2. Why DLP …because sensitive information is always moving and transforming Endpoint Apps/DB Storage FS/CMS Network Partners Business Analytics Replica Outsourced Dev. Staging Disk Arrays Disk Arrays Disk Arrays Backup Disk Backup Tape Backup System Enterprise Applications Production Database Internal Employees Remote Employees WAN LAN WWW Endpoint Apps/DB Storage FS/CMS Network File Server File Server
3.
4. Sensitive Information Endpoint Apps/DB Storage FS/CMS Network Partners WAN LAN Business Analytics Enterprise Applications Outsourced Dev. Replica Staging Backup Disk Backup Tape Collaboration & Content Mgmt Systems File Server Disk Arrays Disk Arrays Disk Arrays Backup System Production Database Internal Employees Remote Employees WWW High Impact Medium Impact Low Impact Data stored on disk Tape backup App Data Replicated DB for DR, bulk analysis Data in transit over WAN Data sent/stored on public infrastructure IP shared with partner Transformed data on endpoints Removable and printed media Transformed data e-mailed Endpoint Apps/DB Storage FS/CMS Network Database Data File Server Transformed data on FS Data in CMS Transformed Data on eRoom or SharePoint sites
5.
6.
7. Data Security: Apply Policy Based on Drivers Classification Policy: Description of sensitive data Usage Policy: Appropriate handling in different contexts Policy Security Incidents Endpoint Apps/DB Storage FS/CMS Network IT Systems Revenue Growth Customer Retention Compliance Cost Reduction Business Continuity Sensitive Information Business Initiatives Discover and Monitor Report and Audit Enforce Medium Biz Impact Classification Low Biz Impact High Biz Impact
8. DLP Phases Policy Discover and Monitor Report and Audit Enforce Endpoint Apps/DB Storage FS/CMS Network Discover & Monitor Risk Advisor Services Data Loss Prevention Suite – Discover Modules Enforce Data Loss Prevention Suite – Enforcement Modules Encryption Suite EMC IRM Suite Report & Audit RSA enVision + DSS Audit Modules Discover and Classify Enforce Discover and Classify Discover and Monitor Report and Audit Enforce Policy & Strategy Assessment Services Security Architecture Services Security Program & Policy Development Services
9. DLP Product Suite Monitor Enforce Discover Enforce DLP Endpoint DLP Network Discover and Remediate E N T E R P R I S E M A N A G E R Discover and Remediate data at rest in the Datacenter Monitor sensitive data in motion as it leaves the Network Enforce sensitive data in motion as it leaves the Network Discover sensitive data at rest on corporate endpoints including laptops Enforce sensitive data in use on corporate endpoints including laptops DLP Datacenter