Methods and Techniques for Protecting Data in Real Time on the Wire
Joe Leonard - Global Velocity
Sep 21, 2011Size: 444.0MB
Download: MP4 Video
Watch in your Browser Watch on YouTube
AbstractThe ongoing explosion of data and information throughout the enterprise is undeniable. Sensitive data, whether structured or unstructured, finds itself replicated and dispersed. This creates a challenge for information security professionals to prevent the flow of this information to unauthorized or inappropriate destinations.
The security community has made great progress in protecting this data and information while it is at rest or in use. But ... is there more that can be done?
Companies are now asking, "Who moved my data and where did it go? Was it an appropriate flow from one internal department to another? Was the flow intended for a trusted business partner? Or ... was my data heading for an unknown destination, a competitor or a pool of cybercriminals?"
End point controls, access controls, database monitoring and encryption are all important components of a solid layered security approach. However tools that provide visibility and control over "data in motion" deliver critical capabilities that none of these other components can adequately address. When prioritizing various components or layers of an information security implementation, it has been argued that a solid "data in motion" component can provide 80% of the bang for 20% of the buck (and effort!)
This presentation focuses on methods and techniques in wire speed detection and control of data in motion. The presentation will include:
- approaches to detecting simple patterns emphasizing low false positives
- advances in wire speed pattern matching enabling protection of specific fields or combination of fields in a database
- policy designs that combine network application controls with content identification and control
- wire speed blocking that does not require a proxy
About the SpeakerMr. Leonard is responsible for bringing to market an advanced Deep Packet Inspection device focused on Information Leak Prevention and other leading edge security applications for Global Velocity.
He has spent over 25 years in Communications Technology, with experience ranging from Military systems to global fortune 100 networks to modern day internet solutions. Previously Joe held a Director's role in the Chief Technology Office of Nortel Networks where he was responsible for Enterprise Data and VoIP technology direction. Prior to Nortel, Joe was Director of Principal Engineering with a Successful Silicon Valley startup, Shasta Networks which was acquired by Nortel Networks in 1999. Joe has also held various technical and management positions with Compaq Computer, and MCI Communications focused primarily on wide area and local area data networking solutions.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.