Transcript Vontu Protect v3 Overview

IAPP 2004
Insider Leakage Threatens Privacy
CONFIDENTIAL
2
Typical Customer Data Leakage Scenario
Number of Employees
50,000
Average Number of Outbound Emails per Day
1
Percentage of Outbound Emails Containing Customer NPI
2
0.03%
Average Number of Customer Records Per Incident
3
19
Number of Customer Records Leaked Per Year
1
2, 3
14
969,474
Ferris Research
Based on Vontu Risk Assessment Data
CONFIDENTIAL
3
Cost of Customer Data Breach
Potential Cost of Incident(s)
Number of Customers Affected by Incident(s)
Percentage of Notified Customers That May Leave
50,000
31%
1
Estimated Notification & Remediation Cost per Customer 2
$75
Customer Acquisition Cost
$500
Total Potential Loss
1
2
$11,500,000
2004 Ponemon Institute Customer Trust Study
Including incentives (e.g. free credit report), notification, PR and customer support costs
Plus potential embarrassment, damage to company’s
brand, regulatory fines, and civil lawsuits.
CONFIDENTIAL
4
Vontu Protect
Data Firewall software to accurately
identify, report and help prevent
confidential customer and company
information leakage.
CONFIDENTIAL
5
Define policies to enforce:
• Customer data and compliance
• Employee data
• Intellectual property
• Acceptable use
• Customize for the environment
CONFIDENTIAL
6
Monitor outbound flow of information
• Support email, web, FTP, and IM
• Monitoring does not impact network performance
• Multiple monitors for all exit points
CONFIDENTIAL
7
Example Customer Data Incident
CONFIDENTIAL
8
Executive Summary Report
Top Policy Violations
Incidents with most matches
Policy Trends for a Period
Incident Status
CONFIDENTIAL
9
Secure Data Profiles Drive Accuracy
Heuristics are limited to
approximate guesses.
SDPs drive exact matches.
False positives:
not Social
Security
numbers
False positive:
not customer
Social Security
number
Usernames,
passwords,
customer
names can
only be
detected
with SDP
Known
customer
record fields
CONFIDENTIAL
10
Fortune 25 Bank Case Study
• Goal
– Executive “mandate” to monitor for customer data loss (RFP)
– Regulatory requirements (PATRIOT Act, CA SB1386)
– Enforce other “acceptable use” policies
• Configuration
– Real-time scan of SMTP, HTTP, IM, and FTP for customer NPI
– Geographically distributed system
• Results
–
–
–
–
Amount of leakage dramatically decreased
Monitoring over 10GB of email and web mail traffic in U.S. per day
Global rollout to monitor to over 150k employees worldwide
NPI incident detection and response process in place
CONFIDENTIAL
11
Challenges and Opportunities
•
•
•
•
•
•
Balancing employee privacy vs. consumer privacy
Complexity of incident remediation for insider issues
Confusing regulatory environment
Classifying and identifying confidential information
Consistent policies across all channels, not just email
Slow adoption of encryption and DRM technologies
CONFIDENTIAL
12
Michael Wolfe
[email protected]
(415) 227-8107