1 ZIXCORP The Criticality of Security Dena Bauckman Director Product Management April 2015

2 YOUR BIGGEST SOURCE OF DATA LOSS

3 WE DON’T THINK TWICE BEFORE HITTING SEND o Learn from the Sony Hack −Executives were comfortable sending out this information −Perception vs Reality o It won’t happen to me mentality −Its like not getting car insurance because you are a good driver −Sending an is like sending a post card in the mail o Lack of Awareness −Man in the Middle Attacks o Sending Sensitive Information Unintentionally −“Should I be encrypting this?”

4 SECURITY TOOLS TO MITIGATE THE RISKS o Data Loss Prevention (DLP) o Encryption o Mobile Device Management (MDM) / Bring Your Own Device (BYOD) Security

5 DATA LOSS PREVENTION (DLP) FOR o Enhanced DLP allows organizations to: −Detect outbound s that violate corporate policies −Capture and analyze violations −Filter, search and report on violations −Quarantine sensitive s that contain sensitive information based on wide range of parameters

6 DLP VIEW OF SENSITIVE

7 AFTER DLP, THEN WHAT? o You now have the sensitive , but what do you do with it? o If authorized to be sent, encrypt it o But not all encryption is equal o Do not deploy Encryption to just:

8 A USABLE ENCRYPTION SOLUTION o Policy based encryption −Integrates with DLP to auto encrypt sensitive content o Transparent encryption −Auto encrypt to other organizations using the same solution/protocol with No logins/passwords needed −Automatic Key Management o Encrypted Delivery to “Non” encryption users −Anyone, anywhere and on any device

9 How can we connect with so many roadblocks?  Portals  Passwords  Secure attachments  Password resets  Extra steps WHY ARE WE ALL SPEAKING A DIFFERENT LANGUAGE?

10 An elegant solution is one that works without you even knowing it.  No portals  No passwords  No extra steps Shared Public Key Directory THE POWER OF ENCRYPTION TRANSPARENCY

11 WHAT ABOUT RECIPIENTS WHO DO NOT HAVE ENCRYPTION TECHOLOGY? o Secure messaging Portal −Registration to receive these encrypted s must be easy and non-invasive −Allow for the recipient to reply back encrypted AND to compose brand new s encrypted −Consider impact of delivery method on mobile devices

12 Typically, recipients are unable to open encrypted on mobile devices. The result:  User frustration  Interrupted workflow  Reduced productivity WHAT ABOUT DELIVERY OF ENCRYPTED ON MOBILE DEVICES?

13 ENCRYPTION SHOULD MANAGE MOBILITY EFFECTIVELY AND EFFICIENTLY o User should experience encrypted like any other on their mobile device. o Accessing encrypted mobile should be as easy as one click.

14

15 MOST POPULAR MOBILE BUSINESS APPS , CALENDAR AND CONTACTS 15 Source: BYOD and Mobile Security Report, 2014, Holger Schulze, Information Security Community on LinkedIn

16 MARKET RESPONSE TO BYOD o Survey results indicate: −45% of respondents report that within the previous 12 months, one or more employees lost a mobile device containing company data InformationWeek’s 2014 Mobile Security Report −3.1 Million smartphones were stolen in the USA during sixty per minute Consumer Reports’ Annual State of the Net survey, 2014 −72% of respondents say their top mobile security concern is data loss from lost or stolen devices InformationWeek’s 2014 Mobile Security Report

17 ADDING TO BYOD CHALLENGES 17

18 Manage access, not devices! TODAY’S APPROACHES ARE MISSING THE POINT MDM & CONTAINER VENDORS –Assume Data on the Device –Too Complex and Too Expensive –Too Invasive For Users –Too Difficult To Implement –Creates Corporate Liability Concerns –Overkill for , Contact and Calendar –Problem Getting Worse

19 WHAT THEY DON’T WANT IS:  Company monitoring their personal activities or restrict apps  Interruption of their calendar, contacts, phone and texting functions  Invasion or deletion (wiping) of their personal data USERS WANT EASE OF USE Brooklyn gives IT the security they need and. COMPANIES WANT SAFE DATA WHAT THEY DON’T WANT IS:  Corporate data distributed on hundreds of devices  Users resorting to personal or other insecure means of maintaining productivity THE STATE OF BYOD

20 BYOD DELIVERS THE BEST OF BOTH WORLDS Companies benefit from –Enhanced Data Protection –Productive employees and improved morale –Minimize Corporate Liability –One copy of corporate data –License by user, not device Employees benefit from –Convenience of using their own devices –Control of their devices and personal data –Protected privacy without employer access to personal data

21 ABOUT ZIXCORP o Founded in 1998 as an encryption company, now with DLP and BYOD security o 11,500+ active customers including: −Six divisions of the U.S. Treasury −All of the FFIEC U.S. federal financial regulators (incl. FDIC and OCC) −The U.S. Securities and Exchange Commission −24 U.S. state financial regulators −More than 2,000 U.S. financial institutions −25% of all banks in the U.S. −20% of all hospitals in the U.S. −32 Blue Cross Blue Shield organizations 21

To See How ZixCorp Provides DLP, Encryption, and BYOD Security come to our booth Thank you Dena Bauckman Director Product Management