SlideShare uma empresa Scribd logo

Securing data today and in the future - Oracle NYC

Transferir como PPTX, PDF
Ulf Mattsson
Ulf Mattsson

NYOUG - New York Oracle Users Group: - Risks Associated with Cloud Computing - Data Tokens in a Cloud Environment - Data Tokenization at the Gateway Layer - Data Tokenization at the Database Layer - Risk Management and PCI

TecnologiaNegócios
1 de 52
Securing Data Today and in the Future Ulf Mattsson CTO Protegrity ulf . mattsson [at] protegrity . com
Ulf Mattsson 20 years with IBM Development & Global Services Inventor of 22 patents – Encryption and Tokenization Co-founder of Protegrity (Data Security) Research member of the International Federation for Information Processing (IFIP) WG 11.3 Data and Application Security Member of • Cloud Security Alliance (CSA) • PCI Security Standards Council (PCI SSC) • American National Standards Institute (ANSI) X9 • Information Systems Security Association (ISSA) • Information Systems Audit and Control Association (ISACA)
03
Data Breaches 04
Best Source of Incident Data “It is fascinating that the top threat events in both 2010 and 2011 are the same and involve external agents hacking and installing malware to compromise the confidentiality and integrity of servers.” Source: 2011 Data Breach Investigations Report, Verizon Business RISK team Source: Securosis, http://securosis.com/
Data Breaches – Mainly Online Data Records 900+ breaches 900+ million compromised records: % Source: 2010 Data Breach Investigations Report, Verizon Business RISK team and USSS
Compromised Data Types - # Records Payment card data Personal information Usernames, passwords Intellectual property Bank account data Medical records Classified information System information Sensitive organizational data 0 20 40 60 80 100 120 % Source: Data Breach Investigations Report, Verizon Business RISK team and USSS
Industry Groups Represented - # Breaches Hospitality Retail Financial Services Government Tech Services Manufacturing Transportation Media Healthcare Business Services 0 10 20 30 40 %50 Source: Data Breach Investigations Report, Verizon Business RISK team and USSS
Breach Discovery Methods - # Breaches Third party fraud detection Notified by law enforcement Reported by customer/partner… Unusual system behavior Reported by employee Internal security audit or scan Internal fraud detection Brag or blackmail by perpetrator Third party monitoring service 0 10 20 30 40 50 % Source: Data Breach Investigations Report, Verizon Business RISK team and USSS
PCI DSS 010
Example of How the Problem is Occurring – PCI DSS Encrypt Data on Attacker SSL Public Public Network Networks (PCI DSS) Private Network Clear Text Data Application Clear Text Data Database Encrypt Data OS File At Rest System (PCI DSS) Storage System Source: PCI Security Standards Council, 2011
PCI DSS - Ways to Render the PAN* Unreadable Two-way cryptography with associated key management processes One-way cryptographic hash functions Index tokens and pads Truncation (or masking – xxxxxx xxxxxx 6781) * PAN: Primary Account Number (Credit Card Number)
Protecting the Data Flow - Example : Enforcement point Unprotected sensitive information: Protected sensitive information
Use of Enabling Technologies 014
Current, Planned Use of Enabling Technologies Access controls 1% 91% 5% Database activity monitoring 18% 47% 16% Database encryption 30% 35% 10% Backup / Archive encryption 21% 39% 4% Data masking 28% 28% 7% Application-level encryption 7% 29% 7% Tokenization 22% 23% 13% Evaluating Current Use Planned Use <12 Months
Current Use of Enabling Technologies, by Maturity Class
Positioning Different Protection Options Evaluation Criteria Strong Formatted Data Encryption Encryption Tokens Security & Compliance Total Cost of Ownership Use of Encoded Data Best Worst
Securing Data Fields – Impact of Different Methods Intrusiveness (to Applications and Databases) Hashing - !@#$%a^///&*B()..,,,gft_+!@4#$2%p^&* Standard Encryption Strong Encryption - !@#$%a^.,mhu7/////&*B()_+!@ Alpha - aVdSaH 1F4hJ 1D3a Tokenizing or Encoding Numeric - 666666 777777 8888 Formatted Encryption Partial - 123456 777777 1234 Clear Text - 123456 123456 1234 Original Data Data I I Length Original Longer
Oracle Domain Index
Data Tokenization 020
Hiding Data in Plain Sight – Data Tokenization Y&SFD%))S( Tokenization Gateway 4000 0012 3456 7899 Data Token 40 12 3456 7890 7899 Application Cloud Database Environment : Data Transformer Unprotected sensitive information: 021 Protected sensitive information:
Token Flexibility for Different Categories of Data Type of Data Input Token Comment Token Properties Credit Card 3872 3789 1620 3675 8278 2789 2990 2789 Numeric Medical ID 29M2009ID 497HF390D Alpha-Numeric Date 10/30/1955 12/25/2034 Date E-mail Address bob.hope@protegrity.com empo.snaugs@svtiensnni.snk Alpha Numeric, delimiters in input preserved SSN delimiters 075-67-2278 287-38-2567 Numeric, delimiters in input Credit Card 3872 3789 1620 3675 8278 2789 2990 3675 Numeric, Last 4 digits exposed Policy Masking Credit Card 3872 3789 1620 3675 clear, encrypted, tokenized at rest Presentation Mask: Expose 1st 3872 37## #### #### 6 digits
Example: HIPAA – 18 Direct Identifiers 1. Names 2. Geographic subdivisions smaller than a state, including 3. All elements of dates (e.g., date of birth, admission) 4. Telephone numbers 5. Fax numbers 6. E-mail addresses 7. Social Security numbers 8. Medical record numbers 9. Health plan beneficiary numbers 10. Account numbers 11. Certificate/license numbers 12. Vehicle identifiers and serial numbers, including license plate numbers 13. Device identifiers and serial numbers 14. Web universal locators (URLs) 15. IP address numbers 16. Biometric identifiers, including fingerprints and voice prints 17. Full-face photographic images and any comparable images 18. Other unique identifying numbers, characteristics or codes
Visa Best Practices for Tokenization Version 1 Published July 14, 2010. Token Generation Token Types Single Use Token Multi Use Token Algorithm and Key Reversible Known strong algorithm (NIST Approved)  - Unique Sequence Number   One way Hash Secret per Secret per Irreversible Function transaction merchant Randomly generated value  
Tokenization Use Case Example A leading retail chain • 1500 locations in the U.S. market Simplify PCI Compliance • 98% of Use Cases out of audit scope • Ease of install (had 18 PCI initiatives at one time) Tokenization solution was implemented in 2 weeks • Reduced PCI Audit from 7 months to 3 months • No 3rd Party code modifications • Proved to be the best performance option • 700,000 transactions per days • 50 million card holder data records • Conversion took 90 minutes (plan was 30 days) • Next step – tokenization server at 1500 locations
Different Approaches for Tokenization Traditional Tokenization • Dynamic Model or Pre-Generated Model • 5 tokens per second - 5000 tokenizations per second Next Generation Tokenization • Memory-tokenization • 200,000 - 9,000,000+ tokenizations per second • “The tokenization scheme offers excellent security, since it is based on fully randomized tables.” * • “This is a fully distributed tokenization approach with no need for synchronization and there is no risk for collisions.“ * *: Prof. Dr. Ir. Bart Preneel, Katholieke University Leuven, Belgium
Tokenization Summary Traditional Tokenization Memory Tokenization Footprint Large, Expanding. Small, Static. The large and expanding footprint of Traditional The small static footprint is the enabling factor that Tokenization is it’s Achilles heal. It is the source of delivers extreme performance, scalability, and expanded poor performance, scalability, and limitations on its use. expanded use. High Complex replication required. No replication required. Availability, Deploying more than one token server for the Any number of token servers can be deployed without DR, and purpose of high availability or scalability will require the need for replication or synchronization between the Distribution complex and expensive replication or servers. This delivers a simple, elegant, yet powerful synchronization between the servers. solution. Reliability Prone to collisions. No collisions. The synchronization and replication required to Memory Tokenizations’ lack of need for replication or support many deployed token servers is prone to synchronization eliminates the potential for collisions . collisions, a characteristic that severely limits the usability of traditional tokenization. Performance, Will adversely impact performance & scalability. Little or no latency. Fastest industry tokenization. Latency, and The large footprint severely limits the ability to place The small footprint enables the token server to be Scalability the token server close to the data. The distance placed close to the data to reduce latency. When placed between the data and the token server creates in-memory, it eliminates latency and delivers the fastest latency that adversely effects performance and tokenization in the industry. scalability to the extent that some use cases are not possible. Extendibility Practically impossible. Unlimited Tokenization Capability. Based on all the issues inherent in Traditional Memory Tokenization can be used to tokenize many Tokenization of a single data category, tokenizing data categories with minimal or no impact on footprint more data categories may be impractical. or performance.
Cloud 028
“Cloud – Like a Parking Garage”
Risks Associated with Cloud Computing Handing over sensitive data to a third party Threat of data breach or loss Weakening of corporate network security Uptime/business continuity Financial strength of the cloud computing provider Inability to customize applications 0 10 20 30 40 50 60 70 % Source: The evolving role of IT managers and CIOs Findings from the 2010 IBM Global IT Risk Study
Amazon Cloud & PCI DSS Just because AWS is certified doesn't mean you are • You still need to deploy a PCI compliant application/service and anything on AWS is still within your assessment scope PCI-DSS 2.0 doesn't address multi-tenancy concerns You can store PAN data on S3, but it still needs to be encrypted in accordance with PCI-DSS requirements • Amazon doesn't do this for you • You need to implement key management, rotation, logging, etc. If you deploy a server instance in EC2 it still needs to be assessed by your QSA (PCI auditor) • Organization's assessment scope isn't necessarily reduced Tokenization can reduce your handling of PAN data Source: Securosis, http://securosis.com/
Guidance from Cloud Security Alliance
“Pass Security Before Entering The Cloud” User 123456 123456 1234 Security Check Point 123456 123456 1234 Sensitive data 123456 999999 1234 Secured data Cloud Unprotected sensitive information: Protected sensitive information
Data Tokens in a Cloud Environment – Integration Example 990-23-1013 4000 0012 3456 7899 123-45 -1013 40 12 3456 7890 7899 Tokenization Gateway 123-45 -1013 40 12 3456 7890 7899 Application Databases Cloud Environment : Data Token Unprotected sensitive information: 034 Protected sensitive information
Data Tokens in a Cloud Environment – Integration Example Security Admin User Tokenization Tokenization Gateway Gateway Application Databases Cloud Environment : Data Token Unprotected sensitive information: 035 Protected sensitive information
Data Tokenization at the Gateway Layer User User Application Application Tokenization Cloud Gateway Environment Database Database : Data Token Unprotected sensitive information: 036 Protected sensitive information
Data Tokenization at the Gateway Layer User User Application Application Tokenization Gateway Cloud Environment Database Database : Data Token Unprotected sensitive information: 037 Protected sensitive information
Data Tokenization at the Application Layer User Security Admin Application Token Server Database Cloud : Data Token Unprotected sensitive information: 038 Protected sensitive information
Data Tokenization at the Database Layer User Security Admin Application Token Server Database Cloud : Data Token Unprotected sensitive information: 039 Protected sensitive information
Securing Encryption Keys User Encryption Key Administration An entity that uses a given key should not SaaS be the entity that stores that key PaaS IaaS Encryption Keys Cloud Source: http://csrc.nist.gov/groups/SNS/cloud-computing/ 040
Positioning of Enabling Technologies 041
Risk Management and PCI – Security Aspects  Different data security methods and algorithms  Policy enforcement implemented at different system layers Data Security Method Hashing Formatted Strong Data Encryption Encryption Tokenization System Layer Application Database Column Database File Storage Device Best Worst
Risk Management and PCI – Security Aspects  Integration at different system layers  Different data security methods and algorithms Data Security Method Hashing Formatted Strong Data Encryption Encryption Tokenization System Layer Application Database Column Database File Storage Device : N/A Best Worst
Evaluating Field Encryption & Tokenization Evaluation Criteria Strong Field Formatted Tokenization Encryption Encryption (distributed) Disconnected environments Distributed environments Performance impact when loading data Transparent to applications Expanded storage size Transparent to databases schema Long life-cycle data Unix or Windows mixed with “big iron” (EBCDIC) Easy re-keying of data in a data flow High risk data Security - compliance to PCI, NIST Best Worst
Vendors/Products Providing Database Protection Feature 3rd Party Oracle 9 Oracle 10 Oracle 11 IBM DB2 MS SQL Database file encryption Database column encryption Column encryption adds 32- 52 bytes (10.2.0.4, 11.1.0.7) Formatted encryption Data tokenization Database activity monitoring Multi vendor encryption Data masking Central key management HSM support (11.1.0.7) Re-key support (tablespace) Best Worst
Column Encryption Solutions – Some Considerations Area of Evaluation 3rd Oracle Oracle Party 10 TDE 11 TDE Performance, manage UDT or views/triggers Support for both encryption and replication Support for Oracle Domain Index for fast search Keys are local; re-encryption if moving A -> B Separation of duties/key control vector Encryption format specified Data type support Index support beyond equality comparison HSM (hardware crypto) support (11.1.0.6 ) HSM password not stored in file Automated and secure master key backup procedure Keys exportable Best Worst
Choose Your Defenses – Cost Effective PCI DSS Firewalls Encryption/Tokenization for data at rest Anti-virus & anti-malware solution Encryption for data in motion Access governance systems Identity & access management systems Correlation or event management systems Web application firewalls (WAF) WAF Endpoint encryption solution Data loss prevention systems (DLP) DLP Intrusion detection or prevention systems Database scanning and monitoring (DAM) DAM ID & credentialing system Encryption/Tokenization 0 10 20 30 40 50 60 70 80 90 % Source: 2009 PCI DSS Compliance Survey, Ponemon Institute
Deploy Defenses Matching Data Protection Solutions with Risk Level Risk Level Solution Data Risk Field Level Low Risk Monitor Credit Card Number 25 (1-5) Social Security Number 20 CVV 20 At Risk Monitor, mask, Customer Name 12 (6-15) access control Secret Formula 10 limits, format Employee Name 9 control Employee Health Record 6 encryption High Risk Replacement, Zip Code 3 (16-25) strong encryption
Choose Your Defenses – Total Cost of Ownership Cost Cost of Aversion – Expected Losses Protection of Data from the Risk Total Cost Optimal Risk X Risk I I Level Strong Weak Protection Protection
Best Practices - Data Security Management Policy File System Protector Database Protector Audit Log Application Protector Enterprise Data Security Administrator Tokenization Secure Server Archive 050 : Encryption service
About Protegrity Proven enterprise data security software and innovation leader • Sole focus on the protection of data • Patented Technology, Continuing to Drive Innovation Growth driven by compliance and risk management • PCI (Payment Card Industry) • PII (Personally Identifiable Information) • PHI (Protected Health Information) – HIPAA • State and Foreign Privacy Laws, Breach Notification Laws • High Cost of Information Breach ($4.8m average cost), immeasurable costs of brand damage , loss of customers • Requirements to eliminate the threat of data breach and non-compliance Cross-industry applicability • Retail, Hospitality, Travel and Transportation • Financial Services, Insurance, Banking • Healthcare • Telecommunications, Media and Entertainment • Manufacturing and Government
Please contact me for more information Ulf Mattsson, CTO Protegrity Ulf . Mattsson [at] protegrity . com

Recomendados

The past, present, and future of big data security
The past, present, and future of big data securityThe past, present, and future of big data security
The past, present, and future of big data securityUlf Mattsson
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Ulf Mattsson
 
New technologies for data protection
New technologies for data protectionNew technologies for data protection
New technologies for data protectionUlf Mattsson
 
An extensive research survey on data integrity and deduplication towards priv...
An extensive research survey on data integrity and deduplication towards priv...An extensive research survey on data integrity and deduplication towards priv...
An extensive research survey on data integrity and deduplication towards priv...IJECEIAES
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonUlf Mattsson
 
Future data security ‘will come from several sources’
Future data security ‘will come from several sources’Future data security ‘will come from several sources’
Future data security ‘will come from several sources’John Davis
 
Data Virtualization for Accelerated Digital Transformation in Banking and Fin...
Data Virtualization for Accelerated Digital Transformation in Banking and Fin...Data Virtualization for Accelerated Digital Transformation in Banking and Fin...
Data Virtualization for Accelerated Digital Transformation in Banking and Fin...Denodo
 
What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?Ulf Mattsson
 

Recomendados

The past, present, and future of big data security
The past, present, and future of big data securityThe past, present, and future of big data security
The past, present, and future of big data securityUlf Mattsson
 
Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Data centric security key to digital business success - ulf mattsson - bright...
Data centric security key to digital business success - ulf mattsson - bright...Ulf Mattsson
 
New technologies for data protection
New technologies for data protectionNew technologies for data protection
New technologies for data protectionUlf Mattsson
 
An extensive research survey on data integrity and deduplication towards priv...
An extensive research survey on data integrity and deduplication towards priv...An extensive research survey on data integrity and deduplication towards priv...
An extensive research survey on data integrity and deduplication towards priv...IJECEIAES
 
Atlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonAtlanta ISSA 2010 Enterprise Data Protection Ulf Mattsson
Atlanta ISSA 2010 Enterprise Data Protection Ulf MattssonUlf Mattsson
 
Future data security ‘will come from several sources’
Future data security ‘will come from several sources’Future data security ‘will come from several sources’
Future data security ‘will come from several sources’John Davis
 
Data Virtualization for Accelerated Digital Transformation in Banking and Fin...
Data Virtualization for Accelerated Digital Transformation in Banking and Fin...Data Virtualization for Accelerated Digital Transformation in Banking and Fin...
Data Virtualization for Accelerated Digital Transformation in Banking and Fin...Denodo
 
What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?Ulf Mattsson
 
Privacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA AtlantaPrivacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA AtlantaUlf Mattsson
 
Book
BookBook
BookUlf Mattsson
 
Unlock the potential of data security 2020
Unlock the potential of data security 2020Unlock the potential of data security 2020
Unlock the potential of data security 2020Ulf Mattsson
 
ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...Ulf Mattsson
 
What is tokenization in blockchain?
What is tokenization in blockchain?What is tokenization in blockchain?
What is tokenization in blockchain?Ulf Mattsson
 
Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloudUlf Mattsson
 
New york oracle users group 2013 spring general meeting ulf mattsson
New york oracle users group 2013 spring general meeting ulf mattssonNew york oracle users group 2013 spring general meeting ulf mattsson
New york oracle users group 2013 spring general meeting ulf mattssonUlf Mattsson
 
Key note in nyc the next breach target and how oracle can help - nyoug
Key note in nyc the next breach target and how oracle can help - nyougKey note in nyc the next breach target and how oracle can help - nyoug
Key note in nyc the next breach target and how oracle can help - nyougUlf Mattsson
 
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10Ulf Mattsson
 
Privacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationPrivacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationUlf Mattsson
 
Protecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACAProtecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACAUlf Mattsson
 
N-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysN-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysSolarwinds N-able
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudUlf Mattsson
 
ETIS Information Security Benchmark Successful Practices in telco security
ETIS Information Security Benchmark Successful Practices in telco securityETIS Information Security Benchmark Successful Practices in telco security
ETIS Information Security Benchmark Successful Practices in telco securityETIS - the Global IT Association for Telecommunications
 
Isaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyIsaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyUlf Mattsson
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Ulf Mattsson
 
Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Ulf Mattsson
 
ISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesUlf Mattsson
 
Evolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyEvolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyUlf Mattsson
 
Isaca new delhi india privacy and big data
Isaca new delhi india privacy and big dataIsaca new delhi india privacy and big data
Isaca new delhi india privacy and big dataUlf Mattsson
 
Protecting Your Data in the Cloud - CSO - Conference 2011
Protecting Your Data in the Cloud - CSO - Conference 2011 Protecting Your Data in the Cloud - CSO - Conference 2011
Protecting Your Data in the Cloud - CSO - Conference 2011 Ulf Mattsson
 
ISSA: Next Generation Tokenization for Compliance and Cloud Data Protection
ISSA: Next Generation Tokenization for Compliance and Cloud Data ProtectionISSA: Next Generation Tokenization for Compliance and Cloud Data Protection
ISSA: Next Generation Tokenization for Compliance and Cloud Data ProtectionUlf Mattsson
 

Mais conteúdo relacionado

Mais procurados

Privacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA AtlantaPrivacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA AtlantaUlf Mattsson
 
Unlock the potential of data security 2020
Unlock the potential of data security 2020Unlock the potential of data security 2020
Unlock the potential of data security 2020Ulf Mattsson
 
ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...Ulf Mattsson
 
What is tokenization in blockchain?
What is tokenization in blockchain?What is tokenization in blockchain?
What is tokenization in blockchain?Ulf Mattsson
 
Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloudUlf Mattsson
 
New york oracle users group 2013 spring general meeting ulf mattsson
New york oracle users group 2013 spring general meeting ulf mattssonNew york oracle users group 2013 spring general meeting ulf mattsson
New york oracle users group 2013 spring general meeting ulf mattssonUlf Mattsson
 
Key note in nyc the next breach target and how oracle can help - nyoug
Key note in nyc the next breach target and how oracle can help - nyougKey note in nyc the next breach target and how oracle can help - nyoug
Key note in nyc the next breach target and how oracle can help - nyougUlf Mattsson
 
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10Ulf Mattsson
 
Privacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationPrivacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationUlf Mattsson
 
Protecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACAProtecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACAUlf Mattsson
 
N-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysN-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysSolarwinds N-able
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudUlf Mattsson
 
Isaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyIsaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyUlf Mattsson
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Ulf Mattsson
 
Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Ulf Mattsson
 
ISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesUlf Mattsson
 
Evolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyEvolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyUlf Mattsson
 
Isaca new delhi india privacy and big data
Isaca new delhi india privacy and big dataIsaca new delhi india privacy and big data
Isaca new delhi india privacy and big dataUlf Mattsson
 

Mais procurados (20)

Privacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA AtlantaPrivacy preserving computing and secure multi-party computation ISACA Atlanta
Privacy preserving computing and secure multi-party computation ISACA Atlanta
 
Book
BookBook
Book
 
Unlock the potential of data security 2020
Unlock the potential of data security 2020Unlock the potential of data security 2020
Unlock the potential of data security 2020
 
ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...ISACA Houston - How to de-classify data and rethink transfer of data between ...
ISACA Houston - How to de-classify data and rethink transfer of data between ...
 
What is tokenization in blockchain?
What is tokenization in blockchain?What is tokenization in blockchain?
What is tokenization in blockchain?
 
Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloud
 
New york oracle users group 2013 spring general meeting ulf mattsson
New york oracle users group 2013 spring general meeting ulf mattssonNew york oracle users group 2013 spring general meeting ulf mattsson
New york oracle users group 2013 spring general meeting ulf mattsson
 
Key note in nyc the next breach target and how oracle can help - nyoug
Key note in nyc the next breach target and how oracle can help - nyougKey note in nyc the next breach target and how oracle can help - nyoug
Key note in nyc the next breach target and how oracle can help - nyoug
 
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
 
Privacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computationPrivacy preserving computing and secure multi party computation
Privacy preserving computing and secure multi party computation
 
Protecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACAProtecting data privacy in analytics and machine learning - ISACA
Protecting data privacy in analytics and machine learning - ISACA
 
N-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysN-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 days
 
ISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloudISSA Atlanta - Emerging application and data protection for multi cloud
ISSA Atlanta - Emerging application and data protection for multi cloud
 
ETIS Information Security Benchmark Successful Practices in telco security
ETIS Information Security Benchmark Successful Practices in telco securityETIS Information Security Benchmark Successful Practices in telco security
ETIS Information Security Benchmark Successful Practices in telco security
 
Isaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacyIsaca atlanta - practical data security and privacy
Isaca atlanta - practical data security and privacy
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...
 
Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...
 
ISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniques
 
Evolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyEvolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technology
 
Isaca new delhi india privacy and big data
Isaca new delhi india privacy and big dataIsaca new delhi india privacy and big data
Isaca new delhi india privacy and big data
 

Semelhante a Securing data today and in the future - Oracle NYC

Protecting Your Data in the Cloud - CSO - Conference 2011
Protecting Your Data in the Cloud - CSO - Conference 2011 Protecting Your Data in the Cloud - CSO - Conference 2011
Protecting Your Data in the Cloud - CSO - Conference 2011 Ulf Mattsson
 
ISSA: Next Generation Tokenization for Compliance and Cloud Data Protection
ISSA: Next Generation Tokenization for Compliance and Cloud Data ProtectionISSA: Next Generation Tokenization for Compliance and Cloud Data Protection
ISSA: Next Generation Tokenization for Compliance and Cloud Data ProtectionUlf Mattsson
 
PCI DSS Conference in London UK 2011
PCI DSS Conference in London UK 2011PCI DSS Conference in London UK 2011
PCI DSS Conference in London UK 2011Ulf Mattsson
 
ISSA: Cloud data security
ISSA: Cloud data securityISSA: Cloud data security
ISSA: Cloud data securityUlf Mattsson
 
Vormetric data security complying with pci dss encryption rules
Vormetric data security complying with pci dss encryption rulesVormetric data security complying with pci dss encryption rules
Vormetric data security complying with pci dss encryption rulesVormetric Inc
 
Enterprise Data Protection - Understanding Your Options and Strategies
Enterprise Data Protection - Understanding Your Options and StrategiesEnterprise Data Protection - Understanding Your Options and Strategies
Enterprise Data Protection - Understanding Your Options and StrategiesUlf Mattsson
 
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENTUNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENTUlf Mattsson
 
Modern Cyber Threat Protection techniques for Enterprises
Modern Cyber Threat Protection techniques for EnterprisesModern Cyber Threat Protection techniques for Enterprises
Modern Cyber Threat Protection techniques for EnterprisesAbhinav Biswas
 
Where Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the CloudWhere Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the CloudUlf Mattsson
 
Issa chicago next generation tokenization ulf mattsson apr 2011
Issa chicago next generation tokenization ulf mattsson apr 2011Issa chicago next generation tokenization ulf mattsson apr 2011
Issa chicago next generation tokenization ulf mattsson apr 2011Ulf Mattsson
 
Data protection on premises, and in public and private clouds
Data protection on premises, and in public and private cloudsData protection on premises, and in public and private clouds
Data protection on premises, and in public and private cloudsUlf Mattsson
 
Tokenization on the Node - Data Protection for Security and Compliance
Tokenization on the Node - Data Protection for Security and ComplianceTokenization on the Node - Data Protection for Security and Compliance
Tokenization on the Node - Data Protection for Security and ComplianceUlf Mattsson
 
Emerging application and data protection for cloud
Emerging application and data protection for cloudEmerging application and data protection for cloud
Emerging application and data protection for cloudUlf Mattsson
 
Practical advice for cloud data protection ulf mattsson - jun 2014
Practical advice for cloud data protection ulf mattsson - jun 2014Practical advice for cloud data protection ulf mattsson - jun 2014
Practical advice for cloud data protection ulf mattsson - jun 2014Ulf Mattsson
 
Practical advice for cloud data protection ulf mattsson - bright talk webin...
Practical advice for cloud data protection ulf mattsson - bright talk webin...Practical advice for cloud data protection ulf mattsson - bright talk webin...
Practical advice for cloud data protection ulf mattsson - bright talk webin...Ulf Mattsson
 
Cacs na isaca session 414 ulf mattsson may 10 final
Cacs na isaca session 414 ulf mattsson may 10 finalCacs na isaca session 414 ulf mattsson may 10 final
Cacs na isaca session 414 ulf mattsson may 10 finalUlf Mattsson
 
Infragard atlanta ulf mattsson - cloud security - regulations and data prot...
Infragard atlanta ulf mattsson - cloud security - regulations and data prot...Infragard atlanta ulf mattsson - cloud security - regulations and data prot...
Infragard atlanta ulf mattsson - cloud security - regulations and data prot...Ulf Mattsson
 
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...Ulf Mattsson
 
Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Ulf Mattsson
 
TechWiseTV Workshop: Encrypted Traffic Analytics
TechWiseTV Workshop: Encrypted Traffic Analytics TechWiseTV Workshop: Encrypted Traffic Analytics
TechWiseTV Workshop: Encrypted Traffic Analytics Robb Boyd
 

Semelhante a Securing data today and in the future - Oracle NYC (20)

Protecting Your Data in the Cloud - CSO - Conference 2011
Protecting Your Data in the Cloud - CSO - Conference 2011 Protecting Your Data in the Cloud - CSO - Conference 2011
Protecting Your Data in the Cloud - CSO - Conference 2011
 
ISSA: Next Generation Tokenization for Compliance and Cloud Data Protection
ISSA: Next Generation Tokenization for Compliance and Cloud Data ProtectionISSA: Next Generation Tokenization for Compliance and Cloud Data Protection
ISSA: Next Generation Tokenization for Compliance and Cloud Data Protection
 
PCI DSS Conference in London UK 2011
PCI DSS Conference in London UK 2011PCI DSS Conference in London UK 2011
PCI DSS Conference in London UK 2011
 
ISSA: Cloud data security
ISSA: Cloud data securityISSA: Cloud data security
ISSA: Cloud data security
 
Vormetric data security complying with pci dss encryption rules
Vormetric data security complying with pci dss encryption rulesVormetric data security complying with pci dss encryption rules
Vormetric data security complying with pci dss encryption rules
 
Enterprise Data Protection - Understanding Your Options and Strategies
Enterprise Data Protection - Understanding Your Options and StrategiesEnterprise Data Protection - Understanding Your Options and Strategies
Enterprise Data Protection - Understanding Your Options and Strategies
 
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENTUNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
 
Modern Cyber Threat Protection techniques for Enterprises
Modern Cyber Threat Protection techniques for EnterprisesModern Cyber Threat Protection techniques for Enterprises
Modern Cyber Threat Protection techniques for Enterprises
 
Where Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the CloudWhere Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the Cloud
 
Issa chicago next generation tokenization ulf mattsson apr 2011
Issa chicago next generation tokenization ulf mattsson apr 2011Issa chicago next generation tokenization ulf mattsson apr 2011
Issa chicago next generation tokenization ulf mattsson apr 2011
 
Data protection on premises, and in public and private clouds
Data protection on premises, and in public and private cloudsData protection on premises, and in public and private clouds
Data protection on premises, and in public and private clouds
 
Tokenization on the Node - Data Protection for Security and Compliance
Tokenization on the Node - Data Protection for Security and ComplianceTokenization on the Node - Data Protection for Security and Compliance
Tokenization on the Node - Data Protection for Security and Compliance
 
Emerging application and data protection for cloud
Emerging application and data protection for cloudEmerging application and data protection for cloud
Emerging application and data protection for cloud
 
Practical advice for cloud data protection ulf mattsson - jun 2014
Practical advice for cloud data protection ulf mattsson - jun 2014Practical advice for cloud data protection ulf mattsson - jun 2014
Practical advice for cloud data protection ulf mattsson - jun 2014
 
Practical advice for cloud data protection ulf mattsson - bright talk webin...
Practical advice for cloud data protection ulf mattsson - bright talk webin...Practical advice for cloud data protection ulf mattsson - bright talk webin...
Practical advice for cloud data protection ulf mattsson - bright talk webin...
 
Cacs na isaca session 414 ulf mattsson may 10 final
Cacs na isaca session 414 ulf mattsson may 10 finalCacs na isaca session 414 ulf mattsson may 10 final
Cacs na isaca session 414 ulf mattsson may 10 final
 
Infragard atlanta ulf mattsson - cloud security - regulations and data prot...
Infragard atlanta ulf mattsson - cloud security - regulations and data prot...Infragard atlanta ulf mattsson - cloud security - regulations and data prot...
Infragard atlanta ulf mattsson - cloud security - regulations and data prot...
 
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
 
Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0
 
TechWiseTV Workshop: Encrypted Traffic Analytics
TechWiseTV Workshop: Encrypted Traffic Analytics TechWiseTV Workshop: Encrypted Traffic Analytics
TechWiseTV Workshop: Encrypted Traffic Analytics
 

Mais de Ulf Mattsson

Jun 29 new privacy technologies for unicode and international data standards ...
Jun 29 new privacy technologies for unicode and international data standards ...Jun 29 new privacy technologies for unicode and international data standards ...
Jun 29 new privacy technologies for unicode and international data standards ...Ulf Mattsson
 
May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...Ulf Mattsson
 
Qubit conference-new-york-2021
Qubit conference-new-york-2021Qubit conference-new-york-2021
Qubit conference-new-york-2021Ulf Mattsson
 
Secure analytics and machine learning in cloud use cases
Secure analytics and machine learning in cloud use casesSecure analytics and machine learning in cloud use cases
Secure analytics and machine learning in cloud use casesUlf Mattsson
 
Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...Ulf Mattsson
 
Data encryption and tokenization for international unicode
Data encryption and tokenization for international unicodeData encryption and tokenization for international unicode
Data encryption and tokenization for international unicodeUlf Mattsson
 
The future of data security and blockchain
The future of data security and blockchainThe future of data security and blockchain
The future of data security and blockchainUlf Mattsson
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsUlf Mattsson
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningUlf Mattsson
 
Protecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UKProtecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UKUlf Mattsson
 
New opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsNew opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsUlf Mattsson
 
What is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS LondonWhat is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS LondonUlf Mattsson
 
What is tokenization in blockchain?
What is tokenization in blockchain?What is tokenization in blockchain?
What is tokenization in blockchain?Ulf Mattsson
 
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2b
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2bNov 2 security for blockchain and analytics ulf mattsson 2020 nov 2b
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2bUlf Mattsson
 
Protecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine LearningProtecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine LearningUlf Mattsson
 
New regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeNew regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeUlf Mattsson
 

Mais de Ulf Mattsson (16)

Jun 29 new privacy technologies for unicode and international data standards ...
Jun 29 new privacy technologies for unicode and international data standards ...Jun 29 new privacy technologies for unicode and international data standards ...
Jun 29 new privacy technologies for unicode and international data standards ...
 
May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...
 
Qubit conference-new-york-2021
Qubit conference-new-york-2021Qubit conference-new-york-2021
Qubit conference-new-york-2021
 
Secure analytics and machine learning in cloud use cases
Secure analytics and machine learning in cloud use casesSecure analytics and machine learning in cloud use cases
Secure analytics and machine learning in cloud use cases
 
Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...
 
Data encryption and tokenization for international unicode
Data encryption and tokenization for international unicodeData encryption and tokenization for international unicode
Data encryption and tokenization for international unicode
 
The future of data security and blockchain
The future of data security and blockchainThe future of data security and blockchain
The future of data security and blockchain
 
GDPR and evolving international privacy regulations
GDPR and evolving international privacy regulationsGDPR and evolving international privacy regulations
GDPR and evolving international privacy regulations
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learning
 
Protecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UKProtecting data privacy in analytics and machine learning ISACA London UK
Protecting data privacy in analytics and machine learning ISACA London UK
 
New opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsNew opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulations
 
What is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS LondonWhat is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS London
 
What is tokenization in blockchain?
What is tokenization in blockchain?What is tokenization in blockchain?
What is tokenization in blockchain?
 
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2b
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2bNov 2 security for blockchain and analytics ulf mattsson 2020 nov 2b
Nov 2 security for blockchain and analytics ulf mattsson 2020 nov 2b
 
Protecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine LearningProtecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine Learning
 
New regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeNew regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscape
 

Último

CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 

Último (20)

CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 

Securing data today and in the future - Oracle NYC

  • 1. Securing Data Today and in the Future Ulf Mattsson CTO Protegrity ulf . mattsson [at] protegrity . com
  • 2. Ulf Mattsson 20 years with IBM Development & Global Services Inventor of 22 patents – Encryption and Tokenization Co-founder of Protegrity (Data Security) Research member of the International Federation for Information Processing (IFIP) WG 11.3 Data and Application Security Member of • Cloud Security Alliance (CSA) • PCI Security Standards Council (PCI SSC) • American National Standards Institute (ANSI) X9 • Information Systems Security Association (ISSA) • Information Systems Audit and Control Association (ISACA)
  • 3. 03
  • 5. Best Source of Incident Data “It is fascinating that the top threat events in both 2010 and 2011 are the same and involve external agents hacking and installing malware to compromise the confidentiality and integrity of servers.” Source: 2011 Data Breach Investigations Report, Verizon Business RISK team Source: Securosis, http://securosis.com/
  • 6. Data Breaches – Mainly Online Data Records 900+ breaches 900+ million compromised records: % Source: 2010 Data Breach Investigations Report, Verizon Business RISK team and USSS
  • 7. Compromised Data Types - # Records Payment card data Personal information Usernames, passwords Intellectual property Bank account data Medical records Classified information System information Sensitive organizational data 0 20 40 60 80 100 120 % Source: Data Breach Investigations Report, Verizon Business RISK team and USSS
  • 8. Industry Groups Represented - # Breaches Hospitality Retail Financial Services Government Tech Services Manufacturing Transportation Media Healthcare Business Services 0 10 20 30 40 %50 Source: Data Breach Investigations Report, Verizon Business RISK team and USSS
  • 9. Breach Discovery Methods - # Breaches Third party fraud detection Notified by law enforcement Reported by customer/partner… Unusual system behavior Reported by employee Internal security audit or scan Internal fraud detection Brag or blackmail by perpetrator Third party monitoring service 0 10 20 30 40 50 % Source: Data Breach Investigations Report, Verizon Business RISK team and USSS
  • 11. Example of How the Problem is Occurring – PCI DSS Encrypt Data on Attacker SSL Public Public Network Networks (PCI DSS) Private Network Clear Text Data Application Clear Text Data Database Encrypt Data OS File At Rest System (PCI DSS) Storage System Source: PCI Security Standards Council, 2011
  • 12. PCI DSS - Ways to Render the PAN* Unreadable Two-way cryptography with associated key management processes One-way cryptographic hash functions Index tokens and pads Truncation (or masking – xxxxxx xxxxxx 6781) * PAN: Primary Account Number (Credit Card Number)
  • 13. Protecting the Data Flow - Example : Enforcement point Unprotected sensitive information: Protected sensitive information
  • 14. Use of Enabling Technologies 014
  • 15. Current, Planned Use of Enabling Technologies Access controls 1% 91% 5% Database activity monitoring 18% 47% 16% Database encryption 30% 35% 10% Backup / Archive encryption 21% 39% 4% Data masking 28% 28% 7% Application-level encryption 7% 29% 7% Tokenization 22% 23% 13% Evaluating Current Use Planned Use <12 Months
  • 16. Current Use of Enabling Technologies, by Maturity Class
  • 17. Positioning Different Protection Options Evaluation Criteria Strong Formatted Data Encryption Encryption Tokens Security & Compliance Total Cost of Ownership Use of Encoded Data Best Worst
  • 18. Securing Data Fields – Impact of Different Methods Intrusiveness (to Applications and Databases) Hashing - !@#$%a^///&*B()..,,,gft_+!@4#$2%p^&* Standard Encryption Strong Encryption - !@#$%a^.,mhu7/////&*B()_+!@ Alpha - aVdSaH 1F4hJ 1D3a Tokenizing or Encoding Numeric - 666666 777777 8888 Formatted Encryption Partial - 123456 777777 1234 Clear Text - 123456 123456 1234 Original Data Data I I Length Original Longer
  • 20. Data Tokenization 020
  • 21. Hiding Data in Plain Sight – Data Tokenization Y&SFD%))S( Tokenization Gateway 4000 0012 3456 7899 Data Token 40 12 3456 7890 7899 Application Cloud Database Environment : Data Transformer Unprotected sensitive information: 021 Protected sensitive information:
  • 22. Token Flexibility for Different Categories of Data Type of Data Input Token Comment Token Properties Credit Card 3872 3789 1620 3675 8278 2789 2990 2789 Numeric Medical ID 29M2009ID 497HF390D Alpha-Numeric Date 10/30/1955 12/25/2034 Date E-mail Address bob.hope@protegrity.com empo.snaugs@svtiensnni.snk Alpha Numeric, delimiters in input preserved SSN delimiters 075-67-2278 287-38-2567 Numeric, delimiters in input Credit Card 3872 3789 1620 3675 8278 2789 2990 3675 Numeric, Last 4 digits exposed Policy Masking Credit Card 3872 3789 1620 3675 clear, encrypted, tokenized at rest Presentation Mask: Expose 1st 3872 37## #### #### 6 digits
  • 23. Example: HIPAA – 18 Direct Identifiers 1. Names 2. Geographic subdivisions smaller than a state, including 3. All elements of dates (e.g., date of birth, admission) 4. Telephone numbers 5. Fax numbers 6. E-mail addresses 7. Social Security numbers 8. Medical record numbers 9. Health plan beneficiary numbers 10. Account numbers 11. Certificate/license numbers 12. Vehicle identifiers and serial numbers, including license plate numbers 13. Device identifiers and serial numbers 14. Web universal locators (URLs) 15. IP address numbers 16. Biometric identifiers, including fingerprints and voice prints 17. Full-face photographic images and any comparable images 18. Other unique identifying numbers, characteristics or codes
  • 24. Visa Best Practices for Tokenization Version 1 Published July 14, 2010. Token Generation Token Types Single Use Token Multi Use Token Algorithm and Key Reversible Known strong algorithm (NIST Approved)  - Unique Sequence Number   One way Hash Secret per Secret per Irreversible Function transaction merchant Randomly generated value  
  • 25. Tokenization Use Case Example A leading retail chain • 1500 locations in the U.S. market Simplify PCI Compliance • 98% of Use Cases out of audit scope • Ease of install (had 18 PCI initiatives at one time) Tokenization solution was implemented in 2 weeks • Reduced PCI Audit from 7 months to 3 months • No 3rd Party code modifications • Proved to be the best performance option • 700,000 transactions per days • 50 million card holder data records • Conversion took 90 minutes (plan was 30 days) • Next step – tokenization server at 1500 locations
  • 26. Different Approaches for Tokenization Traditional Tokenization • Dynamic Model or Pre-Generated Model • 5 tokens per second - 5000 tokenizations per second Next Generation Tokenization • Memory-tokenization • 200,000 - 9,000,000+ tokenizations per second • “The tokenization scheme offers excellent security, since it is based on fully randomized tables.” * • “This is a fully distributed tokenization approach with no need for synchronization and there is no risk for collisions.“ * *: Prof. Dr. Ir. Bart Preneel, Katholieke University Leuven, Belgium
  • 27. Tokenization Summary Traditional Tokenization Memory Tokenization Footprint Large, Expanding. Small, Static. The large and expanding footprint of Traditional The small static footprint is the enabling factor that Tokenization is it’s Achilles heal. It is the source of delivers extreme performance, scalability, and expanded poor performance, scalability, and limitations on its use. expanded use. High Complex replication required. No replication required. Availability, Deploying more than one token server for the Any number of token servers can be deployed without DR, and purpose of high availability or scalability will require the need for replication or synchronization between the Distribution complex and expensive replication or servers. This delivers a simple, elegant, yet powerful synchronization between the servers. solution. Reliability Prone to collisions. No collisions. The synchronization and replication required to Memory Tokenizations’ lack of need for replication or support many deployed token servers is prone to synchronization eliminates the potential for collisions . collisions, a characteristic that severely limits the usability of traditional tokenization. Performance, Will adversely impact performance & scalability. Little or no latency. Fastest industry tokenization. Latency, and The large footprint severely limits the ability to place The small footprint enables the token server to be Scalability the token server close to the data. The distance placed close to the data to reduce latency. When placed between the data and the token server creates in-memory, it eliminates latency and delivers the fastest latency that adversely effects performance and tokenization in the industry. scalability to the extent that some use cases are not possible. Extendibility Practically impossible. Unlimited Tokenization Capability. Based on all the issues inherent in Traditional Memory Tokenization can be used to tokenize many Tokenization of a single data category, tokenizing data categories with minimal or no impact on footprint more data categories may be impractical. or performance.
  • 29. “Cloud – Like a Parking Garage”
  • 30. Risks Associated with Cloud Computing Handing over sensitive data to a third party Threat of data breach or loss Weakening of corporate network security Uptime/business continuity Financial strength of the cloud computing provider Inability to customize applications 0 10 20 30 40 50 60 70 % Source: The evolving role of IT managers and CIOs Findings from the 2010 IBM Global IT Risk Study
  • 31. Amazon Cloud & PCI DSS Just because AWS is certified doesn't mean you are • You still need to deploy a PCI compliant application/service and anything on AWS is still within your assessment scope PCI-DSS 2.0 doesn't address multi-tenancy concerns You can store PAN data on S3, but it still needs to be encrypted in accordance with PCI-DSS requirements • Amazon doesn't do this for you • You need to implement key management, rotation, logging, etc. If you deploy a server instance in EC2 it still needs to be assessed by your QSA (PCI auditor) • Organization's assessment scope isn't necessarily reduced Tokenization can reduce your handling of PAN data Source: Securosis, http://securosis.com/
  • 32. Guidance from Cloud Security Alliance
  • 33. “Pass Security Before Entering The Cloud” User 123456 123456 1234 Security Check Point 123456 123456 1234 Sensitive data 123456 999999 1234 Secured data Cloud Unprotected sensitive information: Protected sensitive information
  • 34. Data Tokens in a Cloud Environment – Integration Example 990-23-1013 4000 0012 3456 7899 123-45 -1013 40 12 3456 7890 7899 Tokenization Gateway 123-45 -1013 40 12 3456 7890 7899 Application Databases Cloud Environment : Data Token Unprotected sensitive information: 034 Protected sensitive information
  • 35. Data Tokens in a Cloud Environment – Integration Example Security Admin User Tokenization Tokenization Gateway Gateway Application Databases Cloud Environment : Data Token Unprotected sensitive information: 035 Protected sensitive information
  • 36. Data Tokenization at the Gateway Layer User User Application Application Tokenization Cloud Gateway Environment Database Database : Data Token Unprotected sensitive information: 036 Protected sensitive information
  • 37. Data Tokenization at the Gateway Layer User User Application Application Tokenization Gateway Cloud Environment Database Database : Data Token Unprotected sensitive information: 037 Protected sensitive information
  • 38. Data Tokenization at the Application Layer User Security Admin Application Token Server Database Cloud : Data Token Unprotected sensitive information: 038 Protected sensitive information
  • 39. Data Tokenization at the Database Layer User Security Admin Application Token Server Database Cloud : Data Token Unprotected sensitive information: 039 Protected sensitive information
  • 40. Securing Encryption Keys User Encryption Key Administration An entity that uses a given key should not SaaS be the entity that stores that key PaaS IaaS Encryption Keys Cloud Source: http://csrc.nist.gov/groups/SNS/cloud-computing/ 040
  • 41. Positioning of Enabling Technologies 041
  • 42. Risk Management and PCI – Security Aspects  Different data security methods and algorithms  Policy enforcement implemented at different system layers Data Security Method Hashing Formatted Strong Data Encryption Encryption Tokenization System Layer Application Database Column Database File Storage Device Best Worst
  • 43. Risk Management and PCI – Security Aspects  Integration at different system layers  Different data security methods and algorithms Data Security Method Hashing Formatted Strong Data Encryption Encryption Tokenization System Layer Application Database Column Database File Storage Device : N/A Best Worst
  • 44. Evaluating Field Encryption & Tokenization Evaluation Criteria Strong Field Formatted Tokenization Encryption Encryption (distributed) Disconnected environments Distributed environments Performance impact when loading data Transparent to applications Expanded storage size Transparent to databases schema Long life-cycle data Unix or Windows mixed with “big iron” (EBCDIC) Easy re-keying of data in a data flow High risk data Security - compliance to PCI, NIST Best Worst
  • 45. Vendors/Products Providing Database Protection Feature 3rd Party Oracle 9 Oracle 10 Oracle 11 IBM DB2 MS SQL Database file encryption Database column encryption Column encryption adds 32- 52 bytes (10.2.0.4, 11.1.0.7) Formatted encryption Data tokenization Database activity monitoring Multi vendor encryption Data masking Central key management HSM support (11.1.0.7) Re-key support (tablespace) Best Worst
  • 46. Column Encryption Solutions – Some Considerations Area of Evaluation 3rd Oracle Oracle Party 10 TDE 11 TDE Performance, manage UDT or views/triggers Support for both encryption and replication Support for Oracle Domain Index for fast search Keys are local; re-encryption if moving A -> B Separation of duties/key control vector Encryption format specified Data type support Index support beyond equality comparison HSM (hardware crypto) support (11.1.0.6 ) HSM password not stored in file Automated and secure master key backup procedure Keys exportable Best Worst
  • 47. Choose Your Defenses – Cost Effective PCI DSS Firewalls Encryption/Tokenization for data at rest Anti-virus & anti-malware solution Encryption for data in motion Access governance systems Identity & access management systems Correlation or event management systems Web application firewalls (WAF) WAF Endpoint encryption solution Data loss prevention systems (DLP) DLP Intrusion detection or prevention systems Database scanning and monitoring (DAM) DAM ID & credentialing system Encryption/Tokenization 0 10 20 30 40 50 60 70 80 90 % Source: 2009 PCI DSS Compliance Survey, Ponemon Institute
  • 48. Deploy Defenses Matching Data Protection Solutions with Risk Level Risk Level Solution Data Risk Field Level Low Risk Monitor Credit Card Number 25 (1-5) Social Security Number 20 CVV 20 At Risk Monitor, mask, Customer Name 12 (6-15) access control Secret Formula 10 limits, format Employee Name 9 control Employee Health Record 6 encryption High Risk Replacement, Zip Code 3 (16-25) strong encryption
  • 49. Choose Your Defenses – Total Cost of Ownership Cost Cost of Aversion – Expected Losses Protection of Data from the Risk Total Cost Optimal Risk X Risk I I Level Strong Weak Protection Protection
  • 50. Best Practices - Data Security Management Policy File System Protector Database Protector Audit Log Application Protector Enterprise Data Security Administrator Tokenization Secure Server Archive 050 : Encryption service
  • 51. About Protegrity Proven enterprise data security software and innovation leader • Sole focus on the protection of data • Patented Technology, Continuing to Drive Innovation Growth driven by compliance and risk management • PCI (Payment Card Industry) • PII (Personally Identifiable Information) • PHI (Protected Health Information) – HIPAA • State and Foreign Privacy Laws, Breach Notification Laws • High Cost of Information Breach ($4.8m average cost), immeasurable costs of brand damage , loss of customers • Requirements to eliminate the threat of data breach and non-compliance Cross-industry applicability • Retail, Hospitality, Travel and Transportation • Financial Services, Insurance, Banking • Healthcare • Telecommunications, Media and Entertainment • Manufacturing and Government
  • 52. Please contact me for more information Ulf Mattsson, CTO Protegrity Ulf . Mattsson [at] protegrity . com