Download presentation
Presentation is loading. Please wait.
1
ZIXCORP The Criticality of Email Security Dena Bauckman
Director Product Management April 2015 1
2
YOUR BIGGEST SOURCE OF DATA LOSS
2
3
WE DON’T THINK TWICE BEFORE HITTING SEND
Learn from the Sony Hack Executives were comfortable sending out this information Perception vs Reality It won’t happen to me mentality Its like not getting car insurance because you are a good driver Sending an is like sending a post card in the mail Lack of Awareness Man in the Middle Attacks Sending Sensitive Information Unintentionally “Should I be encrypting this?” 3
4
Data Loss Prevention (DLP) Email Encryption
SECURITY TOOLS TO MITIGATE THE RISKS Data Loss Prevention (DLP) Encryption Mobile Device Management (MDM) / Bring Your Own Device (BYOD) Security 4
5
Data Loss prevention (DLP) for Email
Enhanced DLP allows organizations to: Detect outbound s that violate corporate policies Capture and analyze violations Filter, search and report on violations Quarantine sensitive s that contain sensitive information based on wide range of parameters
6
Email DLP View of Sensitive email
7
You now have the sensitive email, but what do you do with it?
AFTER DLP, THEN WHAT? You now have the sensitive , but what do you do with it? If authorized to be sent, encrypt it But not all encryption is equal Do not deploy Encryption to just: 7
8
Policy based email encryption
A USABLE ENCRYPTION SOLUTION Policy based encryption Integrates with DLP to auto encrypt sensitive content Transparent encryption Auto encrypt to other organizations using the same solution/protocol with No logins/passwords needed Automatic Key Management Encrypted Delivery to “Non” encryption users Anyone, anywhere and on any device 8
9
WHY ARE WE ALL SPEAKING A DIFFERENT LANGUAGE?
How can we connect with so many roadblocks? Portals Passwords Secure attachments Password resets Extra steps
10
Shared Public Key Directory
THE POWER OF ENCRYPTION TRANSPARENCY An elegant solution is one that works without you even knowing it. No portals No passwords No extra steps Shared Public Key Directory
11
WHAT ABOUT RECIPIENTS WHO DO NOT HAVE Encryption TECHOLOGY?
Secure messaging Portal Registration to receive these encrypted s must be easy and non-invasive Allow for the recipient to reply back encrypted AND to compose brand new s encrypted Consider impact of delivery method on mobile devices 11
12
WHAT ABOUT DELIVERY OF ENCRYPTED EMAIL ON MOBILE DEVICES?
Typically, recipients are unable to open encrypted on mobile devices. The result: User frustration Interrupted workflow Reduced productivity
13
EMAIL ENCRYPTION SHOULD MANAGE MOBILITY EFFECTIVELY AND EFFICIENTLY
User should experience encrypted like any other on their mobile device. Accessing encrypted mobile should be as easy as one click.
14
Good News. I am NOT going to describe to you what BYOD is
Good News! I am NOT going to describe to you what BYOD is. What I will confirm is that with the time we have together, I will be referring to employee owned devices rather than to corporate-owned, personally enabled – C.O.P.E. devices. Quick straw poll. Please may I ask those of us here who have at least one BYOD device to raise their hand. Thank you. [Comment] 14
15
Most Popular Mobile Business Apps Email, Calendar and contacts
As we all know, most employees work in your company buildings. They don’t go out to your customers. They don’t talk with industry analysts or investment funds. In fact, as you can see form this chart, 86% of employees really only need access to their s, their calendar and their contact list. So why would we pay to give everyone MDM if only 14% - sales teams and senior staff - need it. MDM may have sufficed in the past, however nowadays – especially in this less secure world - we need a multi-tiered strategy. Let’s talk security for a moment. Source: BYOD and Mobile Security Report, 2014, Holger Schulze, Information Security Community on LinkedIn 15
16
Market response to BYOD
Survey results indicate: 45% of respondents report that within the previous 12 months, one or more employees lost a mobile device containing company data InformationWeek’s 2014 Mobile Security Report 3.1 Million smartphones were stolen in the USA during sixty per minute Consumer Reports’ Annual State of the Net survey, 2014 72% of respondents say their top mobile security concern is data loss from lost or stolen devices As you can see from the slide, InformationWeek’s 2014 survey on Mobile Security found that in 45% of companies, one or more employees lost a mobile device containing company data within the previous 12 months. In fact 3.1 million smartphones were stolen in the USA in 2013 – possibly 5 million in with approximately half of them never being recovered despite “find my phone” type GPS location applications. So that’s why the top concern around BYOD is securing company data on mobile devices.
17
Adding to BYOD Challenges
These figures come from the Ponemon Institute The survey found that a large proportion of employees have disabled the auto-lock function – the time out function – on their tablets and smartphones. And that an incredible 93% anonymously admit to violating corporate policies designed to prevent data breaches. With a complex MDM solution, your employees are driven to circumvent the security hurdles. You see BYOD devices were never designed for corporate use. They are consumer products. They are specifically designed to share information between applications – to give the user a seamless experience. In implementing MDM solutions, the vendors are trying to undo this seamlessness. Trying to put up barriers in a device designed to have no barriers. And that introduces all kinds of complexities both for IT and for the users. 17
18
TODAY’S APPROACHES ARE MISSING THE POINT
MDM & CONTAINER VENDORS Assume Data on the Device Too Complex and Too Expensive Too Invasive For Users Too Difficult To Implement Creates Corporate Liability Concerns Overkill for , Contact and Calendar Problem Getting Worse Manage access, not devices!
19
Brooklyn gives IT the security they need and
The state of byod USERS WANT EASE OF USE WHAT THEY DON’T WANT IS: Company monitoring their personal activities or restrict apps Interruption of their calendar, contacts, phone and texting functions Invasion or deletion (wiping) of their personal data COMPANIES WANT SAFE DATA WHAT THEY DON’T WANT IS: Corporate data distributed on hundreds of devices Users resorting to personal or other insecure means of maintaining productivity Brooklyn gives IT the security they need and .
20
EMAIL BYOD DELIVERS THE BEST OF BOTH WORLDS Companies benefit from
Enhanced Data Protection Productive employees and improved morale Minimize Corporate Liability One copy of corporate data License by user, not device Employees benefit from Convenience of using their own devices Control of their devices and personal data Protected privacy without employer access to personal data
21
ABOUT ZIXCORP Founded in 1998 as an encryption company, now with DLP and BYOD security 11,500+ active customers including: Six divisions of the U.S. Treasury All of the FFIEC U.S. federal financial regulators (incl. FDIC and OCC) The U.S. Securities and Exchange Commission 24 U.S. state financial regulators More than 2,000 U.S. financial institutions 25% of all banks in the U.S. 20% of all hospitals in the U.S. 32 Blue Cross Blue Shield organizations 21
22
Provides Email DLP, Encryption, and BYOD Security come to our booth
To See How ZixCorp Provides DLP, Encryption, and BYOD Security come to our booth Thank you Dena Bauckman Director Product Management
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.