1 ZIXCORP The Criticality of Security Kevin Cloutier Oct 2015
Founded in 1998 as an encryption company, now with DLP and BYOD security More than 11,500 active customers including : Six divisions of the U.S. Treasury All of the FFIEC U.S. federal financial regulators (incl. FDIC and OCC) The U.S. Securities and Exchange Commission 24 U.S. state financial regulators More than 2,000 U.S. financial institutions 25% of all banks in the U.S. 20% of all hospitals in the U.S. 32 Blue Cross Blue Shield organizations ABOUT ZIXCORP 2
YOUR BIGGEST SOURCE OF DATA LOSS
Your organization is sending PII out today – Analysis shows an average of 5% of outbound volumes include PII, NPI, PHI, SSNs, CCs, etc. – You need to know who sent, who received, what was sent, why it was sent, and how it was sent – Even one violation, depending on your industry, can cost you thousands of $$$$ and public data breach exposure Your organization has a mobility risk –Employees are using mobile phones to download –Data proliferation on mobile devices is a huge risk, even with an MDM solution in place KNOW YOUR
Data Loss Prevention (DLP) Encryption Mobile Device Management (MDM) / Bring Your Own Device (BYOD) Security Compliance Reporting SECURITY TOOLS TO MITIGATE THE RISKS
Enhanced DLP allows organizations to: o Detect outbound s that violate corporate policies o Capture and analyze violations o Filter, search and report on violations o Quarantine sensitive s that contain sensitive information based on wide range of parameters ENHANCED DLP 6
DLP VIEW OF SENSITIVE 7
You now have the sensitive , but what do you do with it? If authorized to be sent, encrypt it But not all encryption is equal Do not deploy Encryption to just: AFTER DLP, THEN WHAT?
Policy based encryption –Integrates with DLP to auto encrypt sensitive content Transparent encryption –Auto encrypt to other organizations using the same solution/protocol with no logins/passwords needed –Automatic Key Management Encrypted Delivery to “Non” encryption users –A system that delivers the encrypted to anyone regardless of what technology they have on receiving end Encrypted Delivery to Mobile Devices A USABLE ENCRYPTION SOLUTION
WHY ARE WE ALL SPEAKING A DIFFERENT LANGUAGE? How can we connect with so many roadblocks? Portals Passwords Secure attachments Password resets Extra steps
THE POWER OF ENCRYPTION TRANSPARENCY An elegant solution is one that works without you even knowing it. No portals No passwords No extra steps Shared Public Key Directory
WHAT ABOUT DELIVERY OF ENCRYPTED ON MOBILE DEVICES? Typically, recipients are unable to open encrypted on mobile devices. The result: User frustration Interrupted workflow Reduced productivity
ENCRYPTION SOLUTION SHOULD MANAGE MOBILITY EFFECTIVELY AND EFFICIENTLY Senders and receivers using the solution should experience encrypted like any other on their mobile device. Accessing encrypted mobile should be as easy as one click.
The still has to go, but how? S olution should auto recognize the recipient does not have technology in place but still delivers the encrypted via a secure messaging portal (pull) or via an encrypted HTML attachment (push) Registration to receive these encrypted s must be simple and non-invasive Allow for the recipient to reply back encrypted AND to compose brand new s encrypted Consider impact of delivery method on mobile devices WHAT ABOUT ENCRYPTED TO RECIPIENTS WHO DO NOT HAVE DECRYPTION TECHOLOGY?
15
MOST POPULAR MOBILE BUSINESS APPS , CALENDAR AND CONTACTS 16 Source: BYOD and Mobile Security Report, 2014, Holger Schulze, Information Security Community on LinkedIn
Survey results indicate 45% of respondents report that within the previous 12 months, one or more employees lost a mobile device containing company data InformationWeek’s 2014 Mobile Security Report 3.1 Million smartphones were stolen in the USA during sixty per minute Consumer Reports’ Annual State of the Net survey, % of respondents say their top mobile security concern is data loss from lost or stolen devices InformationWeek’s 2014 Mobile Security Report 17 MARKET RESPONSE TO BYOD
MOBILE DEVICE USERS’ FRUSTRATION 18
ADDING TO BYOD CHALLENGES 19
20 TYPICAL MDM SOLUTION S ARE RETAINED IN PERMANENT MEMORY Data Proliferation
TODAY’S APPROACHES ARE MISSING THE POINT MDM & CONTAINER VENDORS Assume Data on the Device Too Complex and Too Expensive Too Invasive For Users Too Difficult To Implement Creates Corporate Liability Concerns Overkill for Problem Getting Worse Manage access, not devices!
WHAT THEY DON’T WANT IS: Company monitoring their personal activities or restrict apps Interruption of their calendar, contacts, phone and texting functions Invasion or deletion (wiping) of their personal data USERS WANT EASE OF USE Brooklyn gives IT the security they need and. COMPANIES WANT SAFE DATA WHAT THEY DON’T WANT IS: Corporate data distributed on hundreds of devices Users resorting to personal or other insecure means of maintaining productivity THE STATE OF BYOD
BYOD SOLUTION Full functionality, but NO data on the device, so no need to manage the device 23 Data Proliferation
BYOD DELIVERS THE BEST OF BOTH WORLDS Companies benefit from Enhanced Data Protection Productive employees and improved morale Minimize Corporate Liability One copy of corporate data Compliance Reporting License by user, not device Employees benefit from Convenience of using their own devices Control of their devices and personal data Protected privacy without employer access to personal data
Who sent, Who Received, Top Domains, Delivery Method, Time Stamps, Subject, Policy – And Content! What sensitive data was sent! On Demand and Scheduled Reports Graphical and Detailed Drill downs Includes Reporting on all delivery methods – Including TLS Exportable to formats usable by you Allows you to know what was viewed on a mobile device and when it was viewed COMPLIANCE REPORTING
To See How ZixCorp Provides DLP, Encryption, and BYOD Security come to our booth or contact me Thank you Kevin Cloutier