Scribd Logo
Upload

Welcome to Scribd!

  • Forcepoint - Data Protection Whiteboard

    Uploaded by

    Henrique Oliveira
    57 views11 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    57 views11 pages

    Forcepoint - Data Protection Whiteboard

    Uploaded by

    Henrique Oliveira

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 11

    Data Protection

    Whiteboard Session – FY19H2

    Erik Scoralick
    Sr. Sales Engineer

    Jason Kemmerer
    Sales Engineer
    Outline
    1. The 3 Pillars of Data Protection
    2. Pillar 1: Data
    3. Pillar 2: Channel
    4. Pillar 3: People
    5. Forcepoint Behavioral Analytics (Data Scenarios)
    6. Dynamic Data Protection (Risk Adaptive Protection)
    7. Everything together
    8. Forcepoint High Level Architecture

    © 2019 Forcepoint | 2
    The 3 Pillars of Data Protection

    Data Channel People


    IP Cloud HR

    Classifiers Network IT
    Data Label Endpoint Legal
    Compliance Storage Contractors

    © 2019 Forcepoint | 3
    Pillar 1: Data

    Data What type of Data? How do we detect and control it?


    Intellectual Property – Patents, Designs, Source Code, Customer Records, etc.
    IP
    Classifiers – Dictionaries, RegEx, Scripts, Machine Learning, Fingerprinting.
    Classifiers Data Labels – Confidential, Proprietary, Restricted, Public, etc.
    Data Label • Integrate with Microsoft Information Protection, Boldon James, Titus, Seclore

    Compliance Compliance – GDPR, PCI, HIPAA, SOX, etc.

    © 2019 Forcepoint | 4
    Pillar 2: Channel

    How is this applied? How do we manage and enforce it?


    Channel
    Cloud – Activity monitoring and data at rest scanning for O365, G-Suite, Salesforce, Dropbox, Box, and

    Cloud ServiceNow
    Network – Detecting data in motion via Email and Web HTTP/S (OCR support for data in motion
    Network
    channels)
    Endpoint Endpoint – Detecting data in motion via Removable Media, Printers, and Endpoint-based Web, Email,

    Storage and LAN. Data in use over IM, file sharing clients, and OS clipboard. Data at rest for endpoints.
    Storage – Discover, scan, and remediate data at rest for on-prem file servers, network storage,
    Sharepoint + Exchange servers.

    © 2019 Forcepoint | 5
    Pillar 3: People

    People
    Who does this impact? How do we educate and enable them?

    HR Human Resources – How do they interact with employee records on a daily basis?
    Information Technology – How does this affect users with privileged access?
    IT Legal – Are there privacy concerns around how this data is being used?
    Legal Contractors – Should contractors have the same restrictions applied as employees?

    Contractors

    © 2019 Forcepoint | 6
    Forcepoint Behavioral Analytics

    Forcepoint Behavioral Analytics


    DDP
    Malicious Compromised Illicit Negative
    Data
    User User Behavior Behavior
    Exfiltration

    Data Scenarios:
    Data Exfiltration – When users exhibit risky behaviors, such as stockpiling data to leak across different channels.
    Malicious User - Authorized internal users that deliberately abuse their trusted privileges to harm your company.
    Compromised User - Their accounts are taken over by a malicious outsider who then takes action to harm your company.
    Illicit Behavior - User places your company at risk through unlawful behavior, espionage, conflicts of interest, malpractice.
    Negative Behavior – User shows undesirable behavior, such as harassment, violence, obscenity, oversight evasion.

    © 2019 Forcepoint | 7
    Dynamic Data Protection
    Blocking the
    Business as Usual riskiest users

    Still non-blocking,
    but encrypting data

    Dynamic Data Protection has feeds from Forcepoint DLP in order to apply risk adaptive
    protection based on risk levels and user behaviors.
    • Endpoint Incidents: Endpoint Web, Endpoint Email, Endpoint Removable media, Endpoint printing,
    Endpoint applications, Endpoint LAN.
    • Endpoint Events: Web Activities (URL Visited), Email (Sent and Received), File copy to removable
    media and printing operations.

    © 2019 Forcepoint | 8
    Forcepoint Data Protection
    Endpoint Incidents:
    • Endpoint Web
    Data Channel People Action Plans based on
    Risk Levels
    • Endpoint Email 1 – Audit only without
    • Endpoint Removable IP Cloud HR Forensics
    media 2 – Audit only
    • Endpoint printing Classifiers Network IT 3 – Audit and Notify
    • Endpoint applications 4 – Encryption over
    Data Label Endpoint Legal email and USB
    • Endpoint LAN
    Compliance Contractors 5 – Block all
    Storage
    Endpoint Events:
    • Web Activities (URL
    Visited) DDP leverages the
    analytic capabilities
    • Email (Sent and Forcepoint Behavioral Analytics only to the Data
    Received) Exfiltration data
    • File copy to DDP
    scenario.
    removable media Malicious Compromised Illicit Negative
    Data
    • Printing User User Behavior Behavior FBA enables all data
    Exfiltration
    scenarios.

    © 2019 Forcepoint | 9
    © 2019 Forcepoint | 10
    © 2019 Forcepoint | 11

    You might also like