TECH WORKSHOP

Advanced IT Security:

“Architecture and Solutions for Data in Motion”

Half day in-depth workshop by 4 USA subject matter experts ("SMEs")

- Data Loss Prevention ("DLP") -
- Outbound Content Monitoring & Filtering ("CM&F") -
- Managed File Transfer ("MFT") -

Learn how to monitor, protect, control and secure data in motion across email, web, HTTP, SSL, FTP,
file & document distribution, IM, webmail, blogs, and more.
 

SYNOPSIS:

Daily headlines about data breaches, either accidental or through malicious intent have become commonplace and the growth of online communications tools, personal and corporate, available to employees only create more challenges for security managers to handle.

"Oops...there went 600 customer credit card numbers” ... or our latest intellectual property.  It's easy to imagine - a sensitive document gets emailed to the wrong address; a customer list is forwarded to a competitor; an earnings forecast is sent to an investor.... and, the fact is, it's happening every day - we see the headlines and know the repercussions that a simple human error can have on business.

The average cost of a data breach now exceeds US$100 per record and over US$4 million per incident – with estimates placing 75% of the US$200 billion in measured annual security losses coming from within organizations due to unauthorized disclosure of proprietary business information and intellectual property.

The risks are large and the solutions seem complex and expensive, but it clearly doesn't have to be that way.

Businesses today must seek to protect customer information, and intellectual property, as well as address the growing regulatory compliance environment or risk incidents that can result in loss of revenue, financial penalties, and irreparable damage to a corporation’s image, brand, and customer loyalty.

Solution architects, security, risk, and compliance managers today need to understand, and be able to present, solutions for their organizations that mitigate these risks from internal breaches.

- - - -

This workshop will focus on information and data leakage prevention for data in motion specifically looking at solutions to help businesses prevent public relation disasters, avoid regulatory penalties, and guard against data privacy breaches.  In addition, the workshop will explore solutions for deploying email and file transfer encryption technology, track outbound data, outbound content monitoring and filtering, challenges of classifying corporate data, ways to automate policies by integrating content, context, and secure delivery, and most importantly how to set policies and best practices for DLP to help limit business risks and exposure.

According to IDC’s Security Survey, 2006, employee error is now the fourth largest security concern in the enterprise, behind malware, spyware and spam. In fact, the vast majority of accidental data leaks are by well-intentioned employees via email – and they are far more prevalent than malicious attacks.

Many others have confirmed this:   “74% of survey respondents said threats to corporate security are now coming from inside the organization”, IBM Security Survey 2006.

“Up to 70% of identity theft starts with the deliberate removal of personal data from a company by an employee”, Professor Judith Collins, Michigan State University.

“Human Error was responsible for nearly 60% of security breaches in 2005” 4th Annual CompTIA Study on Information security and the Workforce.

“70% of threats come from inside the organization” major analyst firm.

Every enterprise, whether private, public, or government, wants to keep intellectual property, confidential data, and sensitive information from leaking into the wrong hands.  Many content filtering solutions are extremely expensive and overly complex – and all they do is identify the problem, rather than automatically taking action quickly and easily, based on unique needs and policies.

Today IT security is faced not only with external attacks and hacks ... but now the bad guys get paid to steal data, and unintentional accidents happen by employees.  

With a combination of presentations, whiteboard discussions, and practical demonstrations, each section will focus on the technical, architectural, and “hands-on” aspects of each pragmatic solution to illustrate typical implementation and best practices for managing corporate policy.  These sessions will also explore potential implementations that meet business requirements today, and in the future.

WHO SHOULD ATTEND:

CTO/CSO, IT Infrastructure Mgr/Team/Architects, IT Security Mgr/Team/Architects, e-Commerce Mgr/Team/Architects, IT Risk Mgr & Auditors, Network Mgr/Team, IT Ops Mgr/Team, IT Consultants.

AGENDA & TOPICS:

8.00am Registration & coffee
8.30am "What is DLP" by Denis Brotzel, VP, Code Green, USA:
             Quick outline of what is happening, and why, in the DLP space, and relevances of SMEs topics below

8.40am - Section #1 - "Email DLP and outbound email CM&F”
by (TBA) email security specialist, Tumbleweed, CA, USA

  1. End to end DLP for email:
      1.1 What is DLP for email
      1.2 Outbound email CM&F
      1.3 Filtering information types (eg. credit card numbers)
      1.4 Lexicons, word weighting, and offensive words
      1.5 Attachment content scanning, binary and nested files
      1.6 Enforcement of multiple policy actions

  2. Integrating with encryption:
      2.1 Enforcing with encryption for confidential info
      2.2 Encryption options and end point leakages (eg. at the email client)

  3. Enterprise Architecture:
      3.1 Where this sits in the SMTP stream and  1-tier vs 2-tier vs 3-tier design
      3.2 Integrating with other DLP, security, and infrastructure solutions
      3.3 Additional modules
      3.4 Best practices

  4. Message tracking, reporting, searching and auditing

  5. Deploying a solution: Walk thru of practical examples of implementation using Tumbleweed MailGate Managed Appliance

9.30am - Section #2 - "Data Leakage – Enterprise wide DLP”
by Mark Menke, Senior SE, Code Green, CA, USA: 

  1. Data Loss Prevention Protection:
      1.1 What is the risk and what are the current systems in place to detect or prevent this

  2. Enterprise Architecture:
      2.1 Where can data leak from the organization:
            2.1.1 SMTP, Webmail, Instant Messaging, Blogs, FTP
            2.1.2 Desktops (USB, CD-R, DVD-R, Smartphone)
      2.2 What are the key detection and enforcement points:
            2.2.1 Network monitoring
            2.2.2 SMTP integration
            2.2.3 ICAP integration
            2.2.4 Desktop agents
      2.3 How can we detect confidential information:
            2.3.1 Pattern match
            2.3.2 Exact file match
            2.3.3 Deep content fingerprinting (unstructured eg. graphics, documents)
            2.3.4 Data element fingerprinting (structured eg. databases)

3. Deploying a solution – walk through some practical scenarios using Code Green:
      3.1 Register a pattern match “for internal use only”:
           Tutorial example: Monitor an email containing a spreadsheet with this tag
      3.2 Register unstructured data:
           Tutorial example: Block a web posting that contains information
      3.3 Register structured data (customer records)
           Tutorial example: Block a webmail that contains customer information
      3.4 Add an exception to encrypt customer records:
           Tutorial example: Send an email to a partner using Tumbleweed’s encryption
      3.5 Review of flexible policy constraints and exceptions
      3.6 Configure a desktop policy and deploy the agent      

10.20am Coffee & muffin break

10.40am - Section #3 - "External Document Security, Tracking & Protection”
by Kevin Schick, COO/CTO, Vincera, TX, USA  (Prev with Commerce One, and Gartner USA):

  1. Managing the un-managed network for data in motion:
      Tracking & controlling distribution of PDF documents internally & externally

  2. Persistent rights management:
      Limiting documentation circulation, usage, expiry, etc

  3. Forensic enablement:
      Fingerprinting and watermarking documents

  4. Distributed DLP:
      Tracking document leaks (eg. within government, or sensitive commercial environments)

  5. Enterprise Architecture:
      How to architect document security when today’s Enterprise has no boundaries

  6. Deploying a solution:  Walk thru of practical examples of implementation using Vincera

11.30am Coffee and/or stretch

11.40am - Section #4 - "Managed File Transfer – Adv FTP”
by Todd MacDonald, CTO/CSO, Information Gateways (prev. with Tumbleweed, CA, USA):

  1. Justifying transition from FTP to Managed File Transfer (MFT)

  2. Enterprise Architecture:
      2.1 Multi-tiers & security
      2.2 Server initiated transfers
      2.3 Proxied connections
      2.4 Advanced file routing, and folder monitoring
      2.5 Integration to backend IT process automation
      2.6 Design for application independent architecture
      2.7 MFT with Web Services / SOA

  3. Deployment and implementation:
      3.1 Using centralizing management, control, monitoring and auditing for IT Ops staff
      3.2 Delegated administration, application subscriptions
      3.3 Guaranteed delivery, audit trails, MD5 integrity checks
      3.4 Certificate based user authentication
      3.5 Implementation and deployment of server initiated transfers

  4. Advanced practical examples of implementation using Tumbleweed Secure Transport 

FINISH at 1pm

STUDENT CERTIFICATES:

Attendees will receive a workshop certificate upon completion of some simple practical exercises subsequent to the workshop.

PRICE:  Your organization may attend FREE (Normally A$500 p.p)

CANCELLATIONS:  24 hours prior no charge

ENQUIRIES:  Please phone Melissa on Sydney +61 2 9496 9496