Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Requires credit card information to be securely sent and stored

advertisement 
Clearswift Overview
Rise of new collaboration tools
grow businesses
At T-Mobile we make use of Facebook, for example, to aid our graduate
recruitment process. As an organization, we need to ensure that as such
technologies develop we fully understand the potential and the impact on
our business
Head of HR Operations, T-Mobile
“
“
There is no doubt that the emergence of Web 2.0 technologies… is
changing the way that all organizations do business….
Creates new risks and
business impacts
Malware and hygiene
Data leakage
Compliance risks
Employee productivity
What if you could embrace
collaboration and…




Stay in control of intellectual property and customer sensitive data?
Stop dangerous security threats and malware?
Monitor and log communications for compliance and productivity?
Reduce the cost of securing collaboration?
With Clearswift you can
collaborate more
•
•
•
•
•
With Clearswift’s MIMEsweeper we can configure flexible and tailor-made policies
that fit our company. I don't know any other product that can do the same with such
little effort."
“
“
Less costs – hardware, licensing, resources and support
Less risks
Fewer products to manage
Less time in training
Less time on the phone with support
About Clearswift





We’re different because we start by understanding content
20+ years helping companies collaborate confidently
Trusted by over 17,000 organizations
Used by 40% of the Global Fortune 500
97% of customers would recommend us to a peer
Clearswift Email & Web Appliance
Designed for the job
• Secure and resilient platform
– optimized OS tuned for high throughput
performance
– hardened Linux kernel
– Builtin Kaspersky AV
• Easy installation and deployment
– 7-step ‘Getting Started’ deployment & installation
guide
– pre-loaded and configured ‘default’ policy
• Easy to use & manage
– 100% web user interface
– simple to use policy model
– Automation to reduce admin effort
Deployment platforms
1)
HW Appliance
2)
SW Appliance
3)
Virtual Appliance y HyperV
•
Customers can re-use existing hardware to save buying a new devices
•
Customer can virtualize all or part of their solution
•
Customers can mix and match deployments to suit them
Key features – common policy console:
mail & web
• Easily create, change and enforce policies across e-mail and web
• Automatically updates policy to any ‘peered’ appliances
– up to 9 Email and 9 Web (18 in total)
• Simplifies policy enforcement at remote appliance locations
World class spam detection
• TRUSTmanager
– global reputation network
– Rejects 70-80% of all traffic before it
reaches your gateway
• SpamLogic
– delivers in total 99.6% accuracy rate
– comprehensive arsenal of defences
Easy to understand email policy
• Build rules appropriate to the direction of email
Superior web security without
compromise
MIMEsweeper content engine
– True binary signature file identification
– Recursive decomposition
– Lexical analysis/templates
– Granular policy based on user
– Comprehensive data leakage controls
URL filtering from the leading vendor
– 40 categories more than 18 million web sites
– Important component for policy and reporting
Anti-virus from Kaspersky
– Viruses, worms, Trojans and malicious code
Anti-spyware from Sunbelt Software
– Signature based detection and
prevention
– Spyware “call home” prevention
– Tracking Cookie detection/removal
Data leakage templates
• Predefined regular expressions for PII
(Personally Identifiable Information)
and PCl (Personal Credit Information)
– National insurance number
– Credit card numbers
– Social security number
•
Benefits
– Easy to use (simply add to route)
– No configuration errors
Time based policy
In the example for the ‘Everyone to Shopping’ route shown previously
– The green area defines when access to this route is allowed
– The White area defines when it is blocked
– The orange area defines a period with 60 minutes browse time quota
– On Saturday the Blue are defines a period with 30 minutes time quota
Interactive graphical reporting
High-level analysis reports
Investigative reports
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Top N blocked sites
Top N blocked users
Top Users by # Request
Top Users by Bandwidth
Top Internet Sites by # Request
Top Internet Sites by Bandwidth
Top Categories by # Request
Top Categories by Bandwidth
Top Sites for a Category by # Requests
Top Sites for a Category by Bandwidth
Top N blocked sites
Top N blocked machines
Top machines by number of requests
Machines visiting particular site
Report options
•
•
•
Scheduled Reports
Export Reports (PDF, CSV, email)
Interactive drill downs for more detail
Interactive drill down
Personalized user feedback
Block Pages
– policy violations
Progress Pages
– informative feedback when
downloading large files
HTTP error Pages
– reason why a request can not
be delivered
Administrators and power users may
also receive the following
notifications
– Email alerts to administrator
– Email scheduled reports
– Email Infected Machine
Digests
Acceptable use policy page
• Configurable ‘Acceptable Internet Usage Policy’ page
• On or off setting
• When ‘on’ may be set to display at browser startup or every ##
hours
Fully conjoined
policy updating
• Bi-directional Common Policy Console
• Policy changes replicated between peered Web and Email
appliances
• Up to 18 appliances (9 Web + 9 Email) in any one peer group
cluster
Policy
Web Appliance
Email Appliance
HTTPS content scanning
and analysis
•
•
•
•
Cost option
Full content scanning of HTTPS/SSL encrypted data
Detects any malware or data leakage in encrypted traffic
Flexible deployment i.e., create specific routes NOT to be scanned,
e.g., “Financial”
• Also provides policy based certificate checking for added protection
CONTENTSafe Appliance
Data leakage - the stealth
threat to business
The penalties can be significant
In 2006 the United States Veteran’s
Administration lost the names and social
security numbers of 27 million living exsoldiers stored on an employee’s laptop
computer stolen from a home office. This
resulted in huge penalty costs and
reputation damage for the VA and the US
federal government
Source: www.usa.gov/veteransinfo/#FAQs
Cost isn’t be measured in dollars
alone
In December 2006 retailer TJX announced
that information from 45 million credit
and debit cards from transactions in 2003
was stolen by hackers from its computer
systems. The company couldn’t
determine the extent of the breach or
what customer information may have
been compromised, nor could it quantify
the financial impact of the breach. One
credit union sent The TJX Companies an
invoice for $590,000 to cover the
monetary costs and reputational damage
that the financial institution says it
incurred as a result of the data breach.
Sources:
www.computerworld.com/action/article.do?com
mand=viewArticleBasic&articleId=295516&sour
ce=rss_topic82
Compliance legislation
Sarbanes-Oxley
SEC rules
•
•
Safeguards on public accounting firms that
audit public companies
Gramm-Leach-Bliley Act (GLBA)
•
Rules for privacy and security of customer
information
•
•
Payment Card Industry (PCI)
•
Requires credit card information to be
securely sent and stored
Payment Card Industry (PCI)
•
Requires credit card information to be
securely sent and stored
EU Data Protection Directive
•
Sets standards for protecting personal data
within the European Union
FSA
•
Wide range of rule-making, investigatory and
enforcement powers in order to meet four
statutory objectives; market confidence,
public awareness, consumer protection and
the reduction of financial crime.
Record retention of trader-broker
communication for 3 years
Records stored in unalterable format,
serialized and indexed for easy retrieval
Brokerages must duplicate messages
and associated indexes
NASD rules
•
•
Enforce policy correspondence for
codes of conduct
Identify correspondence to be reviewed
and record supervisory activity
Health Insurance Portability and
Accountability Act (HIPAA)
•
•
Protect patient healthcare information to
ensure privacy and confidentiality when
electronically stored, maintained, or
transmitted
Penalties of up to $250,000 in fines and
jail time of up to 10 years.
81% of companies surveyed admit to data
breaches occurring over previous 12 months
39% involve confidential business information
27% involve personal information about
customers
14% involve intellectual property (including
software source code)
10% involve personal information about
employees
Source: Ponemon Institute
Source: www.breachblog.com
What is the scale of the
problem?
University Health Care (2)
University of Akron (2)
University of Arizona (1)
University of California (3)
University of Cincinnati (1)
University of Colorado (1)
Providence
Alaska
Medical
Center (1)
(1)
Capital
Downingtown
IKON
Memorial
State
1st Source
of
Office
Health
Tennessee
Hospital
Solutions
Area
(2)(1)
(1)
School
(1)
University
ofBank
Florida
(3)(1) District
Prudential
plc
(1)
Caremark
Dudley
Illinois
Memorial
State
A.J. Falciani
ofEye
Group
Utah
University
(1)
Center
Realty
(2)
of Hospitals
(1)(1)(1) (2)
University
of
Georgia
Purdue
Pharma
(1)
Carmel
Duke
Illinois
Merrill
State
ABC
Phones
School
of
Lynch
Tools
Unified
Virginia
Works
(1)
of
(1)
School
Law
(1)
(1)
(1)District
University of Glamorgan
(1) (1)
Purdue
University
(1)
Carnegie
Duke
Indiana
Microsoft
State
ABN Amro
University
of State
West
(1)
Mellon
University
Virginia
(2)
University
(1)(1) (1)
University
ofMortgage
Illinois
(1)(1)
Queen
Mary's
Sidcup
Hospital
Cascade
E.On
Indiana
Middle
State
Academy
(1)
of
Tennessee
University-Purdue
Wisconsin
Healthcare
Hearing
State
Centres
(2)
Community
University
(1) (1)(1)(1)Fort
University of Iowa (2) University
Queens
University
of
Charlotte
Castlecroft
East
Wayne
Milwaukee
State
ACAPTennessee
Street
Security
(1) ofCounty
Medical
Corporation
(1)
State
(2)
Practice
(1) (1)(1)(1)
University
Kansas
(1)University
Quest
Diagnostics
(1)
Catalina
Eastern
Indianapolis
MLSGear.com
State
Administaff
University
Connecticut
Conservancy
Power
(1)
College
and
State
Divers
Light
at University
Brockport
(1)
(1)
University
of(1)
Maryland
(1)
R.E.
Moulton
(1)
Catholic
Eastern
Insecure
Modesto
State
Administrative
University
Sales
Healthcare
Discard
City
Schools
and
Systems
of
(37)
New
Marketing
West
(1)
York
Inc
(1)
(1)
(1)
(NE)
(1)
University of Massachusetts (1)
Recovery
(1)
CBIZ
Eastern
InterActive
Monroe
Staten
AdobeBenefits
Island
Systems
Community
School
University
and
District
(1)Insurance
College
Marketing
(1)
Hospital
(1)
(1)Group
(1) (1)
University
ofFinancial
Miami
(1)
Rent-a-Center
(1)
Centocor
Ebay
Interbank
Monroe
Stedman's
Advance
(1)
County
Auto
(1)
FX
(1)
(1)
Parts
(1)
(1)
University of Michigan (1)
Rentway
(1)
Central
Edgewood
Internal
Montana
Stock
Advanced
and
Bank
Revenue
State
Options
Medical
Independent
ofUniversity
the
Service
Solutions
Partners
UAEPhysicians
School
(1)
(2)
(1)(1)
(1) District
University
of
Minnesota
(1) (1)
Republic
of
Korea
(1)
Central
Edmonton
International
Montgomery
Stockport
AffiliatedCollection
Computer
Primary
Catholic
Brokerage
WardBureau
Care
(1)
School
Services
Dallas
(1)
District
(1)
(1)
(1) (1)
University
of
Nevada
(1)Trust
Robotic
Industries
Association
(1)
Central
EDS
International
Monthly
Stokes
Affordable
Corporation
County
Connecticut
(1)
Realty
Market
Schools
(1)
(1)
State
Place
(1)
University
(1)
(1)
University of New Hampshire (1)
Roman
Catholic
Diocese
of
Providence
Central
Electronic
Intrusion
Moore
Stolen
AgilentComputer
Stephens
Technologies
Piedmont
(20)
Data
Systems
Consulting
(32)
Community
(1) (2) at
(1)College
(1)(1)
University
of
North
Carolina
Charlotte
(1)
Roses
Only
(1)
Charter
Elliot
Invision
Moraine
Stolen
Alaska
Health
Device
Air
Communications
HR
Park
Group
Staffing
System
Technical
(18)
(1)
Group
(1)
College
(1)
(1)
(1)
University of South Carolina (2)
Royal
Bank
ofTexas
Scotland
Chilean
Emotive
Iowa
MTV
Stolen
Alliance
State
Networks
Documents
Government
Boots
(1)ofUniversity
(1) (3)
(1)
(1)(1) (2)
University
System
Royal
Bolton
Hospital
Chipotle
Employee
Iron
National
Stolen
AlliedMountain
Irish
Laptop
Mexican
Guard
Fraud
Bank
(2)
(105)
Bureau
(1)
(21)
Grill
(1)
(1)
University
of
Toledo
(2)(1)
Royal
Perth
Hospital
(1)
Chrysler
Employee
Isle
National
Stolen
Altman
of
Wight
Tape
Weil
Heart
Corporation
Mistake
(6)
(1)
NHS
Lung
PCT
(56)
and
(1)
(1)
University of Utah (2) Blood Institute (1)
Russells
Hall
Hospital
(1) (1)
Chrysler
Employee
IVAX
National
Stryker
American
(1)Corporation
Institutes
Financial
Airlines
Theft
(2)(1)
of
(1)(1)
Health
University
of
Virginia
(1)
S
and
Famous
Brands
Citibank
Fallon
J.
Nationwide
SunGard
American
LohrKCommunity
Vineyards
Student
Higher
Express
Education
Loan
(1)
Health
(1)
Society
Corporation
Plan
(1)
(1)(1) (1)
University
ofBuilding
Wisconsin
(1)(1)
S
and
K
Menswear
(1)
Citizens
Family
J.C.
NatWest
Super
Americhoice
Penney
8Video
Advice
Worldwide
(1)
(1)
(1)(1) (1)
Unknown
(3) (1)
Saks
Incorporated
(1) (1)
Citizens
Ferris
Jobs.ie
Naval
Sweetbay
Anheuser-Busch
State
Surface
forSupermarket
Responsible
University
Warfare
Companies
Center
(1)
Government
(1)
Dahlgren (1)
update
(1)
Salem
Associates
(1)
Network
Fidelity
Johns
Nestle
Swimwear
Antioch
Hopkins
Waters
Investments
University
(1)
Boutique
North
Hospital
(1)
(1)
America
(1)
(1)
USinternetworking Inc. (3)
SalesForce.com
(2)
City
Fidelity
Johnson
Nevada
Sydney
Aon of
Consulting
Columbus
National
West
Department
andLLC
Johnson
Area
(1)
Information
(1)
Health
of(2)
Public
Service
Services
Safety
(1)(1)
(1)
UT-Battelle
(1)
Salt
Lake
Community
College
(1)
City
First
Joliet
Nevada
Systematic
Applera
of
Calgary
Township
Gary
State
Corporation
Automation
(1)
Savings
Democratic
High
(1)
Schools
(1)
Inc
Party
(6)
(1)
(1)
UTUIA (1)
Sandown
Health
Centre
(1) (1)(1)
City
First
Kansas
New
T.
Arapahoe
Rowe
of
Magnus
England
Minneola
State
Price
Community
Financial
University
School
(1)(FL)
ofCollege
(1)
Law
(1)
VA
Medical
Center
(2)(1)
Scarborough
& Tweed
(1) District
City
Foreign
Keller
New
Target
Archive
ofMexico
Independent
Corporation
San
and
America
Francisco
Commonwealth
State
(1)University
(1)
School
(1)
Office
(1) (1)
(1)
Verified
Identity
Pass
(1)
Schering
Plough
(1)
City
Franklin
Kellogg
New
TD
ARCO
Ameritrade
of
South
Yuma
(1)
Community
University
Wales
(1)
(1)
Government
(1)
Federal
Credit
(1)
Union
Verisign (1)
SearsHomeCenter.com
(1)(1)
City
Fresno
(1)
New
TD
Arizona
Bank
University
York
County
Board
Financial
University
of
(1)(1)
New
Regents
Group
(1)York
(1)
(1)
Verizon
Wireless
SearsRoomForKids.com
(1)
Clovis
Front
KimsCrafts
NHS
TD
Arizona
Canada
Trust
Range
Unified
State
(12)
(1)
Trust
Mortgage
School
University
(1)
District
(1)
(1)
(1)
Vertical Web Media (1)
SearsShowPlace.com
(1)
CNET
Full
King
NHTI
Tel
Art.com
Sell
Spectrum
County
(1)
Networks
(1)
(1) (1)
Transportation
Lending
(1) (1) Department (1)
VFS
Global
Select Medical Corporation (1)
DLP solutions:
Costly and Complex?
ROI investing in DLP
30
25
20
Sec. Level
• A total DLP solution need to install
a DLP agent in endpoints, servers
and in the Gateway
• Installing agents in the PC and
notebooks is costly, intrusive and
requires the training of the users
and a heavy previous consultancy
• But… is it really required?
According with the last reports most
of the data leaks happends through
the gateway.
• A DLP solution deployed in the
gateway is protecting against more
than 60-70% of the data leaks but it
has a cost several times lower than
an endpoint DLP solution.
15
Sec
10
5
0
0
1
2
3
4
5
6
$
7
8
9
10
11
12
Where and what information is
lost?
What types of Data Leak?
Where’s the Data Leaked?

2 in 3 losses (>66%)
via Email or Web




Source: Ponemon Institute based upon publicly reported leaks
Introduction - Clearswift Data
Loss Prevention (DLP) today
……………………………………………………......….……………….………………………………………………………..………………..
……………………………………………………......….……………….………………………………………………………..………………..
Clearswift already offers Multiple protocols || Common policy and management || Bi-directional protection || DLP & Boundary hygiene
……………………………………………………......….……………….………………………………………………………..………………..
……………………………………………………......….……………….………………………………………………………..………………..
……………………………………………………......….……………….………………………………………………………..………………..
……………………………………………………......….……………….………………………………………………………..………………..
MIMEsweeper DLP includes:
•
•
•
•
•
•
Enhanced deep content inspection
True file/data type recognition
Lexical analysis
Managed & User defined lists for HIPAA,
SOX, SEC, Stock Trading
Profanity, harassment, paedophilia control
Image control
•
•
•
•
•
•
Templates to detect PII and PCI data
Lexical expressions and scripts
IPR protection
Whole document checksum controls (SMTP)
Sender, recipient, direction, size, file-type
And more….
……………………………………………………......….……………….………………………………………………………..………………..
……………………………………………………......….……………….………………………………………………………..………………..
What is Clearswift
CONTENTsafe™?
•
•
•
•
•
An extension to MIMEsweeper’s data
loss prevention capabilities
Designed to allow ‘line of business’ staff
to easily identify and protect their highly
confidential information
Providing a central repository for
protected document checksums
With the checksums used to deliver
policy driven security control over
documented information and all of its
constituent parts
Integrates with any MIMEsweeper e-mail
or web* gateway security solution
* MIMEsweeper Web & Email appliances by mid-2009
What additional data loss
capabilities does
CONTENTsafe™ provide?
• Universal identification of sensitive content
• Protocol agnostic content detection
• Mapping of individual user network locations for sensitive
information
• Creation of checksums with a guaranteed 150 character match rate
• Automatic scanning of file & document locations for new documents
& changes to existing documents
• Document protection expiry rules & dates
• Granular roles based user access & user delegation
• Multi-language and multi-byte character support
• White-listing to minimize false positives
How does CONTENTsafe™
work?
User
Mail / Web Appliance
101101
001001
101110
Data Creator
101101
001001
101110
Match
Status
CONTENTSafe Appliance
What file types are protected by
CONTENTsafe™?
• Uses MIMEsweeper deep content inspection so can extract
documents from zip, tar, TNEF etc.
• Able to checksum/fingerprint content from:
– CDA, HTML, Ichitaro, MS Excel, Outlook file attachment, MS
PowerPoint, MS Project, MS Word, Open document text, Open
document spreadsheet, Open document presentation, Open
document formula, Open document drawing, Open document
master, PDF, PEM message if not encrypted, PGP message if
not encrypted, RTF encoded HTML, text, XML, Script
What is the performance of
CONTENTsafe?
• A single CONTENTsafe appliance is designed to protect up to
500,000 documents
• A single CONTENTsafe appliance is able to process 1 million email queries per day with negligible impact on e-mail throughput
• The average time to check a message from SMTP is less than
50ms + any network latency
* These results were obtained via simulation as part of the ongoing development testing
How is CONTENTsafe™
available?
Hardened 64bit Linux appliance
500,000 document capacity
Individual user areas
Document registration via:
• Network locations,
• Uploaded documents
• Pasting text fragments
• Whole document detection
• Document extract detection
• Document extract white-listing
Violation alerting
Global & User
Management/Auditing/Reporting
Business roles administration
Clearswift Overview
Questions?
Related documents
energy performance certification testing of appliances and
energy performance certification testing of appliances and
FUNCTIONAL APPLIANCES
FUNCTIONAL APPLIANCES
Hazardous Materials: Awareness and Operations
Hazardous Materials: Awareness and Operations
Essay
Essay
Buy energy-efficient home appliances
Buy energy-efficient home appliances
Advanced Computing Security
Advanced Computing Security
Letter of medical necessity
Letter of medical necessity
Activity 2.5.4 Green Problems
Activity 2.5.4 Green Problems
Product Information Bulletin
Product Information Bulletin
Download
advertisement