FrugalBrothers Software

I recently attended a webcast sponsored by Sophos, and TechRepublic that I wanted to share. I think these tips are valuable, and you might too. the webast can be seen here. Webcast
Distributed by Tubemogul.

Tips to Keep Data Under Control

Webcast presented by TechRepublic, John Metzger of Sophos

Why Compliance is important?

Protect customer and company data

Avoid “CNN” Moments

Avoid Fines Penalties, (up to $500K) Loss of privileges (such as accepting credit cards)

Security Risks

Cyber thieves cost Americans $8 Billion last 2 years $1 Trillion world wide

EnpointSecurity Test results show 85% of all computers don’t have up to date AV,security patches or firewalls turned off

Forrester Research says 52% of organizations have lost confidential information thru removable media such as USB devices

Datalossdb.org says 25% of bata breachs occur with laptops or mobile devices

Computer Security Institute says average cost of a data breach is $300,000

Compliance Requirements

Government such as HIPAA,SOX,GLBA,European Protection Directive,State Laws

Industry Standards such as PCI-DSS,CobIT,ISO,CIS

Internal Policy

Authentication

Access C>ontrol

Malware Protection

Device Control

Application Control

Encryption

Tip# 1 Protect Endpoints

Centralized Management

Anti Malaware Protection

Application Control (no unauthorized apps)

Device Control such as cd burners, usb devices

Authentication

Tip# 2 Compliance Checks

Continuously Check Compliance

Remediate and Block (Automatically turn AV on aa client machine)

User based policy (Prevent a guest from accessing network but ok internet)

Copliance Reporting

Tip# 3 Gateway Protection

Email Filtering (Prevent spam, malware, quarantine email based on content)

Email Encryption (protect confidential email)

Web Content and URL filtering) (protect against mailware and protect acceptable use)

Tip# 4 Encryption

Data at Rest (Data stored on file servers)

Data in use (data currently being edited)

Data in Motion (Encrypting email)