Agenda
Validate Top Level Use Cases
- User Story which Shows Proposed Workflow
- Ensure Alignment with Stakeholder Needs
Collaborative Business Participation
Needs
- Desktop Hostname and Domain IDs for example AD\JSmith
- Data Identifiers - Definition of Addresses to Add to White List
- Other Data Identifiers - Already Gathered by Anderson
Discussion
- Rules for Escalation * better rules less false positives
- Medium of Notification * email reports, direct calls
- How You Want to Action Incidents
Visualization of DLP
There are three areas of Data Leakage Prevention:
DLP |
How it Works |
Key Concepts |
Policy Gateway (currently in place) |
All data (email, web traffic, ftp traffic) flows through a central policy gateway. The service reviews and alerts on CIBC specified keywords and document profiles. |
- Difficult to circumvent.
- Not installed on user machines.
|
End-Point Desktop |
Installed on user machines, End-Point Desktop,
- Watches and alerts users of policy breaches in real-time based not just on data but also on actions (posting to website, downloading, moving files).
- Automatically provide remediation such as encrypt files or provide a dialog box to notify management of reason for exception.
In addition End-Point Desktop can interact with devices (USB, printers, etc). |
- Instant Notification to Educate Employees of Security Policies.
- Monitor file usage.
- Monitor applications.
- Monitors device data (USB, printers, etc).
|
Data Discovery Services |
Scan data repositories (network shares, websites, desktop computers and databases) and identify improperly protected files. Sensitive files are identified by CIBC specified keywords and document profiles. |
- Data mining for sensitive data such as credit card or SIN information.
|