Methods and Techniques for Protecting Data in Real Time on the Wire

Sep 21, 2011

Download: MP4 Video Size: 444.0MB  
Watch on YouTube

Abstract

The ongoing explosion of data and information throughout the enterprise is undeniable. Sensitive data, whether structured or unstructured, finds itself replicated and dispersed. This creates a challenge for information security professionals to prevent the flow of this information to unauthorized or inappropriate destinations.

The security community has made great progress in protecting this data and information while it is at rest or in use. But ... is there more that can be done?

Companies are now asking, "Who moved my data and where did it go? Was it an appropriate flow from one internal department to another? Was the flow intended for a trusted business partner? Or ... was my data heading for an unknown destination, a competitor or a pool of cybercriminals?"

End point controls, access controls, database monitoring and encryption are all important components of a solid layered security approach. However tools that provide visibility and control over "data in motion" deliver critical capabilities that none of these other components can adequately address. When prioritizing various components or layers of an information security implementation, it has been argued that a solid "data in motion" component can provide 80% of the bang for 20% of the buck (and effort!)

This presentation focuses on methods and techniques in wire speed detection and control of data in motion. The presentation will include:

• approaches to detecting simple patterns emphasizing low false positives
• advances in wire speed pattern matching enabling protection of specific fields or combination of fields in a database
• policy designs that combine network application controls with content identification and control
• wire speed blocking that does not require a proxy