- Careers
- Government & Education
- Partners
- Aruba Networks
- ArcSight
- Blue Coat
- Check Point Software
- Citrix
- Crossbeam
- CyberArk
- FireEye
- F5 Networks
- Gigamon
- Imperva
- Indeni
- Juniper Networks
- LogLogic
- McAfee
- MobileIron
- Palo Alto Networks
- Proofpoint
- Qualys
- Q1 Labs
- RIOREY
- Riverbed
- RSA Security
- Safend
- Safenet
- Sonicwall
- Sophos
- Sourcefire
- TippingPoint
- Trend Micro
- Tufin
- Websense
- Vasco
- Zscaler
- Services
- Products
- Solutions
- Company
- Home
Services
Services > Data Security
Data Security
Protecting Valuable Data Assets
Challenges
It’s no surprise that malicious insiders and external attackers alike covet sensitive information such as intellectual property, financial records, and personal information. This information has value, and therefore it’s a target. Additionally, information is at risk due to careless and negligent employees and other users with elevated levels of trust and access such as partners and consultants. Because information helps drive the business, it must be accessible and usable, lest its value be diminished. Striking a balance, where access is allowed while risk is mitigated, is essential.
Difficulties arise when organizations understand just how much sensitive information they have. Beyond volume, the information rarely resides in a single location; instead, it is spread across structured data stores such as databases and unstructured data stores such as file servers, laptops, smartphones, email messages, removable media such as USB drives, and the like. Generally, this information is accessible from multiple users, across multiple groups, and in multiple geographies. In many cases, the individuals that need access may be business partners or other groups outside of the organization’s control.
Most organizations are aware of the results of not adequately protecting their information-with issues ranging from competitive disadvantage brought upon by stolen intellectual property and regulatory penalties to class action lawsuits and costs associated with disclosing breaches. While the implications are clear, executing a solution can be challenging. Common technical issues experienced by organizations trying to build an effective information protection strategy include:
- Discovering where the information is
- Classifying the information
- Enforcing policies to protect how information is handled
- Monitoring real-time access on the network and the endpoint
- Analyzing forensic data related to users interacting with information
- Managing distributed encryption solutions
- Mitigating attacks on databases
In 2006, a laptop belonging to a data analyst was stolen. It contained personal and health data of about 26.5 million active duty troops and veterans.2
Fortunately, these technical issues needn’t plague organizations. Today, there are a number of integrated information protection solutions that are purpose-built to address these security risks and streamline the process of enabling information protection controls—and not hinder users with complicated information access mechanisms.
Solutions
There are several solutions for protecting information that offer the added benefit of reducing costs and complexity. Some are network or endpoint controls, and others are specific to data or overall security management. While many of these solutions can be effective-especially when operating within a Security Connected framework, four technologies are key: data loss prevention (DLP), controls for protecting removable storage and media, encryption, and database activity monitoring (DAM).
Data loss prevention
DLP solutions need to discover and fingerprint sensitive information regardless of format, and, through regular intervals, keep the DLP solution and related controls informed about changes such as new data stores. An effective DLP strategy will combine network- and host-based controls to protect organizations from careless or intentional data loss. Examples include uploading information, sending information outside the organization via IM or email, or even copying information to a removable media device. Operationally, the DLP solution should provide centralized management, which encompasses discovery, policy creation, analytics, and response as well as integration with other controls such as Internet gateways for broad policy enforcement.
Removable storage device and media control
One of the easiest and most common, forms of careless and malicious information exfiltration is through the use of removable media devices such as a USB drive, MP3 players, DVDs, and others. Solutions in this category must enforce the types of devices that can and cannot be used as well as the type of information that can be transferred via physical connections or wireless connections such as Bluetooth and infrared. Because USB devices have a small size and large storage capacity, encryption capabilities are essential when information is mobile. These solutions should provide transparent and automatic encryption of data when approved information is transferred to an approved USB drive. For optimized security management, the DLP solutions and USB drive management should be centralized, as their controls are closely related.
Encryption
Encryption greatly mitigates the usefulness of any lost or stolen data. In addition to USB drive encryption, additional layers of protection can be gained by adding full disk encryption to Macs and PCs. Files and folders, including network files, should utilize encryption, especially if it can be done automatically and transparently as files and folders are shared and moved throughout the organization. By using encryption solutions that are centrally managed with the information protection controls previously outlined, deployments, administration, and policy creation can be more efficient and persistent across the various solutions, resulting in lower TCO.
Database activity monitoring
Just as finding sensitive data can be difficult, so is discovering all of the databases within an organization. Database activity monitoring (DAM) solutions should be able to identify databases and provide database-specific protection—even for unpatched systems. These solutions should leverage a combination of virtual patching, protection from specific, known attacks, as well as the ability to terminate sessions that are seen as violating security policies, as in the case of zero-day attacks. These controls should work across physical databases as well as in virtualized and cloud computing environments. By leveraging the Security Connected framework from McAfee across all information protection controls such as DLP, removable device protection, encryption, and DAM, risks and costs can be mitigated while ROI is improved.
Best Practices Considerations
- Employ a strategy that addresses external attacks as well as careless and malicious insiders
- Implement controls that are specific to data protection and augment them with supporting network and endpoint controls
- Leverage solutions that allow for real-time and forensic analysis
- Enact policies and controls for information protection that address critical data stores, endpoints, and removable media, as well as common information exfiltration points such as email, instant messaging, and web
- Take advantage of encryption-especially on portable devices such as laptops and USB drives-to reduce the risk of sensitive data being recovered from a lost or stolen device
- Protect databases with controls optimized for structured data policy enforcement
SOS Security Data Security Services
Identify and Protect Sensitive Data with the Data Security Assessment
SOS Security’s Data Security Assessment protects your sensitive and confidential digital assets. Certified security professionals, using the latest, most advanced technology, help you define your sensitive data, identify where it is stored, expose potential risks and vulnerabilities, and implement a comprehensive data loss prevention strategy.
The Data Security Assessment demonstrates compliance with regulations and standards, including:
- Enables you to avoid stiff penalties by showing compliance with NERC, FERC, ITAR, SOX, GLBA, HIPAA/ HITECH, and privacy regulations
- Payment Card Industry (PCI) Data Security Standard, including financial account numbers and credit card numbers, such as;
- - Uncover risks from data that may be stored in or flowing to places it should not be (e.g., PCI DSS Sec 3)
- - Understand your business processes and how they could become more secure and compliant (e.g., PCI DSS Sec 4)
- - Quickly build fine-grained policies to control data usage (e.g., PCI DSS Sec 7, 12)
- Protect your data while at rest, in motion, or in use (e.g., PCI DSS Sec 3, 4, 7, 8.)
- Prove compliance with PCI DSS, HIPAA, SOX, GLBA, regional laws, and more
At SOS, we recognize that every vulnerability impacts your business differently. We believe in helping you focus on the issues that present the greatest risk to your enterprise. That’s why we take the extra steps to rank and prioritize the vulnerabilities on your network so you know what to fix first (and what can wait).
The SOS Security Approach
The service is comprehensive and cost effective. Each engagement is tailored to meet the specific needs of the customer.
Recommended Technologies:
DLP:
- Check Point
- McAfee
Removable Media:
- McAfee
- Check Point
- Sophos
Encryption:
- McAfee
- Check Point
- Sophos
Database Activity Monitoring:
- Imperva
- McAfee
Connect with us:
