data security in a mobile world
DESCRIPTION
Data Security in a Mobile World. Emmitt Wells – Getronics. Hitting Close to Home. - PowerPoint PPT PresentationTRANSCRIPT
Data Security in a Mobile World
Emmitt Wells – Getronics
3
September 10-12, 2007 • Los Angeles Convention Center • Los Angeles, California
www.ITEXPO.com
Hitting Close to Home
If you think mobile security isn’t a real subject, just consider the possibility that there is someone out there right now with your name, email, phone number, and birth date and more stored on a digital device that was just left in a taxi cab – not a comforting thought.
4
September 10-12, 2007 • Los Angeles Convention Center • Los Angeles, California
www.ITEXPO.com
View of Endpoint Security…
http://www.jacobsen.no/anders/blog/archives/images/project.jpghttp://www.jacobsen.no/anders/blog/archives/images/project.jpg
5
September 10-12, 2007 • Los Angeles Convention Center • Los Angeles, California
www.ITEXPO.com
• All Sectors – SOX, Combined Code, Companies Bill, IAS– Privacy, Data Protection, Human Rights
• Finance Sector – Basel II, FSA, SEC Act 17a-3/4, NASD Rules 3010/3110
• Retail Sector – Payment Card Industry (PCI) Security Standard
• Health Sector – HIPAA
• Interception legislation – RIPA, European Data Retention Directive
• Local legislation with Global consequences – Californian Law SB 1386
Compliance Demands are Mounting
6
September 10-12, 2007 • Los Angeles Convention Center • Los Angeles, California
www.ITEXPO.com
Securing Data in Motion
7
September 10-12, 2007 • Los Angeles Convention Center • Los Angeles, California
www.ITEXPO.com
Ensuring Data Integrity
8
September 10-12, 2007 • Los Angeles Convention Center • Los Angeles, California
www.ITEXPO.com
Data Theft
9
September 10-12, 2007 • Los Angeles Convention Center • Los Angeles, California
www.ITEXPO.com
Policy
Establish
10
September 10-12, 2007 • Los Angeles Convention Center • Los Angeles, California
www.ITEXPO.com
Technology Available• Endpoint Products
– Anti-virus, anti-spam, Message Cleaning, HIDS for the desktop
• Controlling Access– Identity Management and
Authentication• External Protection
– Firewalls and NIDS• Data Protection
– Policy Enforcement Tools• Backup and Retrieval
– Secure Archival• Stolen Equipment
– Data low-jack
11
September 10-12, 2007 • Los Angeles Convention Center • Los Angeles, California
www.ITEXPO.com
What if I do nothing?
• “Gartner estimates cleanup costs for any data loss to be $90 per customer record when you calculate notification, legal expenses, and the damage done to a corporate brand."
= =+
12
September 10-12, 2007 • Los Angeles Convention Center • Los Angeles, California
www.ITEXPO.com
How do I convince my executives of the need?
DiscussTechnology
DiscussBusinessImpact
13
September 10-12, 2007 • Los Angeles Convention Center • Los Angeles, California
www.ITEXPO.com
Balanced Security
14
September 10-12, 2007 • Los Angeles Convention Center • Los Angeles, California
www.ITEXPO.com
• Policy – Define rules, promote best practices and minimize risks
• Technology – Enforce policies, detect violations of policy, and deliver evidence
of compliance with corporate policy and regulatory requirements • Education
– Equip employees to recognize potential sources of risk and to safeguard information and transactions in hostile environments
• Management– Setup reactive and proactive management to help measure how
your endpoints are performing against the policy you have established
Requirements for Mobile Endpoint Security
15
September 10-12, 2007 • Los Angeles Convention Center • Los Angeles, California
www.ITEXPO.com
Keep it Simple
"Aye sir, the more they over-tech "Aye sir, the more they over-tech the plumbing, the easier it is to the plumbing, the easier it is to stop up the drain." – Mr. Scot, stop up the drain." – Mr. Scot, Star Trek III: The Search For Star Trek III: The Search For SpockSpock
Thank you