Presentation is loading. Please wait.

Presentation is loading. Please wait.

“ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “

Published byShawn McGee Modified over 9 years ago

Similar presentations

Presentation on theme: "“ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “"— Presentation transcript:

1

2

3 “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “

4 Data Loss Prevention in Exchange Helps to identify monitor protect sensitive data through deep content analysis Identify Protect Monitor End user education

5

6 Policy distribution Contextual policy education DLP policy configuration Backend policy evaluation Audit & incident data generation Admin Information workers DLP system walkthrough

7 Integrated into Exchange Transport Rule (ETR) engine Runs in categorizer during OnResolvedMessage Integrated as a new ETR predicate Performs text extraction for body & attachments followed by classification Can be combined with any existing predicates & actions Text extraction Transport rule agent Classification

8 DLP Policy Enforcement Flexible tools for policy enforcement that provide the right level of control Transport Rules Rights Management Data Loss Prevention ALERT CLASSIFY ENCRYPT APPENDOVERRIDE REVIEW REDIRECT BLOCK

9 Built-in templates based on common regulations Import DLP policy templates from partners Build your own

10

11 Predefined rules targeted at sensitive data types Advanced content detection Combination of regular expressions, dictionaries, and internal functions (e.g. validate checksum on credit card numbers) Extensibility for customer and ISV defined data types

12 CountryPIIFinancialHealth US US State Security Breach Laws, US State Social Security Laws, COPPA GLBA & PCI-DSS (Credit, Debit Card, Checking and Savings, ABA, Swift Code) Limited Investment: US HIPPA, UK Health Service, Canada Health Insurance card Rely on Partners and ISVs Germany EU data protection, Drivers License, Passport National Id EU Credit, Debit Card, IBAN, VAT, BIC, Swift Code UK Data Protection Act, UK National Insurance, Tax Id, UK Driver License, Passport EU Credit, Debit Card, IBAN, BIC, VAT, Swift Code Canada PIPED Act, Social Insurance, Drivers License Credit Card, Swift Code France EU data protection, Data Protection Act, National Id (INSEE), Drivers License, Passport EU Credit, Debit Card, IBAN, BIC, VAT, Swift Code Japan PIPA, Resident Registration, Social Insurance, Passport, Driving License Credit Card, Bank Account, Swift Code Australia Drivers License, Passport, Social InsuranceCredit Card, Bank Account, Swift Code

13 Examples: Joseph F. Foster Visa: 4485 3647 3952 7352 Expires: 2/2015 Get Content 4485 3647 3952 7352  a 16 digit number is detected RegEx Analysis 1.4485 3647 3952 7352  matches checksum 2.1234 1234 1234 1234  does NOT match Function Analysis 1.Keyword Visa is near the number 2.A regular expression for date (2/2015) is near the number Additional Evidence 1.There is a regular expression that matches a check sum 2.Additional evidence increases confidence Verdict

14

15 Fabrikam Patent Form Tracking Number Author Date Invention Title Names of all authors... Get Template Content 1.Condensed representation of the template content 2.Document is not stored 3.Stored as a sensitive information type Create Fingerprint Fabrikam Patent Form Tracking Number 12345 Author Alex Date 1/28/2014 Invention Title Fabrikam Green Energy... Get Email Content 1.Temporary in memory representation 2.Used for comparson with source fingerprint created at config time Create Fingerprint 1.Compare the two fingerprints 2.Evaluate a ’containtment coefficient’ to declare template contained in email content Verdict CONFIGURATIO N RUNTIME CLASSIFICATION RULE with FINGERPRINT GENERATION Evaluation + verdict

16

17 Empower users to manage their compliance Contextual policy education Doesn’t disrupt user workflow Can work even when disconnected Admin customizable text and actions Outlook OWA User education

18

19

20

21 Custom DLP content: Supplemental DLP policy rules Supplemental DLP classification rules Incident reports integration with custom workflows Custom reporting solutions

22 Deep content analysis engine 46 OOB sensitive information types 40 OOB DLP Templates Support for 3rd party defined DLP policy templates Policy Tips in OWA and Mobile OWA Advanced Document Fingerprinting in Exchange, Outlook, and OWA 5 new OOB sensitive information types Policy Tips in Outlook 2013 Contextual user education and empowerment Incident management Rich reporting

23 Exchange 2013 DLP introduction http://blogs.technet.com/b/exchange/archive/2012/09/28/introducing-data-loss-prevention-in-the-new-exchange.aspx http://technet.microsoft.com/en-us/library/jj150527.aspx DLP policy templates http://technet.microsoft.com/en-us/library/jj657730 Managing DLP policies http://technet.microsoft.com/en-us/library/jj673559 OOB DLP policy templates http://technet.microsoft.com/en-us/library/jj150530 Policy tips in Exchange 2013 http://technet.microsoft.com/en-us/library/jj150512 Supported file types http://technet.microsoft.com/en-us/library/jj674307 MessageStats Quick Guide http://mbidemo.quest.com/Insights/#page/home

24 Q&A

25

26

27

Download ppt "“ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “"

Similar presentations

2 DLP helps to identify monitor protect sensitive data through deep content analysis.

2 DLP helps to identify monitor protect sensitive data through deep content analysis.
Risk: Got anything to worry about? You probably don’t need to be here if.

Risk: Got anything to worry about? You probably don’t need to be here if.
ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.

ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.
“ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “

“ “ Accidental with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “
System glitches Malicious intentOops! 39% 24% 37% 97% avoidable! Online Trust Alliance: 2013 Data Protection and Breach Readiness Guide.

System glitches Malicious intentOops! 39% 24% 37% 97% avoidable! Online Trust Alliance: 2013 Data Protection and Breach Readiness Guide.
Security Controls – What Works

Security Controls – What Works
Sophos / Utimaco Data Loss Prevention Peter Szendröi, SOPHOS Nordics Jan 20, 2010.

Sophos / Utimaco Data Loss Prevention Peter Szendröi, SOPHOS Nordics Jan 20, 2010.
“ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “

“ “ Accidental with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “
Compliance in Office 365 Edge Pereira Sandy Millar From Avanade Australia OSS304.

Compliance in Office 365 Edge Pereira Sandy Millar From Avanade Australia OSS304.
Microsoft Ignite /17/2017 2:11 PM

Microsoft Ignite /17/2017 2:11 PM
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.

Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.
Www.encase.com Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,

Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,
What’s New in Exchange Online. Disclaimer This presentation contains preliminary information that may be changed substantially prior to final commercial.

What’s New in Exchange Online. Disclaimer This presentation contains preliminary information that may be changed substantially prior to final commercial.
Welcome to the Exchange 2013 Webcast Archiving, eDiscovery, & Data Loss Prevention.

Welcome to the Exchange 2013 Webcast Archiving, eDiscovery, & Data Loss Prevention.
Clinton Ho Program Manager Microsoft Corporation SESSION CODE: SIA311.

Clinton Ho Program Manager Microsoft Corporation SESSION CODE: SIA311.
“ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “

“ “ Accidental with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “
Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.

Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.
What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.

What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.
MEC 2014 4/22/2017 5:53 AM © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.

MEC /22/2017 5:53 AM © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
WSV323. CSO/CIO department Regulation translated to control objectives Infrastructure Support Control objectives turned into control activities.

WSV323. CSO/CIO department Regulation translated to control objectives Infrastructure Support Control objectives turned into control activities.

Similar presentations

Ads by Google