Web
Transcription
Web
資安大未來~解析企業脈動 Websense Inc 台灣區經理 邱薏引 web security | data security | email security © 2010 Websense, Inc. All rights reserved. 國外案例 資安真實案例 某銀行董事會開完會後5分鐘, 媒體報導已po上網... 某高科技製造業, 嘔心瀝血長達半年的產品設計, 在發表的 同一天, 競爭對手也發表一款相似度高達95%的產品! 詐騙集團企業化經營, 有計劃地偷竊客戶資訊, 企業不甘數 次名譽損失, 主動協同警方辦案… 某知名企業, HR高階主管中了間諜軟體, 在不知情地狀況 下, 公司薪資資料被po上論壇, 差點導致大規模離職潮…… © 2010 Websense, Inc. All rights reserved. 4 資訊安全要怎麼做呢? DISCOVER External Threats Discover Classify WHAT MONITOR CLASSIFY WHO Internal Data ESSENTIAL INFORMATION PROTECTION HOW WHERE Monitor PROTECT 所以企業大量投資資安… 外對內 Firewalls AVs IPS/IDS SPAM WAF… 內對外 DRM Encryption Device control Recorded Access control.. 成效呢?? © 2010 Websense, Inc. All rights reserved. 6 “生命"會找到出路… 透過封鎖基礎建設 來防堵洩密不是長久之計 Almost 50% of all IT managers封鎖的方式將限制企業 surveyed admit 獲益於新的技術來拓展業務 their users try to bypass security policies. (Websense 2009 Web 2.0 @ Work, International Survey) 無法預測使用者 透過何種方式突破封鎖 以完成他們的工作目標 © 2010 Websense, Inc. All rights reserved. 資安角度的演變 • Companies want their staff to exploit these networks • Need to protect against malware hidden in these fabrics or inappropriate content in real time. • Companies are providing value to these networks • Need to protect against inadvertent data loss of confidential information into these fabrics in real time Producer Consumer 安全性 便利性 © 2010 Websense, Inc. All rights reserved. Who is Websense? web security | data security | email security 9 © 2009 Websense, Inc. All rights reserved. © 2010 Websense, Inc. All rights reserved. Websense - Our Global Presence STOCKHOLM, SWEDEN ROTTERDAM, NETHERLANDS 1,400 employees across 35 countries and 26 offices. 9,000 partners worldwide. DUBLIN, IRELAND READING, ENGLAND LOS GATOS, CA DALLAS, TEXAS HAMBURG, GERMANY PARIS, FRANCE ISTANBUL, TURKEY MADRID, SPAIN SAN DIEGO, CA MILAN, ITALY TOKYO, JAPAN ISRAEL BEJING, CHINA DUBAI, UAE INDIA SHANGHAI, CHINA GUANGZHOU, CHINA HONG KONG TAIPEI KUALA LUMUR SINGAPORE SAO PAULO, BRAZIL Corporate Offices SYDNEY, AUSTRALIA Engineering/Ops MELBOURNE Sales Offices © 2010 Websense, Inc. All rights reserved. Websense Milestones Unified Content Management Websense Evolution Real-time security & content management Essential Information Protection™ Manage Internet access for productivity Web Filtering: Block inappropriate content in the workplace 1994 2000 Investment in R&D more than doubled over last three years Protect by blocking access to compromised sites; ThreatSeeker™ technology 2004 2006 2007 2008 2009 2010 Acquired Inktomi Traffic Server Acquired Port Authority Technologies Acquired SurfControl Investment & Innovation Acquired Defensio © 2010 Websense, Inc. All rights reserved. Websense - Innovation Leadership Innovation First to market with phishing protection Nov ‘02 First to market with drive‐by and backchannel spyware protection Nov ‘02 First to market with crimeware/keylogger protection Nov ‘04 47 patents granted worldwide Feb ‘06 106 patents pending and 30 submissions First to add natural language processing to DLP. Jun ‘07 First to deliver Web‐eMail‐Data bi‐directional security intelligence Dec ‘07 in development for our technology First to market with bot network protection First to market with dynamic Web 2.0 content categorization Mar ‘08 First to create an Internet HoneyGrid that melds honeypots and advanced grid computing capable of parsing one billion pieces of content daily Mar ‘08 First to deliver a hybrid virtual service platform combining the best of appliances and cloud‐based services Feb ‘10 © 2010 Websense, Inc. All rights reserved. Comprehensive Recognition Web Security: 2008 Worldwide Market Share Leader 2009 Secure Web Gateway MQ: Leaders Quadrant 2009 Content‐Aware Data Loss Prevention MQ: Leaders Quadrant Secure Web Gateway: 2008 Worldwide Market Share Leader 2009 North American Content Management Product Innovation of the Year Award 2009 Global Content Filtering Products Market Leadership Award Content Filtering Competitive Landscape, 2008: THE Market Leader Content Filtering: 2008 Market Share Leader Content Security Suites Wave, Q2 2009: Sole Leader Web Filtering Wave, Q2 2009: Recognized Leader Email Filtering Wave, Q2 2009: Recognized Leader Data Leak Prevention Wave, Q2 2008: Recognized Leader DLP Market Quadrant 2009: Short List Content Filtering: Information Protection Decision Matrix: On ‘Shortlist’ Highest aggregate technology rating 2009 Corporate Web Security Market Quadrant: Recognized Leader Corporate Web Security: 2008 Install Base & Revenue Market Share Leader Content Filtering: 2008 Worldwide Market Share Leader 14 Unified Content Security in Action Maximize ROSI & reduce TCO Security against modern threats Comply with regulations A strategic vendor relationship © 2010 Websense, Inc. All rights reserved. THE CHALLENGE How the security landscape has changed web security | data security | email security © 2010 Websense, Inc. All rights reserved. Business Challenges Strategic Planning “How do I reduce the cost of securing against each new threat and get the best return on security investment?” Business Planning “How can I expand access to more customers without increasing my risk of malware & data loss?” Infrastructure Management Security Management “How can I allow partners to access internal resources without risk?” “How can I protect remote employees from leaking data when they are on the road?” “How do I protect my company against modern threats that span multiple vectors?” © 2010 Websense, Inc. All rights reserved. Business Needs Maximize ROSI* & Reduce TCO Improve Security Adhere to new regulations Instant best practice deployment aligned with regulations Build strategic relationships Improve employee effectiveness & efficiency Unify the policies and protection throughout the organization Reduce security CAPEX Protection against modern threats that span many vectors Vendor reliability Reduce security OPEX Reduce risk of new business initiatives Improved service & support Vendor consolidation With Websense you can address all these business needs today. * Return on Security Investment © 2010 Websense, Inc. All rights reserved. Technology Trends Interconnectivity of business across more complex sites with user generated content predominating. Businesses are taking advantage of these new web sites to reach new and existing audiences Attempting to block these sites or lock down your infrastructure is a strategy we see circumvented time and again. Data now lives outside your network, more so if you use SaaS applications. The focus from criminals is to steal data and monetize that. They blend their attacks across multiple vectors. URL lists and signature based security mechanisms cannot keep up, at best AV can clean up. © 2010 Websense, Inc. All rights reserved. Applications & Data Move to The Web © 2010 2009 Websense, Websense, Inc. Inc. All All rights rights reserved. reserved. 20 © ‘There’s an app for that.’ The economic & business argument for SaaS applications is unassailable. Business is now digitally enabled and socially connected. © 2010 Websense, Inc. All rights reserved. Exploiting the new Web - Dell Would you market to a population as large as the US? Facebook alone has a population of 300 million active users, 50% logon every day. 22 © 2010 Websense, Inc. All rights reserved. Exploiting the new Web – US Gov These new social fabrics are not just used by commercial organisations. Broadcast costs can be much more cost effective than other media. 23 © 2010 Websense, Inc. All rights reserved. Threats Span Multiple Vectors Email with URL Website downloads Trojan malware Confidential data harvested Hacker collects data from web site User visits popular site Website downloads Trojan malware Confidential data harvested Hacker collects data via IRC chat Confidential data harvested Hacker collects data with SMTP engine USB dropped in car park © 2010 Websense, Inc. All rights reserved. Traditional Security Can’t Keep Up See the proof for yourself at the: Security Effectiveness Center http://securitylabs.websense.com/ Number of real time security updates © 2010 Websense, Inc. All rights reserved. To Summarize The Challenge Free flow of information leads to competitive advantage New threats are hard to distinguish from legitimate business process Point security solutions exhibit blind spots from lack of shared intelligence Superficial integration causes weak reporting & management systems © 2010 Websense, Inc. All rights reserved. THE SOLUTION Unified Content Security to Protect Your Essential Information: TRITON web security | data security | email security © 2010 Websense, Inc. All rights reserved. Our Guiding Principles Maximize the Return on Security Investment (ROSI) & Reduce TCO Counter modern threats through content and context awareness Consistently enforce policies, regulation and statutory compliance Provide flexible deployment without additional complexity or compromise © 2010 Websense, Inc. All rights reserved. Unified Content Security Shared threat intelligence Websense owns the intellectual property Unified for Unified Adaptable new threatsproactive contenttoanalysis: protection against Content Platform modern threats. Maintain innovation Analysis leadership Owning thevendors intellectualwho OEM threat intelligence against capital for content analysis leads to greater innovation Unified Solution © 2010 Websense, Inc. All rights reserved. Unified Content Security Unified console for shared management, reporting, po licies & enforcement Comprehensive and meaningful reports and Policy management policies Unified Unified is consistent and reporting Content Platform Analysis and comprehensive across all threat vectors. Analysis & intelligence drive actionable policies Unified Solution © 2010 Websense, Inc. All rights reserved. Unified Content Security Software, appliance or cloud based deployment to suit business environment More resilient to Unified We are platform agnostic. We let customers Unified technological change Content decide what is best for their circumstances. Platform without extra CAPEX Analysis This has major cost benefits. Leverage virtualization technologies to mix and match platform options Unified Solution © 2010 Websense, Inc. All rights reserved. Announcing TRITON TRITON™ is the industry’s first unified security architecture that integrates web, data and email 32 Unified Content Security in Action Maximize ROSI & reduce TCO Security against modern threats Comply with regulations A strategic vendor relationship © 2010 Websense, Inc. All rights reserved. TRITON Architecture Web Data Email Security Security Security ThreatSeeker Network TRITON unified content security SaaS Appliance Software Mix & match “on premise” and “in the cloud” deployment TRITON unified security center © 2010 Websense, Inc. All rights reserved. Explaining ThreatSeeker Network 1 billion pieces of content per day Threat Detection/Probes Real-Time Security Updates Websense Shared Analytics/Feedback Web Security Gateway ThreatSeeker Technology 2+ million posts per day Websense Hosted Customers Defensio Websense Websense ThreatSeeker Technology Security Labs™ 200+ million sites per day 10+ million emails per hour Hosted Security URL and Security Database © 2010 Websense, Inc. All rights reserved. Deployment Options SaaS Appliance Software No On-Premise Equipment or Upgrades Simplified Deployment Granular Control Scalable, Enterprise Performance Performance Scalability Security Effectiveness Easy-to-Use Management Leverage Investments in Virtual Computing Full Policy Management & Reporting Control Web & Email Integration Standard Hardware Extensible Security Platform Leading PricePerformance Carrier Grade Datacenter Availability & Security © 2010 Websense, Inc. All rights reserved. TRITON Unified Security Center Unified management console for policy management and reporting – Full system administration from one console – Role based application and control for Web, email, and data loss prevention Provides unified content analysis, unified platform, and unified solution for content security – Best security at the lowest total cost of ownership © 2010 Websense, Inc. All rights reserved. THE MODULES Understanding the Websense product portfolio at a glance web security | data security | email security © 2010 Websense, Inc. All rights reserved. The Websense modules explained Click on a product area or click next to continue NEXT © 2010 Websense, Inc. All rights reserved. Web Security Securing the new Web web security | data security | email security © 2010 Websense, Inc. All rights reserved. The Web Security Challenge ENABLE broad business use of Web 2.0 sites like LinkedIn, Facebook, and Salesforce… without the risks Outbound data loss and compliance – – Web mail Posting to social media Web-based Malware – – AV cannot keep pace with dynamic Web and script-based attacks Another data loss vector Web 2.0 Content Classification – – Mixed-content and password-protected sites defy traditional content filtering Drains productivity and increases malware risk Outbound PII, CC#, SSN , health, finan cial Inbound mixed content, maliciou s scripts AV, Filter, DLP Rising Web security TCO – – Managing multiple vendors and products Supporting distributed enterprise © 2010 Websense, Inc. All rights reserved. Web Security Gateway Anywhere運作方式 WEBSENSE ThreatSeeker Web Security Gateway ® TECHNOLOGY Dynamic Threat Protection SSL S S L Web Security v7 Dynamic Content Control TruWeb DLP ThreatSeeker® TECHNOLOGY Websense Security Labs 39 percent of malicious Web attacks included data‐stealing code 43 Web 2.0 without Websense-iGoogle 44 Web 2.0 with Websense-iGoogle 45 一般廠商對於Web 2.0的處理方式 落後的分類技術,導致漏擋或誤擋 網頁信評 將整個Web 2.0 網站內容二分法 all “good” or all “bad” – 無名小站 = BAD, 封鎖 – Yahoo = GOOD, 允許 YES MAYBE NO ? ? ? ? ? ? ? ? Websense 如何處理Web 2.0 即時掃描並分類所有內容 完整的針對 Web 2.0 惡意內容保護機制 Dynamic threats, malicious scripts, infected Web objects, browser-based applications Granular policy controls based on actual content – not past reputation YES NO MAYBE NO YES MAYBE YES YES YES 可以讓員工連結Web2.0 網站,但阻隔惡意 程式與公司不允許瀏覽的內容 Web User and Destination Awareness DLP policies and reports include user and Web category information Accelerate decision making and compliance – Compliance reports immediately reveal sources of outbound risk – what, who, and where – Separate legitimate business process from compliance violations ©2010 All Rights Reserved. Websense, Inc. Data Security Stop confidential data loss. web security | data security | email security © 2010 Websense, Inc. All rights reserved. Challenge of Data Loss Prevention Ensure uninterrupted business by managing compliance & risks, preventing data loss and securing business processes Manage and measure compliance and risks – – Delays in generating audit reports and compliance requirements Difficulty uncovering broken or bad business processes Visibility into data stored and in transit – – Unknown types of data Uncertain risks for each communication channels Securing Business Processes – – Cannot enforce who can send what Possible damage to company brand and reputation © 2010 Websense, Inc. All rights reserved. Websense Data Security Suite Market-leading Data Loss Prevention technology to identify, monitor and protect confidential data Unified Policy Design – – – Only offering with unified policy design Manage all facets of effective Data Loss Prevention policy Powerful monitoring capability to track ever changing data (stored and in transit) Low Cost and Complexity – – Modular solution tailors to specific customer requirements Simple deployment and reduced box-count with tight feature integration IDENTIFY MONITOR PROTECT NSI Email Block SOX Http Encrypt New Design IM Quarantine PII Print Notify HPIAA Removable Media Confirm PCI DSS Custom Channel Application PHI PFI Database Remediate Server Centralized Management and Reporting © 2010 Websense, Inc. All rights reserved. Multiple Facets of Data Loss Prevention Who Where What How Action Human Resources Source Code Benefits Provider File Transfer Audit Customer Service Business Plans Personal Web Storage Web Block The ONLY solution providing Unified Policy Design for effective and efficient control Marketing Patient Information Business Partner Instant Messaging Finance M&A Plans Blog Peer‐to‐Peer Remove Accounting Employee Salary Customer Email Encrypt Sales Financial Statements Spyware Site Print Quarantine Legal Customer Records USB Removable Media Technical Support Technical Documentation Competitor Print Screen Engineering Competitive Information Analyst Copy/Paste Notify Confirm © 2010 Websense, Inc. All rights reserved. Proven Results and Methodology Non-Public Personal Information (NPI) Violations 14000 12000 10000 8000 6000 4000 2000 0 Jan Feb Mar Apr May Jun Passive Monitoring Jul Aug Sep Oct Nov Dec Notifications Active Enforcement © 2010 Websense, Inc. All rights reserved. Any-Services, Anywhere Software-as-a-Service (SaaS) Real-time Intelligence Sharing DLP Web Email Data Security Security Security ThreatSeeker Network Real-time Intelligence Sharing ThreatSeeker Cloud Service SPLOG Phishing Fraud V-Series Appliances DLP DLP Web Defensio DLP Web Email Data Security Security Security Security V5000 V10000 © 2010 Websense, Inc. All rights reserved. What our customers say? At a glance, why customers protect their business with Websense. web security | data security | email security © 2010 Websense, Inc. All rights reserved. Global brands that trust Websense 56 © 2010 Websense, Inc. All rights reserved. Customers That Trust Websense Finance Healthcare – Insurance Government Construction / Utilities Communications Transportation Manufacturing / Business Retail Education © 2010 Websense, Inc. All rights reserved. Customers That Trust Websense Finance Healthcare / Insurance Government Property/Construction / Utilities Communications Transportation Manufacturing/Technology Manufacturing/Technology Retail © 2010 Websense, Inc. All rights reserved. Websense Sweeps Forrester Waves Validates our ‘Essential Information Protection’ Strategy “Forrester sees a growing market demand for consolidated content security suites rather than point products.” Websense is the best choice today for organizations looking for best-of-breed technologies that have a good suite Web Email Filtering DLP “Websense alone leads the content focus.” security suite market because of its We are a leader in Forrester’s Web, Email and DLP current functionality and suite‐ Wave Reports oriented product strategy.” Forrester Wave™: Content Security Suites, Q2 2009 Content Security Suites © 2010 Websense, Inc. All rights reserved. In Summary Reduce TCO Increase Security Comply with regulations Build strategic relationships © 2010 Websense, Inc. All rights reserved. Questions Thank you for listening web security | data security | email security © 2010 Websense, Inc. All rights reserved.