Premium Essay

Dlp Dlp Dlp

In: Computers and Technology

Submitted By giana
Words 8522
Pages 35
Interested in learning more about security?

SANS Institute
InfoSec Reading Room
This paper is from the SANS Institute Reading Room site. Reposting is not permitted without express written permission.

Data Loss Prevention

AD

Copyright SANS Institute
Author Retains Full Rights

.

08
,

Au

tho

rr

eta

ins

ful l rig

hts

Data Loss Prevention

20

Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 Prevention
Data Loss 06E4 A169 4E46

te

GIAC Gold Certification

Ins titu Author: Prathaben Kanagasingham
Advisor: John C.A Bambenek

©

SA

NS

Accepted: August 15th 2008

Prathaben Kanagasingham

© SANS Institute 2008,

1

As part of the Information Security Reading Room

Author retains full rights.

.

ins

Table of Contents

ful l rig

hts

Data Loss Prevention

Introduction....................................................................................3

2.

Deeper Look at DLP Solution........................................................4

3.

Identification of Sensitive Data......................................................6

tho

rr

eta

1.

Data in Motion.....................................................................8

3.2

Data at Rest.....................................................................…9

3.3

Data at End Points.............................................................10

08
,

Au

3.1

Choosing a Vendor.......................................................................11

Ins titu te

4.

20

Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46

Monitoring vs. Prevention...................................................11

4.2

Centralized Management...................................................12

NS

4.1

Backup and Storage…...

Similar Documents

Premium Essay

Vietnam Legacy Lesson Plan

...Reference: Language in Literature Afro-Asian Literature (p. 156) Materials: illustration boards, Multimedia materials Time Frame: 2 Meetings II. Objectives A. Generate responses to a question the poem asks about giving tributes to fallen soldiers B. Identify imageries in the poem C. Demonstrate comprehension on the poem by giving accurate answers to questions D. Enumerate ways how they can promote peace in their own little ways as students. III. Lesson Proper A. Introduction 1. Through a DLP, show pictures of soldiers. Let students verbalize their ideas about the pictures. 2. Inform them that they are about to read a poem about soldiers. 3. Post the following question to be answered towards the end of the lesson: What is the best way to remember those who fought in a war for freedom? B. Interaction 4. Let students read the poem silently, then let them read it aloud in chorus with the poem projected through DLP. 5. Instruct them to locate the following unfamiliar words on the poem, then give their definitions: * Granite- a very hard rock used in building * Engraved- carved into a block or surface * Relive- To undergo or experience again, especially in the imagination. * Laureate- a person who has been honored for achieving distinction in a particular field or with a particular award * Dignitary-a person who holds a high rank  * Time warp- the condition or process of being displaced from one......

Words: 585 - Pages: 3

Premium Essay

Behht

...small school of about 500 mostly poor students. They could have simply closed down the school but they saw as a challenging opportunity. They both realized that the school was a microcosm of the problems of basic education in the Philippines. For them, it was always been the bigger picture, the country. They both wanted to do something for the country. In 2002, they introduced a revolutionary way of teaching science and non-science subjects, which they called CVIF Dynamic Learning Program (DLP). The DLP is a cost-effective strategy focused on strong fundamentals; it limits teacher participation by devoting seventy percent of class time to student-driven activities built around clear learning targets, aided by well-designed learning plans and performance-tracking tools. The program uses locally available teaching aids and a "parallel classes scheme," in which three simultaneous classes are handled by one expert teacher with the help of facilitators. The Bernidos said in designing the DLP, they wanted to show that poverty is not an excuse to compromise on teaching and learning excellence. And the results proved them right. In the years that followed, CVIF students showed radical improvement in their performance on national scholastic aptitude and university admissions tests. The significance of what the Bernidos initiated quickly spread throughout the country and attracted national attention with educators from around the country visiting CVIF to learn about its......

Words: 524 - Pages: 3

Premium Essay

Case Studies

...tools with data.” – Lead Network Administrator Company Profile The Customer is a $4B food product manufacturer in North America (FY 2010). With products that distribute across the continent, in the United States, Canada, and Mexico, the Customer is one of the leaders in packaged coffee, health/natural foods, and a variety of other packaged edibles. Problem The Customer runs a complex network with approximately 7,500 networking devices deployed at their headquarters, as well as 33 remotely located sites, 75% of which are primarily manufacturing facilities. They use a variety of tool types, including Application Performance Management (APM), Intrusion Detection Systems (IDS), URL Filtering, Packet Capture, and Data Loss Prevention (DLP). With such a variety of tools, the Customer’s networking team found that the data center lacked available access points, specifically SPAN ports (the company does not currently employ Taps). On most switches, the company desires to connect four or more tools, however, their Cisco switches only provide up to two SPANs. Because of this lack of SPANs, the company had to manually “make and break” SPAN ports (i.e. add and remove tool connections by hand to address monitoring connectivity needs). This problem is 9111 Jollyville Anue Systems, Inc. Road, Suite 100, Austin, TX 78759 9737 Great Hills Trail, Suite 200 Ph: 512-527-0453, Fax: 512-692-2634, Austin, TX 78759 USA www.anuesystems.com www.anuesystems.com important, because......

Words: 1327 - Pages: 6

Free Essay

Lcd Display

...now uses liquid crystals captivated between two polarized glass sheets and a matrix of TFT (thin film transistor) transistors that control the electric flow through the crystals .The glass sheet contains thousands of tiny cells or pixels and each one is colored with green blue or red. The performance of LCD can be improved what is llcd(RGB) light emitting diodes instead of cold cathode fluorescent lamps in edge lit LCD backlights brightness and color performance (gamut) of LCD displays. In present daily life some other technologies have entered this feild which have better features than LCD technology like DLP (Digital liquid processing) and CRT (cathode ray tube).Presently it is being challenged by PLASMA television. The main difference between LCD and DLP is being presented in the project .Texas Instruments experiment clearly describes the difference between LCD and DLP technology. INTODUCTION In the following project a detail explanation about what is LCD and what are the features of LCD are being depicted.LCD is a display device that uses thin, flat sheet made up of liquid crystals and this thin sheet is placed in front of a light source. The molecules of liquid crystal are twisted in their natural state and allow the light to pass through. However, when certain amount electricity passes through liquid crystals, the molecules get stretched and block the light and the darkening of the pixels depends on the electric current. Pixels are completely darkened when there......

Words: 6534 - Pages: 27

Premium Essay

Discrete Log Problem

...cryptosystem requires that calculation of respective private key is computationally impossible from given public key. In most of the Public key cryptosystem, private key is related to public key via Discrete Logarithm. Examples are Diffie-Hellman Key Exchange, Digital Signature Algorithm (DSA), Elgamal which are based on DLP in finite multiplicative group. 1 2. Discrete logarithm problem The Discrete Logarithm Problem (DLP)is the problem of finding an exponent x such that g x ≡ h (mod p) where, g is a primitive root for Fp and h is a non-zero element of Fp . Let, n be the order of g. Then solution x is unique up to multiples of n and x is called discrete logarithm of h to the base g (i.e.) x = logg h. In cryptosystem based on Discrete Logarithm , x is used as private key and (Fp , g , h) is used as public key. So, one way to break such cryptosystem is to solve DLP. If we consider calculation of g a as base step, then trial and error method takes O(p) steps to solve DLP. If 2k ≤ p ≤ 2k+1 , then it takes O(2k ) steps (i.e) it takes exponential time. Pollard ρ method and Pollard kangaroo method are some of the good algorithm to solve DLP. These are generic methods to solve DLP because they do not require any knowledge about group other than multiplicative operator. 3. Pollard ρ method Let G be a finite set and let f : G −→ G be a function that mixes elements of G (i.e.) f is any bijective random function from G to G. Now, start with some element x ∈ G and construct a......

Words: 1261 - Pages: 6

Free Essay

Student

...Loss Protection (DLP) with the following activities: a) Deploy the Clinet endpoint agent (XEA) to all new client machines. b) Deploy the XEA to at least 95% of existing in-scope client machines within 90 days of its initial release. c) Deploy any patches or updates to the XEA out to 95% of existing XEA-equipped machines (both clients and servers) within 45 days of those patches or updates being released from testing with approval to deploy. d) Monitor, investigate and remediate instances where the XEA ceases to function on any machine (client or server) that is still connecting to the XGI. e) Monitor, initiate investigation, and escalate alerts generated by the DLP system indicating mishandling of Clinet classified data. f) Distribute reports and data extracts as required. g) Support Tier I and II help-desk end-users’ and server application support questions arising from the XEA. Can you meet this requirement? Please explain below. ORGANIZATION understanding of Requirements: Clinet is looking for Client Based Data Leakage Services necessary to provide services and support for Data Loss Protection (DLP). Clinet expects deployment of endpoint agents and expecting coverage of 95 % of existing in-scope client machines within 90 days of its initial release. Clinet expects service provider to deploy or update patches to Clinet Endpoint Agent [XEA]. Service provider need to monitor, investigate and escalate alerts generated by DLP system,......

Words: 1129 - Pages: 5

Free Essay

None

...Trans. Nat/. .Acad. Sci. & .Tech. Philippines 29: 251-260 (2007) /SSN 0115-8848 Teaching High School Physics Effectively Christopher C. Bernido and l\faria Victoria Carpio-.Rernido Research Center for Theoretical Physics Central Visayan Institute Foundation Jagna, Bohol 6308, Philippines The Ascending Levels of Learning and Pedagogical ~1axims that could guide effective teaching of physics are presented. As an example of how these may be applied, the Dynamic Learning Prof:,lfam (DLP) of the Central Visayan Institute Foundation is briefly discussed. The DLP, together with 21st century technology, provides a scenario where the perennial lack of high school physics teachers in the Philippines can be bypassed. Introduction The breadth of topics that may be covered in teaching physics can be extremely wide. After all, physics probes the smallest things in the universe (the quarks and leptons), aiJ the way up to the "biggest" subject one can think of-the birth, death, and fate of the universe itself. One definition for physics states that it is the study of matter and energy. Most everything in the universe is either matter or energy, and this can make physics quite interdisciplinary. No wonder, therefore, that sub-areas in physics may be referred to as Biophysics, Geophysics~ Chemical Physics, Mathematical Physics, Astrophysics, Nuclear Physics, Econophysics, etc., and one also has the physics of sports, the physics of art, and so on. Because of its breadth, there is......

Words: 3310 - Pages: 14

Free Essay

Getting Ready

...AHERF was one of the largest integrated health care providers in the United States and its CEO was hailed as a visionary. By 1998, AHERF was also bangkrupt. In the early 2000s, Sumsung Corporation launched a strategy to revitalize its consumer video electronics business. Long regareded as a low- quality brand, it sought a quality leadership position in the fledgling market for digital home entertainment, including high definition television (HDTV). Samsung embraced digital light processing (DLP) technology. Cheaper and fatter than plasma, more expensive and thinner than traditional rear projection televisions (RPTVs) , Samsung’s DLP televisions offered a picture quality that equaled or beat either alternative. Samsung’s first generation DLP sets garnered rave reviews from speciality magazines and web sites. The technology appealed to critical early HDTV adopters who did their research and ignored the brand reputation. In fact, samsung’s reputation has improved since the launch of DLP. It has successfully entered the market for high-end plasma market. It takes little imagination to come up with a strategy. In fact, almost all managers can easily identify any number of strategic options for their firms. Here are a few popular business strategies, with examples of firms that have pursued them: Grow larger (general Electric, AHERF) Downsize (avon, SARA LEE) Diversify into new markets (Wal-Mart, PepsiCo) Dominate a niche (starbucks, jiffy Lube) Outsource the production......

Words: 1304 - Pages: 6

Free Essay

Instructional Practices of Science Teachers in Teaching Science in the Public Elementary Schools: Basis for Enhancement

...in dynamic transition. The Central Visayan Institute Foundation (CVIF) Dynamic Learning Program (DLP) is a systems-based scientific approach for enhanced learning especially in the Sciences, Mathematics, and Humanities. With process-induced learning, the CVIF-DLP progressively allows a liberal spectrum of learners, from slow to fast, to achieve superior scholastic performance. The CVIF-DLP by design should work in various socio economic conditions ranging from schools with severe shortage of human and material resources in rural areas to those with access to high technology and high quality resources in urban areas. The program makes use of many ideas of classical and modern pedagogical theories while maintaining a practical perspective- distinguishing between mere rhetoric and what really works for majority of the students in the Philippine classroom. Our education system is suffering from problems typical of many Philippines Elementary School especially with the public like large classes, lack of updated textbooks and instructional materials, teachers deficient in subject matter and pedagogical skills, worn-out facilities, poor living conditions in a rural community, and lack of funds. Nevertheless, based on the premise of a universal basic intelligence independent of socio-economic conditions, it was taken as a challenge to deliver to the CVIF-DLP pupils’ education of the highest possible standards, progressively reaching even global standards. Learning......

Words: 3183 - Pages: 13

Free Essay

????

...grades and how can it affect their studies. After the survey result come out, we can conclude if there are negative effects on studying Physics and math. And if there are any bad effects, it will help use specify it so that we can avoid it and make a solution for these problems. Methodology We will have 120 correspondents from regular high school curriculum of EHSD. We will choose twenty students from each class. Ten boys and ten girls which are picked randomly will be asked few questions about how do they think DLA approach affects Math and Physics. The questionnaire will be composed of 3 questions answerable by yes or no, questions that requires explanation and rate, their comments about this kind of approach *Yung parang vocabulary* DLP- (Dynamic Learning Program) this is a learning program that requires a little time for discussion and it enhances the potentials of the student by means of answering question by themselves. Physics- It is the study of blaha blah blah Math- is baf;ag;g;agna EHSD-langag;adgpojp Potential-lgknal;gj;s DLA- it is a sheet of paper ojs; knglns ; SURVEY SHEET Name: (OPTIONAL) Do you think Math and Physics are well explained in form of DLA? Yes :__ NO:___ How often do you understand the concept notes even before the teacher explains (MATH AND PHYSICS)? ALWAYS:__ MOST OF THE TIME:___ SOMETIMES:___ RARELY:___ NEVER:___ Is DLA way better in Learning Physics than Experiment? YES:__ NO:___ Did you find it hard to study......

Words: 762 - Pages: 4

Premium Essay

Aircraft Solutions

...system’s vulnerabilities is the best method for securing against attacks. Unfortunately, IT security is a dynamic process in an organizational environment and IT professionals must be ever vigilant. Regular network- and host-based vulnerability assessments of company systems are needed to ensure that these systems are continually free of vulnerabilities and that they are compliant with the business security policies. Recommended Solutions/Justification Data Loss /Data Leak Prevention Solution--- Check Point DLP Software Blade To address the vulnerability of data loss prevention, the Check Point DLP Software Blade combines technology and processes to revolutionize Data Loss Prevention (DLP) helping businesses to preemptively protect sensitive information from unintentional loss, educating users on proper data handling policies and empowering them to remediate incidents in real-time. The specific pre-defined system of software for Aircraft Solutions is the Check Point DLP Software Blade Series 1200. This series is designed for environments that demand the highest level of performance ideal for the large campus networks and data centers, it is optimized for a 12 core system (CheckPoint Software Technologies, 2011). 12 core systems is a high performance security that can meet the needs of the Aircraft Solution’s environment. In addition to the data loss prevention, it includes a firewall, Identity awareness, IPSEC VPN, Advance Networking Acceleration and Clustering,......

Words: 2691 - Pages: 11

Premium Essay

Er Diagram

...Data loss prevention (DLP) is a strategy for making sure that end users do not send delicate or crucial data outside the corporate network. The phrase is also used to represent software products that help a network administrator restraint what data end users can transfer. Securosis defines DLP as: Products that, based on central policies, identify, monitor, and protect data at rest, in motion, and in use, through deep content analysis. Thus the key defining characteristics are: • Deep content analysis • Central policy management • Broad content coverage across multiple platforms and locations A much wider approach is needed, taking into account such vital data-management activities as these: - Creating data-protection policies - Classifying your data - Organizing data storage into tiers - Archiving your data - Encrypting your data - Digital rights management - Discovery of confidential data - Applying data policies consistently Data leakage prevention solutions: There are many tools to protect the data loss. It is tough to identify what data to protect. However, organizations fail to identify the ways users can let sensitive information escape into the world. The data loss prevention tools help with: - Detecting data leakage - Identifying lax business processes This applications help organizations tighten up its act through a combination of data consolidation, storage controls, and policy reinforcement. The early enterprise DLP market concentrated on...

Words: 653 - Pages: 3

Premium Essay

Star Gazer

...must also ensure end-to-end data security, not just at the end-point. To do this, Global uses the data loss prevention (DLP) product across its entire enterprise to discover, classify, and take policy-based actions on all of its structured and unstructured data, whether it is in use, in motion, or at rest on endpoints, networks, and servers. Beyond this, the DLP suite enables Global to monitor activity in different business units and develop campaigns targeted at specific user groups. For example, DLP suite can help Global understand which particular departments display high bandwidth usage, meaning they are using the Internet quite often. It can then monitor these business units more closely, since the chances of a security breach, such as a Trojan embedded in a Web page will be higher for them than in other departments that use the Internet much less. Reporting, Auditing, and Compliance Finally, Global uses the CompScan platform that provides a mean to audit its controls and document the effectiveness of the controls with regard to compliance and security regulations. This security information and event management (SIEM) solution collects and analyzes huge amounts of data regarding access in real time. CIS CompScan provides Global with a centralized view of the log information from thousands of security devices, including data generated by CIS DLP Suite, security tokens, and intrusion detection systems (IDSs). Identifying correlations between logs from all......

Words: 1445 - Pages: 6

Free Essay

Dlp Bluecoat

...Solution Brief: Blue Coat DLP The Blue Coat DLP Solution: Complete. Quickly Deployed. Easy to Manage. The loss of sensitive information – by accident or by design – is a persistent concern for IT managers today. Detecting and eliminating potential data leaks is critical, and Blue Coat Data Loss Prevention (DLP) gives you a running start. A typical installation takes less than a day. You can immediately automate compliance and mitigate risks from internal breaches across any electronic communication channel – from email to the Web. Even SSL traffic is inspected and controlled at the gateway. The Content Security Challenge When confidential information is leaked, the effect can be devastating: loss of revenue, financial penalties, and irreparable damage to your organization’s image, brand and customer loyalty. Government regulations and guidelines require businesses to rigorously monitor confidential information and report leaks. The resulting news reports frequently reveal unauthorized use of sensitive data, substantial corporate losses, and a direct effect on consumers. The clear challenge is to protect customer data and safeguard intellectual property against internal mishandling – malicious or accidental. There are many data loss prevention solutions, but they tend to share negative characteristics: Pieces from multiple vendors complicate acquisition. A full DLP solution may take months to implement. Conflicting policies and rules can make operation challenging.......

Words: 1123 - Pages: 5

Free Essay

Case 2 Chapter 13 Sim

...smartphone akan hilang, karyawan yang baik akan menjadi buruk dan mesin virtual akan bermasalah. Alih-alih berfokus pada endpoint, membiarkan pertahanan mengikuti data : memutuskan apa yang harus dilindungi, mencari tahu di mana letak data dan mengunci data dari ancaman dalam dan luar, apakah melalui enkripsi, keamanan berjenjang (multi-tier protection) atau teknologi baru seperti Data Loss Prevention (DLP). DLP menggabungkan jaringan pemindaian dan alat berbasis host untuk mengumpulkan, mengkategorikan dan melindungi kekayaan intelektual perusahaan. Produk ini dapat mempertahankan arsip data dan dokumen, bersama dengan izin terkait kelompok, individu, dan kebijakan lainnya. Mereka kemudian secara aktif memindai jaringan internal dan koneksi eksternal mencari anomali. Ini membutuhkan perlindungan data di luar perimeter atau perlindungan endpoint; DLP memfasilitasi pemeriksaan keamanan internal, memungkinkan "eyes-only" data untuk tetap ‘eyes-only dan meminimalkan risiko bahwa data sensitif akan dilihat oleh orang-orang yang salah, bahkan di rumah. Zimmer mengatakan ia melihat ke dalam DLP software serta perangkat yang dapat membatasi akses individu memiliki data. Meskipun teknologi dapat efektif, hal ini juga memerlukan usaha mencari dan mengelompokkan data mereka 8 sehingga mereka dapat mengatur kebijakan sekitarnya, pekerjaan yang bisa diatasi, tergantung pada bagaimana data telah disimpan. Untuk Pettigrew, ini berarti mencari 5% dari data sensitif yang disimpan......

Words: 3448 - Pages: 14