Over the past decade, during the journey of server virtualization from primarily dev/test environments to mission-critical deployment on-premise and in the cloud, the applications that have led the way have been the email and web services that power most businesses. And as those business-critical uses keep growing so to do the need to keep them secure. But protection of virtualized and cloud-based deployments is difficult if you use solely traditional security appliances. That changes now with the arrival of WatchGuard XCS 10, the latest operating system for our enterprise content security platform.
With new Microsoft Hyper-V® support, IPv6 support, and outbound anti-spam capabilities, XCS 10 streamlines the implementation and management of content security strategies for small, medium and large enterprises.
According to Gartner, nearly two-thirds of x86 architecture workloads have been virtualized on servers. The growth of virtualization in the SMB and mid-sized enterprise has been accompanied with the growth of Hyper-V market share. As email and Web being two of the most commonly virtualized enterprise applications, having the ability to protect them within the same cloud/virtualized environment in which they are deployed gives IT organizations increased flexibility and business continuity. This streamlines management as well as enables the system to scale. And now they can take advantage of this power on Hyper-V as well as on VMware vSphere.
Unlike software-only solutions, customers do not need to install, maintain, and patch operating systems and other tools in order to deploy rich email and web security with data loss prevention.
WatchGuard XCS 10 also brings support for the IPv6 standard. One of the side effects of the rise in virtualization and the digitization of the world’s workforces is that we have effectively run out of blocks of “classic” IP addresses. In fact, in some parts of the world, IPv6 is now mandatory. WatchGuard XCS 10 not only supports IPv6, but also enables mixed legacy environments to ensure global connectedness and security.
Being able to assess incoming threats in real time, export reports that inform key decision makers and analyze network usage as it ebbs and flows is a vital tool for fighting the threats, vulnerabilities and attacks that businesses around the world face. In network security, visibility is protection.
Unfortunately, a recent survey by the SANS Institute shows that only 10 percent of respondents felt confident analyzing large data sets for security trends, even though 77 percent are collecting logs and monitoring data from various systems and security devices.
And, this lack of visibility gets worse. In a recent survey conducted by WatchGuard and Slashdot of security professionals, WatchGuard found that:
To date, security professionals have had to rely on log data and perhaps some basic geomaps (or use complex and costly SIEM solutions). At times, those logs can feel like drowning in a sea of data.
But, all of this is about to change.
A recent report from Frost & Sullivan analyst Frank Dixon recommends that “reporting tools need to aggregate information across multiple security service to enable a singular view, allowing for ease in management and greater effectiveness of network security problem diagnosis.”
WatchGuard Dimension is a big data-style network security visibility solution that’s now standard on WatchGuard’s flagship XTM Unified Threat Management platform. To learn more about the importance of increased visibility in UTM systems, you can read this white paper that outlines the factors companies need to consider.
Get instant visibility to top-line security issues. Instantly grasp activity by top user, site or app. Home in on risk sources. Now you’re armed with actionable insight, delivered in a unified view. Here are the key features of WatchGuard Dimension:
Executive Dashboard: Provides a high-level view of the various data streams being monitored. With just a click, users can drill all the way down to individual log data, as needed.
Executive Reporting: With the Executive Reporting function, users can choose from more than 70 comprehensive reports, with both summary and detail options tailored for C-level executives, IT directors, compliance officers and small business owners. Summary report options include specific HIPAA and PCI compliance reports, plus the ability to pre-schedule reports for delivery to key stakeholders in a user’s organizations. These reports can be exported to sharable PDFs.
Hierarchical TreeMap:WatchGuard Dimension’s TreeMap, called FireWatch, filters traffic in a way that instantly brings your eye to the most critical information on active users and connections, as well as who and what is using the most bandwidth. The TreeMap view also provides options to pivot, drill-down and filter.
Global ThreatMap: ThreatMap features multiple, interactive configurable views on a world map, making it possible to have real time views of threats per region. That information is critical to helping users identify and fine-tune defenses against those attacks.
Building a product like this is not just something we do lightly. We know there will be some adjustments to the new user interface. The survey data we mentioned earlier highlights the difficulty of utilizing raw data logs to quickly assess a threat or analyze data consumption to make assertive policy decisions.
WatchGuard Dimension is now available with WatchGuard’s 11.8 launch of its XTM security platform solution. But there’s more in the release too. We have added Data Loss Prevention to the platform and updated the Web user interface to make it responsive and compatible with mobile devices.
Ready to try it out? For complete Dimension information and features, please click here.
When South Korean retailer Ministop needed to build a network with centralized connectivity and manageability for seamless communication between its 2,000 retail locations and corporate headquarters, there was only one clear option: WatchGuard.
Ministop, which operates a franchise of convenience stores across South Korea, wanted to ensure that any system it put out was a partnership between the stores and headquarters. Ministop chose WatchGuard’s Extensible Threat Management platform for its Unified Threat Management needs based on several critical factors: price, functionality and performance.
After implementing the WatchGuard solution, Ministop now has a centralized security policy management system. When new policies are created, Ministop can immediately apply them across the entire network.
The previous procedure required the monitoring center to be notified of any abnormalities before any action could be taken. Now, WatchGuard’s XTM utilizes real-time monitoring of any changes in internal traffic, this allows for immediate confirmation and response without delay.
Ministop has also seen an improvement in overall network performance, which is inline with recent performance testing of WatchGuard’s UTM solutions.
This post is by Roger Klorese, WatchGuard’s Director of Product Management.
When we talk about security and compliance requirements, the discussion is usually about keeping bad stuff out — protecting the network from threats, in the form of intrusions, malware, phishing spam, or others. And that’s the view most organizations take to the problem. But they’re only thinking about half the problem. Protecting the network is not just about keeping the bad stuff out, but also about keeping the good stuff — confidential information and other valuable assets — in.
This is why today we are announcing the upcoming availability of WatchGuard Data Loss Prevention, which will be available as part of our growing Unified Threat Management solution. Right out of the box, it recognizes information from many countries (18 at first, with more to come). It can find the information you need to protect — credit card numbers, home addresses, health information, and lots more — not only in your email and web pages, but in 30 of the most common document types you might be sending (including Microsoft Office files and more). It recognizes confidential documents not because you magically tagged them with a special program, but because you used your normal “Confidential” marker in them.
And if selecting from the more than 200 rules included in the product still sounds like a lot of work, how about a single check box to enable checks for the most popular compliance regimes such as PCI DSS and HIPAA? Are you ready for Data Loss Prevention?
We recently surveyed more than 2,100 security experts around the world about the regulations that govern their operations, the types of information they need to protect, and whether or not they currently do take any actions to protect it. Here are some of the most interesting things we’ve learned from our customers and from industry analyst sources — and how we’re going to help you follow through on your data loss prevention concerns.
The information that most companies told us concerned them the most about losing was financial data, as one might expect. But personally identifiable information (PII) such as national ID numbers followed close behind, as did credit card numbers.
While about a third of companies surveyed each said Payment Card Industry (PCI), Personal Health Information (PHI) and other regulations governed them, more than half said the regulations that affected them were regional data privacy concerns. With the recent high-profile PRISM news, it’s easy to see why this concern would be even more on people’s minds than ever.
About a third of the companies surveyed reported that they did business in more than one country — making their need to protect different types of data under different regulatory regimes even more complex.
Surprisingly, only a little more than half of the companies even had a policy that made it clear to their employees what information could be shared and what needed to be protected. You might think it’s a common-sense issue, but without clear guidance, employee judgment carries too much of the responsibility for decision-making. And only a third of the organizations had any technological solution for data loss protection (DLP).
Why do so few companies use DLP technology to keep their information safe and their behavior in compliance? More than half say it’s not a high priority for them. (Which is likely to be true until they suffer the costs of a breach, including the regulatory fines that can hit them.) Many others say it’s too expensive or too complicated. They’re right about standalone DLP solutions — but those products, which often cost in the millions of dollars, are meant to block everything from an accidental leak in email to a disgruntled employee walking out the door with a flash drive full of the corporate assets.
For the accidental data loss that can occur over the network via web or email, though, companies should be able to leverage the same sorts of systems that help them keep the bad stuff out — unified threat management (UTM) systems. But until now, these products have come up short. Either they’ve been limited in their ability to recognize global data — for instance, with only one or two built-in rules for national ID detection — or they’re delivered with no rules at all built-in, requiring you to roll your own! How many of you would be driving your car today if you’d had to build it yourself?! Some products even require you to tag the documents you want to protect with a special “watermark” — if you missed a valuable one, or you accidentally pasted the wrong information into an email message, your loss. (Literally.)
Just as WatchGuard offers with all the security services our UTM platform offers to keep the bad stuff out, we use best-of-breed technology to help you keep the good stuff in. And we let you manage it from a single pane of glass, for one UTM appliance or hundreds.
We’ve looked at security from both sides now — from outside in and from inside out — and the choice is clear: the powerful UTM capabilities of WatchGuard XTM. Request your demo of WatchGuard Data Loss Prevention now! The product will be available in September.
It is rational that not all data loss from within an organization is malicious. In fact, in most cases data loss is the result of common mistakes that employees make. To understand the risks to our confidential data by employees, it is important to understand common risky behavior, as well as common errors that employees make that heighten the risk of data loss and spur the need for data loss prevention.
Sending Confidential Documents to Personal Email Addresses
Many of us are guilty of this. Rather than take home our company‐issued laptops to work on a document that contains sensitive data, we send the document to our personal email account, like Hotmail or Gmail, intending to work on it when we have a moment over the weekend. The issue here is that this behavior poses a high risk to the confidential data being transmitted because these types of applications do not use the same security standards or email encryption that have been implemented throughout company email networks. Although you may have stringent policies on what can be sent via email, if you do not have the same protection in place across web, then this sensitive information may be at risk as it passes through mostly unmonitored waypoints.
With all of the automation and new features being introduced in business communications tools and applications today, the likeliness of human error as a threat vector has never been higher. For example, if you consider the Microsoft Outlook AutoComplete Email Address feature whereby the system populates the “To” field in an email by detecting the first few letters input by the sender and populating it with the first name that matches, unless the employee is diligent to ensure that the recipient address is a match, sensitive data can end up in the wrong hands.
Unauthorized Sharing of Corporate Computer Resources
Many employees bring their company‐issued laptops home and share the devices with friends and family members. Occasionally, an employee, in an effort to provide guidance or mentoring to a friend, may even share a document with a personal contact to provide a sample template. Or, on the flip side, an employee may share a confidential document with a friend to get some brainstorming ideas. Consider a third scenario whereby employees do not lock their desktops when leaving their desks, leaving sensitive information exposed should someone access the employee’s computer. Although not malicious in nature, this type of behavior is another example of common root causes of unintentional data loss.
System access can be used for any number of malicious tactics by employees, but it also accounts for 46% of data breaches. This involves the malicious use of information assets to which an employee is granted access. Even more alarming is that 51% of data breaches that originate from internal sources are originated from regular employees (see chart at right).
These are just some examples of risky employee behavior that contribute to the likelihood of unauthorized data loss. Now, more than ever, companies have to be diligent at not only creating a strong data loss prevention policy management program, but implementing and monitoring it to identify violations and security gaps. Organizations owe it to themselves and their customers to keep information from falling into the wrong hands. At the same time they need to ensure that legitimate business processes and communications are not hindered.
An effective data loss prevention (DLP) solution can accomplish this by providing the ability for compliance and policy officers to create granular outbound policies by user, group or domain. Different people have varying roles and responsibilities; having a DLP solution that recognizes this and enforces appropriate, user‐ or group‐level policies while not hindering the regular course of business is imperative.
Any time data is set into motion – accessed in an unconventional way, forwarded to a co‐worker, sent to a printer, etc. – data security is put at risk. Managing (and controlling) data‐in‐motion is a requirement for businesses to function effectively and efficiently. At the same time, it is also a growing data security threat that requires proactive data loss prevention solutions.
Data loss (or leakage) occurs in every organization either unintentionally or maliciously. In fact, according to the Ponemon Institute, 3 out of 5 organizations have experienced a data loss or theft event, and approximately 9 out of 10 data loss or theft events go unreported.
In addition, all types of data are vulnerable. Why? More and more employees rely on email for business communications and they use email as a central filing system where they store the bulk of their critical business information. This dramatically increases the probability of leaking sensitive or confidential data. All it takes is for a recipient’s email address to be misspelled or an incorrect key to be pressed by an employee and a message containing confidential information ends up in the wrong hands. All of us can relate.
At some point or another, we have pressed the send button a little too hastily and realized, after the fact, that our email ended up in an unintended recipient’s inbox. In addition, advances in technology make it even easier for this inadvertent data loss to occur. For example, Microsoft Outlook Autocomplete Email Address feature adds a great convenience to our email experience, but if you start typing “firstname.lastname@example.org” and the system automatically picks up the first “susan” as being “email@example.com” without you noticing that data can end up in the wrong hands and could have a detrimental effect on your business.
Data loss can be attributed to many factors such as computer loss or theft, hacking, malware, network exposure, and more, and many of these reasons for data loss can be avoided. To prevent data loss, an organization needs to have a comprehensive data loss prevention solution in place that not only protects networks from inbound threats to data, but also outbound data loss prevention measures need to be addressed to prevent confidential consumer, personal, and sensitive corporate information from exiting the organization.
So what’s the Cost of a Data Breach?
Data loss becomes a significant problem and risk as organizations are trying to meet and manage regulatory and internal compliance and control requirements, including:
Getting caught losing sensitive data is expensive, disruptive, and damaging to carefully nurtured corporate images. There are significant hard costs to non‐compliance in mitigation and remediation to affected individuals such as auditors and board members not to mention regulatory fines and fees to support increased audits. However, often unappreciated are the soft costs to brand equity and competitive advantage which result in lost customers. Enterprises are penalized in both the court of law and the court of public opinion.
If sensitive information is exposed, it’s not only the millions of dollars to fix that breach that costs the company, it can wreak havoc on the company in other ways, such as:
Whether your data loss is accidental or malicious, you need to gain insight into the magnitude of your data loss problem, identify security gaps, and develop a proactive approach to prevent data loss before it happens. The vast amount of potential avenues along with the wide array of privacy and security requirements has escalated data loss prevention to become a critical issue that can only be addressed by comprehensive data loss prevention tools that are used to accelerate business, protect your organization, and ensure privacy. Organizations can no longer afford to ignore data security. The day when the fall‐out from one data loss incident is sufficient to bankrupt a business may not be far away. Don’t let it be yours!
Most people have sent an email and right after clicking the send button have realized, “Uh oh, that was not the intended recipient.” Did you know that is unintentional data loss? Usually, this type of accidental data loss isn’t a big deal, but if valuable information were to get into the wrong hands the result could be catastrophic for your company.
In order to understand Data Loss Prevention, it is important to have a clear understanding of data loss, and while it may seem like a rather simple concept, the simplicity is what makes it so frightening. Any time data is set into motion – accessed in an unconventional way, forwarded to a co-worker, sent to a printer, etc. – its security is put at risk. In fact, 3 out of 5 organizations have experienced a data loss or theft event. So, when you think about how often you send something to a coworker, or access your work via your home computer or mobile device, the likelihood of data loss becomes pretty significant.
More often than not, data loss is unintentional. Fortunately, WatchGuard strives to ensure that your company’s corporate data is safe and secure through advanced Data Loss Prevention technologies.
Data Loss Prevention is a security term that refers to a solution that identifies, monitors, and protects sensitive data to detect and prevent the unauthorized use and transmission of confidential information.
Data Loss Prevention is:
§ A business tool that requires a comprehensive strategy
§ Technology that inspects sensitive content, and audits and enforces content use policies
Data Loss Prevention can be used for:
§ Regulatory due diligence
§ Intellectual property protection
§ Accidental data loss
§ Data theft
1. The insider who acts with malicious intent: This is typically someone with administrator rights or privileges to access sensitive information or data — aka a trusted employee with normal access rights to confidential data.. What happens if this employee decides to leave and joins a competitor, or simply tries to trade this information for cash?
2. The non-malicious insider who violates policy or leak data without necessarily seeking to do so: For every malicious insider, there are dozens to hundreds of employees who are simply trying to get their work done. In the process, they perform all sorts of unwitting policy violations that put your company’s confidential data at risk.
The WatchGuard 2 minute DLP will show you just how easy it is to implement data loss prevention into your business network. Two minutes with WatchGuard DLP can mean the difference between “oops, I didn’t mean to send that,” to front-page, headline news.
There’s a show on The Style Network called “Too Fat For Fifteen Fighting Back” in which teens that are dealing with morbid obesity have chosen to live healthy lifestyles. What does this have to do with security, you may ask? Well, on a recent episode, many of the counselors and teens talked about how they had been bullied and a bullying expert discussed ways to stand-up to bullies.
However, with the high adoption of technology by the younger generation, bullying has left the playground and entered the cyber world. Today it is common for children to be bullied 24-hours a day, 7 days a week! Cyber-bullying is different to traditional harassment because humiliating rumors, threats and vicious taunts can be viewed by millions and can be devastating to youth and their families. How are children and adults expected to fight now?
How to prevent cyber-bullying is a hot topic, not only with education, but the government. On March 10th the White House held its first Conference on Bullying Prevention to address best ways to prevent cyber-bullying. However, though facts about cyber-bullying and prevention may be a hot topic, many schools still don’t teach kids how to handle cyber-bullying incidents. According to a survey released by the National Cyber Security Alliance and Microsoft, it was revealed that only 26 percent of K-12 teachers taught kids how to handle incidents of cyber-bullying, while only 15 percent spoke to students about online “hate speech.”
There is good news. Today schools can stop cyber-bullying before it happens. With the advancement in technology, network security has become more and more important not just for keeping hackers out, but for also protecting students.
How does WatchGuard stop cyber-bullying in its tracks?
Easily. WatchGuard Extensible Content Security (XCS) features the ability to block or flag cyber-bullying, slander and comments related to depression and suicide through traditional email, webmail (such as Gmail) and Internet sites including Facebook. This means that attempted posts to Facebook can be blocked due to the nature of the words used in the post. The user only sees an error message, and would believe that either Facebook has blocked the post, or Facebook is currently down.
Fresh on the heels of the massive email security breach at Epsilon, we’re seeing a renewed interest in email security solutions and email encryption. And that’s a good thing! It’s not just Epsilon that experiences email security breaches, just do a Google search on ‘email security breach news’ and see for yourself. One study – Email still the top source of data loss, by Help Net Security –revealed that more than 35 percent of companies surveyed had investigated a leak of confidential or proprietary information via email over a 12-month period. On average, respondents estimated that as many as one in five outbound email messages contain content that poses a legal, financial, or regulatory risk.
According to the Ponemon Institute’s annual U.S Cost of a Data Breach Study, non-compliance costs are 2.65 times higher for organizations than compliance costs. That means that companies with ongoing investments in compliance-related activities save money compared with organizations that fail to comply with government and industry mandates. In short, it pays to be compliant.
Email encryption is an essential component of regulations that are designed to protect the privacy and reliability of business and personal information.
Email Encryption Laws and Regulations
The following list includes just some of the requirements that are driving encryption adoption in the United States and around the world.
The consequences of violating these and other government and industry encryption requirements can include fines (for example, the HITECH Act allows for penalties of up to $1.5 million), incarceration, public embarrassment, loss of business privileges and customer/client/ patient/stakeholder trust. Once again, and in short, it pays to be compliant.