CERIAS - Center for Education and Research in Information Assurance and Security

Skip Navigation
CERIAS Logo
Purdue University - Discovery Park
Center for Education and Research in Information Assurance and Security

Methods and Techniques for Protecting Data in Real Time on the Wire

Joe Leonard

Joe Leonard - Global Velocity

Sep 21, 2011

Size: 444.0MB

Download: Video Icon MP4 Video  
Watch in your Browser   Watch on Youtube Watch on YouTube

Abstract

The ongoing explosion of data and information throughout the enterprise is undeniable. Sensitive data, whether structured or unstructured, finds itself replicated and dispersed. This creates a challenge for information security professionals to prevent the flow of this information to unauthorized or inappropriate destinations.

The security community has made great progress in protecting this data and information while it is at rest or in use. But ... is there more that can be done?

Companies are now asking, "Who moved my data and where did it go? Was it an appropriate flow from one internal department to another? Was the flow intended for a trusted business partner? Or ... was my data heading for an unknown destination, a competitor or a pool of cybercriminals?"

End point controls, access controls, database monitoring and encryption are all important components of a solid layered security approach. However tools that provide visibility and control over "data in motion" deliver critical capabilities that none of these other components can adequately address. When prioritizing various components or layers of an information security implementation, it has been argued that a solid "data in motion" component can provide 80% of the bang for 20% of the buck (and effort!)

This presentation focuses on methods and techniques in wire speed detection and control of data in motion. The presentation will include:

  • approaches to detecting simple patterns emphasizing low false positives
  • advances in wire speed pattern matching enabling protection of specific fields or combination of fields in a database
  • policy designs that combine network application controls with content identification and control
  • wire speed blocking that does not require a proxy


About the Speaker

Mr. Leonard is responsible for bringing to market an advanced Deep Packet Inspection device focused on Information Leak Prevention and other leading edge security applications for Global Velocity.

He has spent over 25 years in Communications Technology, with experience ranging from Military systems to global fortune 100 networks to modern day internet solutions. Previously Joe held a Director's role in the Chief Technology Office of Nortel Networks where he was responsible for Enterprise Data and VoIP technology direction. Prior to Nortel, Joe was Director of Principal Engineering with a Successful Silicon Valley startup, Shasta Networks which was acquired by Nortel Networks in 1999. Joe has also held various technical and management positions with Compaq Computer, and MCI Communications focused primarily on wide area and local area data networking solutions.


Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52, West Lafayette Campus. More information...

Disclaimer

The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.