Forcepoint Offers A Broad Continuum Of Capabilities Secure Cloud Adoption and Network User Protection Critical Data and Intellectual Property Protection Workforce and Supply Chain Protection Security Initiatives Security Initiatives Security Initiatives Secure the adoption of SaaS & cloud Enable direct-to-cloud connectivity and security for remote offices Protect off-network users Modernize your hybrid IT network Deploy a cloud converged security model from the cloud Next-gen your data protection Protect data in the cloud Discover data in a hybrid environment Confidently verify regulatory compliance (e.g., GDPR and HIPAA) Stop data loss from insiders and compromised users Prevent sabotage and financial loss Protecting your supply chain As you can see, integration of solutions will be the key to unlocking true value, and we have invested heavily in this. There is overlap between outcomes and initiatives with the technology which means interdepartmental cooperation and multiple use cases will improve your risk posture and TCO ALL of these technologies are available to support your journey TODAY…………… Data Guard NGFW SD-WAN AMD Web CASB Email DLP Behavioral Analytics Insider Threat Converged Security Capabilities
Sumarizácia úloh DLP Zmapovať a zabepečíť tok dát vrámci celého ekosystému Ochrániť údaje na úložiskách ako aj na koncových staniciach či už v sieti alebo mimo nej, ako aj v cloude Pomôcť splniť požiadavky regulátora (compliance) Poskytnúť funkčný incident manažment a prípadne forenzné dáta Poskytnúť kľudný spánok
Ďakujem iurban@forcepoint.com © 2019 Forcepoint | 16