Premium Essay

Dlp Dlp Dlp

In: Computers and Technology

Submitted By giana
Words 8522
Pages 35
Interested in learning more about security?

SANS Institute
InfoSec Reading Room
This paper is from the SANS Institute Reading Room site. Reposting is not permitted without express written permission.

Data Loss Prevention

AD

Copyright SANS Institute
Author Retains Full Rights

.

08
,

Au

tho

rr

eta

ins

ful l rig

hts

Data Loss Prevention

20

Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 Prevention
Data Loss 06E4 A169 4E46

te

GIAC Gold Certification

Ins titu Author: Prathaben Kanagasingham
Advisor: John C.A Bambenek

©

SA

NS

Accepted: August 15th 2008

Prathaben Kanagasingham

© SANS Institute 2008,

1

As part of the Information Security Reading Room

Author retains full rights.

.

ins

Table of Contents

ful l rig

hts

Data Loss Prevention

Introduction....................................................................................3

2.

Deeper Look at DLP Solution........................................................4

3.

Identification of Sensitive Data......................................................6

tho

rr

eta

1.

Data in Motion.....................................................................8

3.2

Data at Rest.....................................................................…9

3.3

Data at End Points.............................................................10

08
,

Au

3.1

Choosing a Vendor.......................................................................11

Ins titu te

4.

20

Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46

Monitoring vs. Prevention...................................................11

4.2

Centralized Management...................................................12

NS

4.1

Backup and Storage...

Similar Documents

Free Essay

Dlp Bluecoat

...Solution Brief: Blue Coat DLP The Blue Coat DLP Solution: Complete. Quickly Deployed. Easy to Manage. The loss of sensitive information – by accident or by design – is a persistent concern for IT managers today. Detecting and eliminating potential data leaks is critical, and Blue Coat Data Loss Prevention (DLP) gives you a running start. A typical installation takes less than a day. You can immediately automate compliance and mitigate risks from internal breaches across any electronic communication channel – from email to the Web. Even SSL traffic is inspected and controlled at the gateway. The Content Security Challenge When confidential information is leaked, the effect can be devastating: loss of revenue, financial penalties, and irreparable damage to your organization’s image, brand and customer loyalty. Government regulations and guidelines require businesses to rigorously monitor confidential information and report leaks. The resulting news reports frequently reveal unauthorized use of sensitive data, substantial corporate losses, and a direct effect on consumers. The clear challenge is to protect customer data and safeguard intellectual property against internal mishandling – malicious or accidental. There are many data loss prevention solutions, but they tend to share negative characteristics: Pieces from multiple vendors complicate acquisition. A full DLP solution may take months to implement. Conflicting policies and rules can make operation challenging.......

Words: 1123 - Pages: 5

Free Essay

Instructional Practices of Science Teachers in Teaching Science in the Public Elementary Schools: Basis for Enhancement

...Trinity University of Asia Graduate School The Dynamic Learning Program and its Effect on the Academic Performance of Grade V and VI Pupils in the Five major subjects A Thesis Proposal Presented to the Faculty of the Graduate School TRINITY UNIVERSITY OF ASIA In Partial Fulfilment Of the Requirements for the Degree of MASTER OF ARTS IN EDUCATION ROWENA N. CERDON Trinity University of Asia Graduate School TABLE OF CONTENTS CHAPTER 1 1 THE PROBEM AND ITS BACKGROUND Introduction Background of the Study Conceptual Framework Research Paradigm Statement of the Problem Hypothesis Significance of the Study Scope and Delimitation Definition of Terms 2 REVIEW OF RELATED LITERATURE AND STUDIES Local Literature Local Studies Foreign Literature Foreign Literature 3 RESEARCH METHODOLOGY Research Design Research Instrument Validation of Instrument Data Gathering Procedure Statistical Treatment of Data Chapter 1 THE PROBLEM AND ITS BACKGROUND Introduction Globalization has come upon us, stunning in its swiftness and breadth of scope. The full impact of the phenomenon cannot...

Words: 3183 - Pages: 13

Free Essay

Student

...Loss Protection (DLP) with the following activities: a) Deploy the Clinet endpoint agent (XEA) to all new client machines. b) Deploy the XEA to at least 95% of existing in-scope client machines within 90 days of its initial release. c) Deploy any patches or updates to the XEA out to 95% of existing XEA-equipped machines (both clients and servers) within 45 days of those patches or updates being released from testing with approval to deploy. d) Monitor, investigate and remediate instances where the XEA ceases to function on any machine (client or server) that is still connecting to the XGI. e) Monitor, initiate investigation, and escalate alerts generated by the DLP system indicating mishandling of Clinet classified data. f) Distribute reports and data extracts as required. g) Support Tier I and II help-desk end-users’ and server application support questions arising from the XEA. Can you meet this requirement? Please explain below. ORGANIZATION understanding of Requirements: Clinet is looking for Client Based Data Leakage Services necessary to provide services and support for Data Loss Protection (DLP). Clinet expects deployment of endpoint agents and expecting coverage of 95 % of existing in-scope client machines within 90 days of its initial release. Clinet expects service provider to deploy or update patches to Clinet Endpoint Agent [XEA]. Service provider need to monitor, investigate and escalate alerts generated by DLP system,......

Words: 1129 - Pages: 5

Free Essay

Lcd Display

...[pic] TOPIC:- LIQUID CRYSTAL DISPLAY [pic] SUBMITTED TO:- SUBMITTED BY:- Swetha chadha D.kranthi ram SEC. :-M3R16 ROLL NO. REG NO. :- 11013455 LIQUID CRYSTAL DISPLAY TABLE OF CONTENTS |SNO |TOPIC |PAGE | | | |NO | |1 |what is lcd | 8 | |2 |Technology behind lcd |9 | | |monitor | | |3 |Working of lcd monitor |10 | |4 |Features of lcd television |11 | |5 |Diff between lcd and plasma|12 | |6 |Texas instrument’s test |14 | |7 |High transmissive tft lcd |16 ...

Words: 6534 - Pages: 27

Premium Essay

Discrete Log Problem

...to someone, use public key of receiver to encrypt the message and receiver use his private key to decrypt the message.This system doesn’t require secure key transmission.So, it resolves the one of the problem faced by symmetric key cryptosystem. If someone is able to compute respective private key from a given public key, then this system is no more secure. So, Public key cryptosystem requires that calculation of respective private key is computationally impossible from given public key. In most of the Public key cryptosystem, private key is related to public key via Discrete Logarithm. Examples are Diffie-Hellman Key Exchange, Digital Signature Algorithm (DSA), Elgamal which are based on DLP in finite multiplicative group. 1 2. Discrete logarithm problem The Discrete Logarithm Problem (DLP)is the problem of finding an exponent x such that g x ≡ h (mod p) where, g is a primitive root for Fp and h is a non-zero element of Fp . Let, n be the order of g. Then solution x is unique up to multiples of n and x is called discrete logarithm of h to the base g (i.e.) x = logg h. In cryptosystem based on Discrete Logarithm , x is used...

Words: 1261 - Pages: 6

Premium Essay

Er Diagram

...Week 3 & 4 Research Paper Rajesh Chilivery Professor: Blake Arnold Week 3 & 4 Paper: Write a research paper/presentation on data security and leakage preventive solutions in the market. List all the regulations that apply to Financial Services, HealthCare industry. Data Security Summary: The major purposes of database security are confidentiality, accessibility, and honesty. The characteristics of these three are distinctive but they are correlated to each other. The information which is available in the database should be secured, must be spared from being assaulted, and to save the data or information which is secured to be done in a strong or effective way. Confidentiality is all about telling or giving the information with security. Secrecy of the information is all that much identified with the mystery. Secrecy in another word can be defined as privacy or confidentiality. Besides this, all the information or data which is stored need to be secured and also should be very easy to access to right persons. Accessibility is all about the accessibility of the information for the approved client at any given point where the customer or client needs it without any disturbance or discomfort to the client and at the same time security should strong enough that third person cannot access without permission. However, the approved client can get the way through to have access the available data. The troubles or problems occurred while accessing the data has......

Words: 653 - Pages: 3

Free Essay

None

...Trans. Nat/. .Acad. Sci. & .Tech. Philippines 29: 251-260 (2007) /SSN 0115-8848 Teaching High School Physics Effectively Christopher C. Bernido and l\faria Victoria Carpio-.Rernido Research Center for Theoretical Physics Central Visayan Institute Foundation Jagna, Bohol 6308, Philippines The Ascending Levels of Learning and Pedagogical ~1axims that could guide effective teaching of physics are presented. As an example of how these may be applied, the Dynamic Learning Prof:,lfam (DLP) of the Central Visayan Institute Foundation is briefly discussed. The DLP, together with 21st century technology, provides a scenario where the perennial lack of high school physics teachers in the Philippines can be bypassed. Introduction The breadth of topics that may be covered in teaching physics can be extremely wide. After all, physics probes the smallest things in the universe (the quarks and leptons), aiJ the way up to the "biggest" subject one can think of-the birth, death, and fate of the universe itself. One definition for physics states that it is the study of matter and energy. Most everything in the universe is either matter or energy, and this can make physics quite interdisciplinary. No wonder, therefore, that sub-areas in physics may be referred to as Biophysics, Geophysics~ Chemical Physics, Mathematical Physics, Astrophysics, Nuclear Physics, Econophysics, etc., and one also has the physics of sports, the physics of art, and so on. Because of its breadth, there is......

Words: 3310 - Pages: 14

Premium Essay

Aircraft Solutions

...Aircraft Solutions: Security Assessment and Recommendations Phase I and Phase II Table of Contents Executive Summary 3 Company Overview 3 Security Vulnerabilities 4 A Software Data Loss/Data Leak 4 A Hardware Firewall 5 Recommended Solutions 7 A Software Example Solution 7 A Hardware Example Solution 8 Impact on Business Processes 9 Summary 10 Appendix 11 References 17 Executive Summary Aircraft Solutions is aircraft Design Company that allows internal and external users to access its system. As a result of this, the company has made itself vulnerability to certain threats. This paper identifies two vulnerabilities. One is the threat of data loss or data leak. The other is intrusion by way of the internet firewall. Based on the known vulnerabilities, it was recommended that the Check Point Software Blade application is used to prevent the data loss and the Check Point Power-1 appliance be used to address the firewall vulnerability. Company Overview Aircraft Solutions (AS) design and fabricate component products and services for companies in the electronics, commercial defense, and aerospace industry. The mission of AS is to provide the customer success through machined products and related services, and to meet cost, quality, and scheduled requirements. Aircraft Solution uses Business Process Management (BPM) to handle end to end processes that span multiple systems and organizations. BPM system is designed to connect...

Words: 2691 - Pages: 11

Premium Essay

Behht

...school owned by Christopher’s mother. Christopher said it was not just filial duty that led both of them to devote themselves to the Central Visayan Institute Foundation (CVIF), as the school’s president and principal, respectively. The CVIF was a small school of about 500 mostly poor students. They could have simply closed down the school but they saw as a challenging opportunity. They both realized that the school was a microcosm of the problems of basic education in the Philippines. For them, it was always been the bigger picture, the country. They both wanted to do something for the country. In 2002, they introduced a revolutionary way of teaching science and non-science subjects, which they called CVIF Dynamic Learning Program (DLP). The DLP is a...

Words: 524 - Pages: 3

Free Essay

????

...The Bad Effects of Dynamic Learning Program approach in Physics and Math in the studies of Fourth Year students of EHSD INTRODUCTION Dynamic Learning Program was conceptualized by Dr. Christopher Bernido and Dr. Maria Victoria Carpio-Bernido. Both of them are Ramon Magsaysay awardees, they made this learning program in order to provide better education in Filipino students who have their own potentials. This school year 2012-2013 was the very first year that EHSD adapt this program. It includes tons of writings and less discussing, this helps students to study on their own. On the other hand, Physics and Math are the hardest subject areas in Fourth year, these subject areas requires a lot of skills, explanations and patience in order to understand what the concept is. Unlike other subjects like TLE and History, Physics and Math needs a lot of mathematical abilities. This research paper will soon answer what are the bad effects of having Dynamic Learning Program in Physics and Math instead of the normal approach that was given years before. This research will specify the bad effects and how can we avoid those things while studying. This will let us see if the Dynamic Learning Program is applicable and efficient for subjects which require a lot of explanations. In this research we will conduct a deeper definition of Dynamic Learning Program from where it was originated, to the people behind it up to the people who benefit from it. After knowing these all, we will conduct a...

Words: 762 - Pages: 4

Premium Essay

Optoma Hd141x Research Paper

...will depend on the intended use. Most of them will handle all the work, but for optimum results, each projector has its own strengths. Below is a list of some of the best home theater projectors. Optoma HD141X Its contrast ratio of 20,000:1 is quite impressive and its bulb can last for 6,500 hours that is 9 months assuming you never turn your home theater off. With a weight of 5.5 pounds, it is quite portable with fans that are said to be quiet, and its audio ranges at 10 watts. The ease of focusing an image for a more sharp picture is also impressive. Its DLP (digital light processing) produces quite an excellent color range. The Optoma HD141X has two HDMI cables and has an MHL (mobile high-definition link) giving you the privilege of streaming from phones and tablets that are compatible with it. A VESA 3D Sync port allows for you to link it to a 3D player. The price of the Optoma HD141X is about $880....

Words: 488 - Pages: 2

Premium Essay

Case Studies

...tools with data.” – Lead Network Administrator Company Profile The Customer is a $4B food product manufacturer in North America (FY 2010). With products that distribute across the continent, in the United States, Canada, and Mexico, the Customer is one of the leaders in packaged coffee, health/natural foods, and a variety of other packaged edibles. Problem The Customer runs a complex network with approximately 7,500 networking devices deployed at their headquarters, as well as 33 remotely located sites, 75% of which are primarily manufacturing facilities. They use a variety of tool types, including Application Performance Management (APM), Intrusion Detection Systems (IDS), URL Filtering, Packet Capture, and Data Loss Prevention (DLP). With such a variety of tools, the Customer’s networking team found that the data center lacked available access points, specifically SPAN ports (the company does not currently employ Taps). On most switches, the company desires to connect four or more tools, however, their Cisco switches only provide up to two SPANs. Because of this lack of SPANs, the company had to manually “make and break” SPAN ports (i.e. add and remove tool connections by hand to...

Words: 1327 - Pages: 6

Premium Essay

Vietnam Legacy Lesson Plan

...Reference: Language in Literature Afro-Asian Literature (p. 156) Materials: illustration boards, Multimedia materials Time Frame: 2 Meetings II. Objectives A. Generate responses to a question the poem asks about giving tributes to fallen soldiers B. Identify imageries in the poem C. Demonstrate comprehension on the poem by giving accurate answers to questions D. Enumerate ways how they can promote peace in their own little ways as students. III. Lesson Proper A. Introduction 1. Through a DLP, show pictures of soldiers. Let students verbalize their ideas about the pictures. 2. Inform them that they are about to read a poem about soldiers. 3. Post the following question to be answered towards the end of the lesson: What is the best way to remember those who fought in a war for freedom? B. Interaction 4. Let students read the poem silently, then let them read it aloud in chorus with the poem projected through DLP. 5. Instruct them to locate the following unfamiliar words on the poem, then give their definitions: * Granite- a very hard rock used in building * Engraved- carved into a block or surface * Relive- To undergo or experience again, especially in the imagination. * Laureate- a person who has been honored for achieving distinction in a particular field or with a particular award * Dignitary-a person who holds a high rank  * Time warp- the condition or process of being displaced from one......

Words: 585 - Pages: 3

Free Essay

Getting Ready

...AHERF was one of the largest integrated health care providers in the United States and its CEO was hailed as a visionary. By 1998, AHERF was also bangkrupt. In the early 2000s, Sumsung Corporation launched a strategy to revitalize its consumer video electronics business. Long regareded as a low- quality brand, it sought a quality leadership position in the fledgling market for digital home entertainment, including high definition television (HDTV). Samsung embraced digital light processing (DLP) technology. Cheaper and fatter than plasma, more expensive and thinner than traditional rear projection televisions (RPTVs) , Samsung’s DLP televisions offered a picture quality that equaled or beat either alternative. Samsung’s first generation DLP sets garnered rave reviews from speciality magazines and web sites. The technology appealed to critical early HDTV adopters who did their research and ignored the brand reputation. In fact, samsung’s reputation has improved since the launch of DLP. It has successfully entered the market for high-end plasma market. It takes little imagination to come up with a strategy. In fact, almost all managers can easily identify any number of strategic options for their firms. Here are a few popular business strategies, with examples of firms that have pursued them: Grow larger (general Electric, AHERF) Downsize (avon, SARA LEE) Diversify into new markets (Wal-Mart, PepsiCo) Dominate a niche (starbucks, jiffy Lube) Outsource the production......

Words: 1304 - Pages: 6

Free Essay

Case 2 Chapter 13 Sim

...Chapter 13 Case 2 Wyoming Medical Center, LosAngeles County, and Raymond James: EndPoint Security Gets Complicated (James A. O’Brien dan George M.Marakas, Information and Management Systems. 10th Edition. 2007. McGraw-Hill Irwin) Mata Kuliah Sistem Informasi Manajeman Dosen : Dr. Ir. Arif Imam Suroso, MSc Disusun Oleh: Dani Surahman P056111101.47 PROGRAM STUDI MAGISTER MANAJEMEN DAN BISNIS SEKOLAH PASCASARJANA INSTITUT PERTANIAN BOGOR 2012 i DAFTAR ISI Halaman Daftar Isi......................................................................................................... i BAB I. PENDAHULUAN .......................................................................... 1 I.1 Latar Belakang........................................................................... 1 I.2 Tujuan Penulisan ....................................................................... 2 BAB II. TINJAUAN PUSTAKA.................................................................. 3 II.1 Manajemen Keamanan Teknologi Infotmasi ............................. 3 II.2 Endpoint Security ..................................................................... 3 II.3 Enkripsi .................................................................................... 3 II.4 Data Loss Prevention ................................................................ 4 II.5 Firewalls................................................................................... 5 II.6 Virus .......................................

Words: 3448 - Pages: 14