Web

Transcription

Web
資安大未來~解析企業脈動
Websense Inc
台灣區經理 邱薏引
web security | data security | email security
© 2010 Websense, Inc. All rights reserved.
國外案例
資安真實案例
某銀行董事會開完會後5分鐘, 媒體報導已po上網...
某高科技製造業, 嘔心瀝血長達半年的產品設計, 在發表的
同一天, 競爭對手也發表一款相似度高達95%的產品!
詐騙集團企業化經營, 有計劃地偷竊客戶資訊, 企業不甘數
次名譽損失, 主動協同警方辦案…
某知名企業, HR高階主管中了間諜軟體, 在不知情地狀況
下, 公司薪資資料被po上論壇, 差點導致大規模離職潮……
© 2010 Websense, Inc. All rights reserved.
4
資訊安全要怎麼做呢?
DISCOVER
External Threats
Discover
Classify
WHAT
MONITOR
CLASSIFY
WHO
Internal Data
ESSENTIAL
INFORMATION
PROTECTION
HOW
WHERE
Monitor
PROTECT
所以企業大量投資資安…
外對內
Firewalls
AVs
IPS/IDS
SPAM
WAF…
內對外
DRM
Encryption
Device control
Recorded
Access control..
成效呢??
© 2010 Websense, Inc. All rights reserved.
6
“生命"會找到出路…
透過封鎖基礎建設
來防堵洩密不是長久之計
Almost 50% of all IT managers封鎖的方式將限制企業
surveyed admit
獲益於新的技術來拓展業務
their users try to bypass security policies.
(Websense 2009 Web 2.0 @ Work, International Survey)
無法預測使用者
透過何種方式突破封鎖
以完成他們的工作目標
© 2010 Websense, Inc. All rights reserved.
資安角度的演變
• Companies want their staff
to exploit these networks
• Need to protect against
malware hidden in these
fabrics or inappropriate
content in real time.
• Companies are providing
value to these networks
• Need to protect against
inadvertent data loss of
confidential information
into these fabrics in real
time
Producer
Consumer
安全性
便利性
© 2010 Websense, Inc. All rights reserved.
Who is Websense?
web security | data security | email security
9
© 2009 Websense, Inc. All rights reserved.
© 2010 Websense, Inc. All rights reserved.
Websense - Our Global Presence
STOCKHOLM, SWEDEN
ROTTERDAM, NETHERLANDS
1,400 employees across
35 countries and 26 offices.
9,000 partners worldwide.
DUBLIN, IRELAND
READING, ENGLAND
LOS GATOS, CA
DALLAS, TEXAS
HAMBURG, GERMANY
PARIS, FRANCE
ISTANBUL, TURKEY
MADRID, SPAIN
SAN DIEGO, CA
MILAN, ITALY
TOKYO, JAPAN
ISRAEL
BEJING, CHINA
DUBAI, UAE
INDIA
SHANGHAI, CHINA
GUANGZHOU, CHINA
HONG KONG
TAIPEI
KUALA LUMUR
SINGAPORE
SAO PAULO, BRAZIL
Corporate Offices
SYDNEY, AUSTRALIA Engineering/Ops
MELBOURNE
Sales Offices
© 2010 Websense, Inc. All rights reserved.
Websense Milestones
Unified Content Management
Websense Evolution
Real-time security & content management
Essential Information Protection™
Manage
Internet
access for
productivity
Web Filtering:
Block inappropriate
content in the
workplace
1994
2000
Investment in R&D
more than doubled
over last three years
Protect by
blocking access
to compromised
sites;
ThreatSeeker™
technology
2004
2006
2007
2008
2009
2010
Acquired Inktomi Traffic Server
Acquired Port Authority Technologies
Acquired SurfControl
Investment & Innovation
Acquired Defensio
© 2010 Websense, Inc. All rights reserved.
Websense - Innovation Leadership
Innovation
First to market with phishing protection
Nov ‘02
First to market with drive‐by and backchannel spyware protection
Nov ‘02
First to market with crimeware/keylogger protection
Nov ‘04
47 patents granted worldwide Feb ‘06
106 patents pending and 30 submissions
First to add natural language processing to DLP.
Jun ‘07
First to deliver Web‐eMail‐Data bi‐directional security intelligence
Dec ‘07
in development for our technology
First to market with bot network protection
First to market with dynamic Web 2.0 content categorization
Mar ‘08
First to create an Internet HoneyGrid that melds honeypots and advanced grid computing capable of parsing one billion pieces of content daily
Mar ‘08
First to deliver a hybrid virtual service platform combining the best of appliances and cloud‐based services
Feb ‘10
© 2010 Websense, Inc. All rights reserved.
Comprehensive Recognition
Web Security:
2008 Worldwide Market Share Leader
2009 Secure Web Gateway MQ: Leaders Quadrant
2009 Content‐Aware Data Loss Prevention MQ:
Leaders Quadrant
Secure Web Gateway: 2008 Worldwide Market Share Leader
2009 North American Content Management Product Innovation of the Year Award
2009 Global Content Filtering Products Market Leadership Award
Content Filtering Competitive Landscape, 2008: THE Market Leader
Content Filtering:
2008 Market Share Leader
Content Security Suites Wave, Q2 2009: Sole Leader
Web Filtering Wave, Q2 2009: Recognized Leader
Email Filtering Wave, Q2 2009: Recognized Leader
Data Leak Prevention Wave, Q2 2008: Recognized Leader
DLP Market Quadrant 2009: Short List
Content Filtering:
Information Protection Decision Matrix: On ‘Shortlist’
Highest aggregate technology rating
2009 Corporate Web Security Market Quadrant: Recognized Leader
Corporate Web Security:
2008 Install Base & Revenue Market Share Leader
Content Filtering:
2008 Worldwide Market Share Leader
14
Unified Content Security in Action
Maximize ROSI &
reduce TCO
Security against
modern threats
Comply with
regulations
A strategic vendor
relationship
© 2010 Websense, Inc. All rights reserved.
THE CHALLENGE
How the security landscape has changed
web security | data security | email security
© 2010 Websense, Inc. All rights reserved.
Business Challenges
Strategic
Planning
“How do I
reduce the cost
of securing
against each
new threat and
get the best
return on
security
investment?”
Business
Planning
“How can I
expand access
to more
customers
without
increasing my
risk of malware
& data loss?”
Infrastructure
Management
Security
Management
“How can I allow
partners to
access internal
resources
without risk?”
“How can I
protect remote
employees from
leaking data
when they are
on the road?”
“How do I
protect my
company
against modern
threats that span
multiple
vectors?”
© 2010 Websense, Inc.
All rights reserved.
Business Needs
Maximize
ROSI* &
Reduce TCO
Improve
Security
Adhere to new
regulations
Instant best
practice
deployment
aligned with
regulations
Build strategic
relationships
Improve employee
effectiveness &
efficiency
Unify the policies
and protection
throughout the
organization
Reduce security
CAPEX
Protection against
modern threats
that span many
vectors
Vendor reliability
Reduce security
OPEX
Reduce risk of new
business initiatives
Improved service &
support
Vendor
consolidation
With Websense you can address all these
business needs today.
*
Return on Security Investment
© 2010 Websense, Inc. All rights reserved.
Technology Trends
Interconnectivity of business across more complex sites
with user generated content predominating.
Businesses are taking advantage of these new
web sites to reach new and existing audiences
Attempting to block these sites or lock
down your infrastructure is a strategy we
see circumvented time and again.
Data now lives outside your network, more so if you
use SaaS applications.
The focus from criminals is to steal data and
monetize that. They blend their attacks across
multiple vectors.
URL lists and signature based security mechanisms
cannot keep up, at best AV can clean up.
© 2010 Websense, Inc. All rights reserved.
Applications & Data Move to The Web
© 2010
2009 Websense,
Websense, Inc.
Inc. All
All rights
rights reserved.
reserved.
20
©
‘There’s an app for that.’
The economic & business argument for SaaS
applications is unassailable. Business is now
digitally enabled and socially connected.
© 2010 Websense, Inc. All rights reserved.
Exploiting the new Web - Dell
Would you market to a population as large as
the US? Facebook alone has a population of
300 million active users, 50% logon every day.
22
© 2010 Websense, Inc. All rights reserved.
Exploiting the new Web – US Gov
These new social fabrics are not just used by
commercial organisations. Broadcast costs can
be much more cost effective than other media.
23
© 2010 Websense, Inc. All rights reserved.
Threats Span Multiple Vectors
Email with URL
Website downloads
Trojan malware
Confidential data
harvested
Hacker collects data
from web site
User visits
popular site
Website downloads
Trojan malware
Confidential data
harvested
Hacker collects data
via IRC chat
Confidential data
harvested
Hacker collects data
with SMTP engine
USB dropped in
car park
© 2010 Websense, Inc. All rights reserved.
Traditional Security Can’t Keep Up
See the proof for
yourself at the:
Security
Effectiveness
Center
http://securitylabs.websense.com/
Number of real time security
updates
© 2010 Websense, Inc. All rights reserved.
To Summarize The Challenge
Free flow of information leads to
competitive advantage
New threats are hard to distinguish
from legitimate business process
Point security solutions exhibit
blind spots from lack of
shared intelligence
Superficial integration causes
weak reporting & management
systems
© 2010 Websense, Inc. All rights reserved.
THE SOLUTION
Unified Content Security to Protect Your Essential Information:
TRITON
web security | data security | email security
© 2010 Websense, Inc. All rights reserved.
Our Guiding Principles
Maximize the Return on Security
Investment (ROSI) & Reduce TCO
Counter modern threats through
content and context awareness
Consistently enforce
policies, regulation and statutory
compliance
Provide flexible deployment without
additional complexity or compromise
© 2010 Websense, Inc. All rights reserved.
Unified Content Security
Shared threat intelligence
Websense owns the intellectual property
Unified for
Unified Adaptable
new threatsproactive
contenttoanalysis:
protection
against
Content Platform
modern threats. Maintain innovation Analysis
leadership
Owning
thevendors
intellectualwho OEM threat intelligence
against
capital for content analysis
leads to greater innovation
Unified Solution
© 2010 Websense, Inc. All rights reserved.
Unified Content Security
Unified console for shared
management, reporting, po
licies & enforcement
Comprehensive and
meaningful
reports and
Policy
management
policies
Unified Unified is consistent
and reporting
Content Platform
Analysis
and comprehensive across all threat
vectors.
Analysis & intelligence
drive actionable policies
Unified Solution
© 2010 Websense, Inc. All rights reserved.
Unified Content Security
Software, appliance or
cloud based deployment to
suit business environment
More resilient to
Unified We
are
platform
agnostic.
We
let
customers
Unified technological change
Content decide
what
is
best
for
their
circumstances.
Platform
without extra CAPEX
Analysis
This
has
major
cost
benefits.
Leverage virtualization
technologies to mix and
match platform options
Unified Solution
© 2010 Websense, Inc. All rights reserved.
Announcing TRITON
TRITON™ is the industry’s first unified
security architecture that integrates
web, data and email
32
Unified Content Security in Action
Maximize ROSI &
reduce TCO
Security against
modern threats
Comply with
regulations
A strategic vendor
relationship
© 2010 Websense, Inc. All rights reserved.
TRITON Architecture
Web
Data
Email
Security
Security
Security
ThreatSeeker
Network
TRITON unified content security
SaaS
Appliance
Software
Mix & match “on
premise” and “in the
cloud” deployment
TRITON unified
security center
© 2010 Websense, Inc. All rights reserved.
Explaining ThreatSeeker Network
1 billion pieces of
content per day
Threat Detection/Probes
Real-Time Security Updates
Websense
Shared Analytics/Feedback
Web Security Gateway
ThreatSeeker
Technology
2+ million
posts per day
Websense
Hosted Customers
Defensio
Websense
Websense
ThreatSeeker
Technology
Security Labs™
200+ million
sites per day
10+ million
emails per hour
Hosted Security
URL and
Security
Database
© 2010 Websense, Inc. All rights reserved.
Deployment Options
SaaS
Appliance
Software
No On-Premise
Equipment or
Upgrades
Simplified Deployment
Granular Control
Scalable, Enterprise
Performance
Performance Scalability
Security Effectiveness
Easy-to-Use
Management
Leverage Investments in
Virtual Computing
Full Policy
Management &
Reporting Control
Web & Email
Integration
Standard Hardware
Extensible Security
Platform
Leading PricePerformance
Carrier Grade
Datacenter Availability
& Security
© 2010 Websense, Inc. All rights reserved.
TRITON Unified Security Center
Unified management console for policy management and
reporting
– Full system administration from one console
– Role based application and control for Web, email, and data loss
prevention
Provides unified content analysis, unified platform, and unified
solution for content security
– Best security at the lowest total cost of ownership
© 2010 Websense, Inc. All rights reserved.
THE MODULES
Understanding the Websense product portfolio at a glance
web security | data security | email security
© 2010 Websense, Inc. All rights reserved.
The Websense modules explained
Click on a product area or click next to continue
NEXT
© 2010 Websense, Inc. All rights reserved.
Web Security
Securing the new Web
web security | data security | email security
© 2010 Websense, Inc. All rights reserved.
The Web Security Challenge
ENABLE broad business use of Web 2.0 sites like
LinkedIn, Facebook, and Salesforce… without the risks
Outbound data loss and compliance
–
–
Web mail
Posting to social media
Web-based Malware
–
–
AV cannot keep pace with dynamic Web and
script-based attacks
Another data loss vector
Web 2.0 Content Classification
–
–
Mixed-content and password-protected sites
defy traditional content filtering
Drains productivity and increases malware risk
Outbound
PII, CC#, SSN
, health, finan
cial
Inbound
mixed
content, maliciou
s scripts
AV, Filter, DLP
Rising Web security TCO
–
–
Managing multiple vendors and products
Supporting distributed enterprise
© 2010 Websense, Inc. All rights reserved.
Web Security Gateway Anywhere運作方式
WEBSENSE
ThreatSeeker
Web Security
Gateway
®
TECHNOLOGY
Dynamic
Threat
Protection
SSL
S
S
L
Web
Security v7
Dynamic
Content
Control
TruWeb DLP
ThreatSeeker®
TECHNOLOGY
Websense Security Labs
39 percent of malicious Web attacks included data‐stealing code
43
Web 2.0 without Websense-iGoogle
44
Web 2.0 with Websense-iGoogle
45
一般廠商對於Web 2.0的處理方式
落後的分類技術,導致漏擋或誤擋
網頁信評
將整個Web 2.0 網站內容二分法
all “good” or all “bad”
– 無名小站 = BAD, 封鎖
– Yahoo = GOOD, 允許
YES
MAYBE
NO
?
?
?
?
?
?
?
?
Websense 如何處理Web 2.0
即時掃描並分類所有內容
完整的針對 Web 2.0 惡意內容保護機制
Dynamic threats, malicious scripts, infected Web
objects, browser-based applications
Granular policy controls based on actual
content – not past reputation
YES
NO
MAYBE
NO
YES
MAYBE
YES
YES
YES
可以讓員工連結Web2.0 網站,但阻隔惡意
程式與公司不允許瀏覽的內容
Web User and Destination Awareness
DLP policies and reports include user and Web category information
Accelerate decision making and compliance
– Compliance reports immediately reveal sources of outbound risk – what, who, and
where
– Separate legitimate business process from compliance violations
©2010 All Rights Reserved. Websense, Inc.
Data Security
Stop confidential data loss.
web security | data security | email security
© 2010 Websense, Inc. All rights reserved.
Challenge of Data Loss Prevention
Ensure uninterrupted business by managing compliance &
risks, preventing data loss and securing business processes
Manage and measure compliance and risks
–
–
Delays in generating audit reports and
compliance requirements
Difficulty uncovering broken or bad business
processes
Visibility into data stored and in transit
–
–
Unknown types of data
Uncertain risks for each communication
channels
Securing Business Processes
–
–
Cannot enforce who can send what
Possible damage to company brand and
reputation
© 2010 Websense, Inc. All rights reserved.
Websense Data Security Suite
Market-leading Data Loss Prevention technology to
identify, monitor and protect confidential data
Unified Policy Design
–
–
–
Only offering with unified policy
design
Manage all facets of effective
Data Loss Prevention policy
Powerful monitoring capability
to track ever changing data
(stored and in transit)
Low Cost and Complexity
–
–
Modular solution tailors to
specific customer requirements
Simple deployment and
reduced box-count with tight
feature integration
IDENTIFY
MONITOR
PROTECT
NSI
Email
Block
SOX
Http
Encrypt
New Design
IM
Quarantine
PII
Print
Notify
HPIAA
Removable Media
Confirm
PCI DSS
Custom Channel
Application
PHI PFI
Database
Remediate
Server
Centralized Management and Reporting
© 2010 Websense, Inc. All rights reserved.
Multiple Facets of Data Loss Prevention
Who
Where
What
How
Action
Human Resources
Source Code
Benefits Provider
File Transfer
Audit
Customer Service
Business Plans
Personal Web Storage
Web
Block
The ONLY solution providing Unified
Policy Design for effective and efficient
control
Marketing
Patient Information
Business Partner
Instant Messaging
Finance
M&A Plans
Blog
Peer‐to‐Peer
Remove
Accounting
Employee Salary
Customer
Email
Encrypt
Sales
Financial Statements
Spyware Site
Print
Quarantine
Legal
Customer Records
USB
Removable Media
Technical Support
Technical Documentation
Competitor
Print Screen
Engineering
Competitive Information
Analyst
Copy/Paste
Notify
Confirm
© 2010 Websense, Inc. All rights reserved.
Proven Results and Methodology
Non-Public Personal Information (NPI) Violations
14000
12000
10000
8000
6000
4000
2000
0
Jan Feb Mar Apr May Jun
Passive Monitoring
Jul Aug Sep Oct Nov Dec
Notifications
Active Enforcement
© 2010 Websense, Inc. All rights reserved.
Any-Services, Anywhere
Software-as-a-Service
(SaaS)
Real-time
Intelligence
Sharing
DLP
Web
Email
Data
Security
Security
Security
ThreatSeeker
Network
Real-time
Intelligence
Sharing
ThreatSeeker
Cloud Service
SPLOG
Phishing
Fraud
V-Series Appliances
DLP
DLP
Web
Defensio
DLP
Web
Email
Data
Security
Security
Security
Security
V5000
V10000
© 2010 Websense, Inc. All rights reserved.
What our customers say?
At a glance, why customers protect their business with Websense.
web security | data security | email security
© 2010 Websense, Inc. All rights reserved.
Global brands that trust Websense
56
© 2010 Websense, Inc. All rights reserved.
Customers That Trust Websense
Finance
Healthcare – Insurance
Government
Construction / Utilities
Communications
Transportation
Manufacturing / Business
Retail
Education
© 2010 Websense, Inc. All rights reserved.
Customers That Trust Websense
Finance
Healthcare / Insurance
Government
Property/Construction / Utilities
Communications
Transportation
Manufacturing/Technology
Manufacturing/Technology
Retail
© 2010 Websense, Inc. All rights reserved.
Websense Sweeps Forrester Waves
Validates our ‘Essential Information Protection’ Strategy
“Forrester sees a growing market demand for consolidated content security suites rather than point products.”
Websense is the best choice today for
organizations looking for best-of-breed
technologies
that
have a good
suite
Web
Email Filtering
DLP
“Websense alone leads the content focus.”
security suite market because of its We are a leader in Forrester’s
Web, Email and DLP
current functionality and suite‐
Wave
Reports
oriented product strategy.” Forrester Wave™: Content Security Suites, Q2 2009
Content Security Suites
© 2010 Websense, Inc. All rights reserved.
In Summary
Reduce TCO
Increase Security
Comply with
regulations
Build strategic
relationships
© 2010 Websense, Inc. All rights reserved.
Questions
Thank you for listening
web security | data security | email security
© 2010 Websense, Inc. All rights reserved.