ntxissacsc3 - security at the point of storage by todd barton
TRANSCRIPT
@NTXISSA #NTXISSACSC3
Security at the Point of Storage
Todd Barton
Director of Solution Architects
DataGravity
October 3, 2015
@NTXISSA #NTXISSACSC3
Are you Data Aware? 3 Questions to ask
2
1. What do you know about your data?
2.Do you have sensitive information that requires compliance?
1. How does your current storage help you understand your data?
@NTXISSA #NTXISSACSC3 3
Today’s Challenge: More Data, More Problems
Your problem isn’t your
storage, it’s your data.
@NTXISSA #NTXISSACSC3
Where’s My Data?
4
@NTXISSA #NTXISSACSC3
What’s In My Data?
5
@NTXISSA #NTXISSACSC3NTX ISSA Cyber Security Conference – October 2-3, 2015 6
“We need to rethink the way data is managed”
Major trends in the market
• Incredible human generated data growth with no insight
• Increased flow of data in and out of corporations - High cost of securing
data
• The cloud is not universally adopted – People rethinking security of public
clouds
• Collapsing silos across primary, back-up and archive data – Lots of profit
in disaggregation
• Market demand for more intelligence from Infrastructure (Alerting,
Tracking, Autonomic) “Business Leverage”
@NTXISSA #NTXISSACSC3
Every Organization Stores Sensitive Data
What are your “crown jewels”
• Employee data
• Customer data
• Proprietary information
• Trade secrets
What are the consequences?
Where are you at risk?
@NTXISSA #NTXISSACSC3
Data Loss Is Inevitable
8
From Inside And OutAll Companies Face It
?
@NTXISSA #NTXISSACSC3 9
It Can and Will Happen to You
ALL companies are vulnerable
Percentage of Data
Breaches by Industry
Sector (2005-2014)
@NTXISSA #NTXISSACSC3 10
What Are the Consequences to Your Business?
• Failed Audits and Fines
• Expensive and Difficult Analysis
• Costly Efforts to Report and Notify
• Disruption and Lost Productivity
• Tarnished Brand and Reputation
• Lost Revenues and Lawsuits
• Competitiveness, Profits,
Jobs and Corporate Viability
@NTXISSA #NTXISSACSC3 11
Most Organizations Do Not Fully Understand Their Risks
WHAT data do you have?
WHERE is it?
WHO has access to it?
WHEN did they access it?
WHY are they accessing it?
Knowing what’s in your data &
how it is being used are essential
to assessing your risks
@NTXISSA #NTXISSACSC3 12
Understanding Risk
Risk Ignorance
“Never in all history have we harnessed such formidable technology. Every scientific advancement known to man has been incorporated into its design. The operational controls are sound and foolproof!”
E.J. Smith, Captain of the Titanic
Vision Needs to
Extend Beyond What
You Can See
Risk Awareness
@NTXISSA #NTXISSACSC3 13
Data Compliance is Resource Intensive
Policies
Training
Assessments
Monitoring
Remediation
Reporting
Two essential tenets
1
2
Find, protect and secure sensitive information and systemsensure information is available to the people who should have it, and protected from the people who should not
Provide audit/activity/forensics capabilities
@NTXISSA #NTXISSACSC3 14
Security begins at the point of storage
FIREWALL
APPLICATION
SERVER
NETWORK
DATA
STORAGE All infrastructure layers must be fortified
Authenticated access and firewalls are not enough
@NTXISSA #NTXISSACSC3
Best Way To Preempt Data Loss
15
Become Data Aware
@NTXISSA #NTXISSACSC3
Traditional Approach: Complex Software
16
• $$$$$$$$$$$$$$$• Delayed Discovery• Requires Dedicated
Resources• Storage & Network
Performance impact
A la carte
Can span across multiple storage systems
@NTXISSA #NTXISSACSC3
Modern Approach: Data-Aware Storage
17
Near real-time analytics
Can coexist with
existing storage
No impact on network
performance
Plug and play simplicity
Low cost of ownership
No dedicated resources
required
Is a primary storage array
18
@NTXISSA #NTXISSACSC3
DataGravity – The First Data-Aware Storage
State-of-the-art primary storage
Instant recovery and zero-impact
protection
Integrated discovery and
search
Enhanced data governance
Fully integrated platform - Consolidated management - No impact to production
• Content extraction from over 400
file types
• Unstructured data correlation
across people, time, activities
and content
• Search, navigate & discover
• Real-time, file-level,
user activity tracking,
even within VMs
• User access profiles
• Sensitive content and content
access identification
• File-level restores, even inside
VMs
• End user self-service discovery
and recovery
• Dynamic protection policies and
storage allocation
• Unified, flash-optimized, hybrid architecture
• All-inclusive software
• Inline storage optimization
@NTXISSA #NTXISSACSC3 20
How do you address the following….
Report on sensitive data found in share or VM – Who has had access?
Employee is leaving, need an audit trail and user forensics for what (s)he has seen
Any anomalous behavior (Mass deletions, copies, uploads)?
Recover from CryptoLocker attack
Define new content tags and intelligence profiles
Subscribe to content alerts
@NTXISSA #NTXISSACSC3 21
Apply Security Profiles to Sensitive Data
@NTXISSA #NTXISSACSC3 22
Who is
consuming the
most space?
Who are the
most active
users on the
array?
Is there
dormant data I
can move off
primary storage
or defensibly
delete?
How many really
large files are we
storing?
Do we have any
sensitive
information on the
file shares?
What type of data
are we storing?
How many videos
or audio files?
Has it changed
over time?
“Data About the Data” is Key to Security
@NTXISSA #NTXISSACSC3 23
File Forensics – Determine Risk Exposure
@NTXISSA #NTXISSACSC3 24
Track and Audit User Activity
@NTXISSA #NTXISSACSC3
Recovery from Ransomware
25
@NTXISSA #NTXISSACSC3
Our Customers Are Data-Aware
26
Government agency
found 600 files with
exposed PII
Compliance & Security
Risk
ManagementStorage
Efficiency
Disgruntled employee
copied files to Dropbox
before leaving
Government employee
stored Lego movies
on file share
Manufacturer
recovered from
CryptoLocker
without paying fine
Admin inadvertently
copied exec credit card
# into public share
Students stored
personal MP3s on
school servers
@NTXISSA #NTXISSACSC3 27
Data-Aware Storage Is Simple and Effective
@NTXISSA #NTXISSACSC328
@NTXISSA #NTXISSACSC3@NTXISSA #NTXISSACSC3
Thank you
The Collin College Engineering Department
Collin College Student Chapter of the North Texas ISSA
North Texas ISSA (Information Systems Security Association)
NTX ISSA Cyber Security Conference – October 2-3, 2015 29