Symantec Data Loss Prevention 11

December 14, 2010

Unstructured Data: Trends and Observations

Its growing
Over 60% per year (IDC)

Its spread out

Distributed file servers, the cloud, self service groupware sites

It contains an organizations intellectual property

Source code, designs, strategy, financials

Its increasingly targeted by thieves

Hydraq a small infection, but targeted highest value IP Malicious insiders steal IP for financial gain and career advancement Malicious outsiders steal product designs for counterfeit

Symantec Data Loss Prevention 11

The Challenges Protecting Intellectual Property (IP)

Its hard to define
The differences between sensitive and non-sensitive data are often subtle

Its hard to find

Its intermingled with large volumes of low value data

Its often very vulnerable permissions are loose

Users create new data repositories and inadvertently grant broad access

Users dont understand the risk of data leaks

Data security is not their primary mission

Symantec Data Loss Prevention 11

Data Loss Prevention 11 Whats New

Symantec Data Loss Prevention 11 simplifies the detection and protection of enterprises most valuable information Vector Machine Learning: Reduce the time and expertise required to develop policies to protect unstructured data and IP
Requires less effort and expertise than describing content; requires a smaller sample than fingerprinting

Risk Scoring: Identify the most risky data by combining content, usage and access information
Gives business units the information they need to directly address hot spots

Data Owner Remediation: Identify data owners and notify them that they need to fix their exposed sensitive data
Reduces the time to achieve measurable risk reduction by involving data owners in the clean up effort
Symantec Data Loss Prevention 11
4

Detecting Unstructured Data: The Challenge Today

Describe

Fingerprint

How do I identify relevant keywords? How do I avoid false positives? How do I tune policies?

What if I cant access all confidential docs? How do I account for new docs? How do I protect the endpoint?

Symantec Data Loss Prevention 11

Symantec Proprietary & Confidential - This information is not a commitment, promise or legal obligation to deliver any material, code or functionality

Vector Machine Learning: Finds Sensitive Data

Learn
Describe Fingerprint

Learns by positive and negative examples Automates keyword identification and enables easier tuning Improves accuracy, reduces false positives Detects new content without having to fingerprint it first

Symantec Data Loss Prevention 11

Symantec Proprietary & Confidential - This information is not a commitment, promise or legal obligation to deliver any material, code or functionality

Data Loss Prevention 11 Whats New

Symantec Data Loss Prevention 11 simplifies the detection and protection of enterprises most valuable information Vector Machine Learning: Reduce the time and expertise required to develop policies to protect unstructured data and IP
Requires less effort and expertise than describing content; requires a smaller sample than fingerprinting

Risk Scoring: Identify the most risky data by combining content, usage and access information
Gives business units the information they need to directly address hot spots

Data Owner Remediation: Identify data owners and notify them that they need to fix their exposed sensitive data
Reduces the time to achieve measurable risk reduction by involving data owners in the clean up effort
Symantec Data Loss Prevention 11
7

Risk Scoring Identifies Data at Greatest Risk

Find and fix the most risky data
Highlights the most risky folders Score is based on incident type, severity and folder accessibility Tells the organization where to focus initial data clean up and lock down efforts

Symantec Data Loss Prevention 11

Data Loss Prevention 11 Whats New

Symantec Data Loss Prevention 11 simplifies the detection and protection of enterprises most valuable information Vector Machine Learning: Reduce the time and expertise required to develop policies to protect unstructured data and IP
Requires less effort and expertise than describing content; requires a smaller sample than fingerprinting

Risk Scoring: Identify the most risky data by combining content, usage and access information
Gives business units the information they need to directly address hot spots

Data Owner Remediation: Identify data owners and notify them that they need to fix their exposed sensitive data
Reduces the time to achieve measurable risk reduction by involving data owners in the clean up effort
Symantec Data Loss Prevention 11
9

Data Owner Remediation Creates Security Awareness

Educating data owners is the key to reducing risk
Automatically notifies data owners that their sensitive files are potentially at risk Reduces the time to achieve measurable risk reduction by involving data owners in the clean up effort

Discover data, and track usage with Data Insight

Re-scan

Report

Alert data owners; advise them via email about how to protect their data
Symantec Data Loss Prevention 11
10

Symantec Data Loss Prevention Products

Storage
Symantec Data Loss Prevention Network Discover Symantec Data Loss Prevention Data Insight Symantec Data Loss Prevention Network Protect

Endpoint
Symantec Data Loss Prevention Endpoint Discover

Network
Symantec Data Loss Prevention Network Monitor

Symantec Data Loss Prevention Endpoint Prevent

Symantec Data Loss Prevention Network Prevent

Management Platform
Symantec Data Loss Prevention Enforce Platform

Symantec Data Loss Prevention 11

11

Data Loss Prevention for Endpoint Enhancements

Flexibility to use a applications and storage devices while protecting sensitive data Automatically apply encryption or Enterprise Rights Management (ERM)
Endpoint

Trusted Devices assures that sensitive data can only be copied to approved storage devices Application File Access Control ensures user drive applications such as iTunes, Skype and WebEx cannot access sensitive data FlexResponse can automatically apply encryption or Enterprise Rights Management to sensitive data

Symantec Data Loss Prevention 11

Summary
Symantec Data Loss Prevention 11 simplifies the detection and protection of enterprises most valuable information

Vector Machine Learning is unique to Symantec

Streamlines policy implementation, particularly for distributed IP

Risk Scoring prioritizes data at risk

Quickly identifies where to start data clean up efforts

Data Owner Remediation educates users about risk

Reduces the time and effort to achieve risk reduction

Symantec Data Loss Prevention 11 is the result of our broad customer experience

Symantec Data Loss Prevention 11

13

Symantec DLP Innovation Timeline

2004 2005 2006 2007 2008 2009 2010 2011

v3

v4

v5

v6

v7

v8

v9

v10

v11

Network: Monitor Network: Prevent Storage: Discover Storage: Protect Endpoint: Monitor & Prevent Endpoint: Discover

Customer focused innovation One third of the F100 Acknowledged DLP leader
Symantec Data Loss Prevention 11

DLP Open Platform DLP Data Insight VML

14

Symantec Proprietary & Confidential - This information is not a commitment, promise or legal obligation to deliver any material, code or functionality

Thank you!

Copyright 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

Symantec Data Loss Prevention 11

15