Page tree
Skip to end of metadata
Go to start of metadata

Agenda

Validate Top Level Use Cases

  • User Story which Shows Proposed Workflow
  • Ensure Alignment with Stakeholder Needs

Collaborative Business Participation

Needs

  • Desktop Hostname and Domain IDs for example AD\JSmith
  • Data Identifiers - Definition of Addresses to Add to White List
  • Other Data Identifiers - Already Gathered by Anderson

Discussion

  • Rules for Escalation * better rules less false positives
  • Medium of Notification * email reports, direct calls
  • How You Want to Action Incidents

Visualization of DLP

There are three areas of Data Leakage Prevention:

DLP How it Works Key Concepts
Policy Gateway (currently in place) All data (email, web traffic, ftp traffic) flows through a central policy gateway. The service reviews and alerts on CIBC specified keywords and document profiles.
  • Difficult to circumvent.
  • Not installed on user machines.
End-Point Desktop

Installed on user machines, End-Point Desktop,

  • Watches and alerts users of policy breaches in real-time based not just on data but also on actions (posting to website, downloading, moving files).
  • Automatically provide remediation such as encrypt files or provide a dialog box to notify management of reason for exception.

In addition End-Point Desktop can interact with devices (USB, printers, etc).

  • Instant Notification to Educate Employees of Security Policies.
  • Monitor file usage.
  • Monitor applications.
  • Monitors device data (USB, printers, etc).
Data Discovery Services

Scan data repositories (network shares, websites, desktop computers and databases) and identify improperly protected files. Sensitive files are identified by CIBC specified keywords and document profiles.

  • Data mining for sensitive data such as credit card or SIN information.
  • No labels