Professional Documents
Culture Documents
2
2
Latest McAfee Facts
REGULATION
HIPAA, PCI, SOX
Thousands of regional privacy laws
SENSITIVE DATA
Product designs, IP
M&A, Financials, Legal
Data Communication Channels
How Does Data Leak?
Data Discover
Copy to Endpoint Cut, copy,
In use Device Control
device Print
paste
Removable Media Encryption
Data Monitoring
In motion Outbound Web
Dataemail
Blocking IM, blogs
posting
Data Encryption
6
McAfee Data Protection
Solution Architecture
Network DLP
Prevent
MTA or Proxy
Central Management
ePolicy Orchestrator (ePO)
Unified Policy Network and Endpoint DLP
DLP Endpoint
Crawl local drives & Tag
Application, location or content
Outlook files (PST/OST)
Remediate
Move, delete or encrypt
What It Does
Find and protect sensitive information on
hard drives.
9
Monitor Data with DLP Endpoint
DLP Endpoint
Switches/Routers
DLP Endpoint
DLP Monitor Provide content-aware detection
Over 300 content types
Outlook, webmails
IM/FTP/HTTP(S)
I/O channels (USB, media, devices)
What It Does
Monitor data as it leaves the endpoint.
10
Protect Data with DLP Endpoint
DLP Endpoint
Email/Web Gateway
DLP Endpoint
Provide content-aware device
control
DLP Prevent Move or block
Integrated with Endpoint
Encryption
File, folder, or USB
What It Does
DRM support
Protect against data loss via outbound
email, web postings, and endpoints such as Adobe, MS RMS
laptops, USBs and other devices.
11
Unified Rules/Policies
Create unified rules and policies across all vectors (data-in-motion, data-at-rest, data-in-
use, Device-Control)
Example: Protect credit card numbers from leaving the organization
Implementation: One click distribution
Send to network components for protection at egress points
Send to host agent for protection at endpoint, including download to removable
media
PHASE 1 Encryption
Full Disk Encryption of Laptops / Desktops to protect against external
threats (ROI because no HHD destruction needed)
File&Folder Encryption to protection data wherever it goes (Persitent)
User Awareness instead of Blocking
Educate your Endusers to reduce internal Incidents
Event based
Monitoring and User Pop ups
Logging Announcement (no blocking)
Technology Architecture for Security
How Connected Is Your Security?
DLP
Agent
Host IPS Encryption
Agent
Antivirus
Agent NAC
Systems
Audit Management
Agent Agent
SINGLE SINGLE
AGENT CONSOLE
Security Management Platform: ePO
REAL TIME SECURITY ACTIONABLE
PROTECTION
THREAT FEEDS METRICS INFORMATION
Executive
Risk
Endpoint Encrypt. Mgmt Security
Email Firewall
Security
Admin
ePO Management
White
Listing DLP Platform
Web IPS SIA
IT
Architect
Integrates with
IT Operations Platforms
ePO Integration Strategy
Automation of monitoring, reporting, and auditing Reduces Costs!
McAfee
Endpoint Encryption
1
Single console, single McAfee Endpoint
agent endpoint deployment
and management Encryption for
Removable Media
2
Single consolidated source for
incident response and reporting McAfee
Network DLP
and Endpoint
3
Comprehensive incident views,
case management and workflow
Data Loss via Social Media
19
Unencrypted USB Access
January 22, 20
Unauthorized Clipboard Access to Data
21
McAfee Device Control and Host DLP Client
Disable block
Full Local
protection x
Deploy agent via communication uninstallation only
minutes via
ePO Server through one with challange
challange
agent strategy response
response
User Watchdog
Driver based Can be active
notification for prevents that
software in windows
monitor or services are
protection safe mode
block action stopped
McAfee Device Control Device Definition
USB Class
Connected
Configure Windows Code,
Port (USB,
devices per Device Guid Serialnumber,
Firewire etc)
Device Name.
Configure
Block running Run security
Create device Hyperlink and
executables awareness
exemptions text for user
from usb programm
notification
McAfee Device Control Management
Management Export from Redaction of
Automatic
through reports device sensitive
reports send
webbased definitions for fields in
via Mail
ePO whitelisting reports
Verify device
For Eyes only
Monitor status of details for Configure active
principle to open
agent deployment connected modules/driver
reports
devices on clients
Implementation example
H-DLP
Network Removable
Printing Screen Capture
Communication Storage
Protection Protection
Protection Protection
McAfee Host data Loss Prevention
Management
Enable only challange
Central
required response Policy
Management
handler on code Analyzer
from ePO
the clients generation
rolf@mcafee.com