//
archives

DLP

This tag is associated with 3 posts

Following a Devastating Tornado, Walker Schools Rebuilds Network to Offer Secure Access to Key Educational Resources

When a tornado tore through Walker School District’s data center in 2011, the devastation took 95% of the district’s technology infrastructure. Turning tragedy into opportunity, the administrators worked to rebuild and support the district’s commitment to creating amazing educational opportunities for their students. This meant technology that could support key educational resources, and provide access to online and internal applications, while keeping students and staff secure.

In regard to key applications, the school has partnered with NASA to bring online a lunar observatory at its Science and Technology Center, where students can use and learn from NASA technology. In addition, to teach students about sustainable food growth, Walker Schools has created a ground breaking k-12 aquaponics program, the first curriculum of its kind in a U.S. school system.

In order to meet the technical demands of the district’s 11,000 users, Walker Schools deployed WatchGuard XTM 2520, WatchGuard XTM 1050 and WatchGuard XTM 525 integrated security platforms to power its network.

The Walker School District needed a high-performing Unified Threat Management solution and found it in WatchGuard.

The Walker School District needed a high-performing Unified Threat Management solution and found it in WatchGuard.

The key element for the Walker administrators was being able to implement a system within a tight budget, yet still deliver speed, easy administration, and cutting-edge security, which they found in WatchGuard.

This commitment to providing a solid technology backbone for the various programs the district offers has resulted in the district achieving higher test scores since implementing WatchGuard’s solutions. In fact, the improved student performance have been so attractive that Walker Schools has seen an increased number of student registrations from outside the district. Students who previously attended private schools have now switched to Walker Schools after seeing the innovative learning environment that has been created with the help of WatchGuard.

Investing in WatchGuard’s unified security solution ensures Walker Schools will receive tremendous long-term value through high-quality hardware. Walker Schools has seen
a vast increase in speed and bandwidth capability as well as a reduction in malware and virus outbreaks. The new solution has been able to handle heavy network traffic seamlessly, increasing response time within the student information system. Choosing WatchGuard is predicted to benefit the district with continued use for the next five to ten years.

The district has assured its students a solid platform to build their futures and WatchGuard is pleased to be a part of that growth and development.

You can read the official Walker School District Case Study here. And as always, you can contact us with questions or drop a comment below.

Protection from the Inside Out

This post is by Roger Klorese, WatchGuard’s Director of Product Management.

When we talk about security and compliance requirements, the discussion is usually about keeping bad stuff out — protecting the network from threats, in the form of intrusions, malware, phishing spam, or others. And that’s the view most organizations take to the problem. But they’re only thinking about half the problem. Protecting the network is not just about keeping the bad stuff out, but also about keeping the good stuff — confidential information and other valuable assets — in.

This is why today we are announcing the upcoming availability of WatchGuard Data Loss Prevention, which will be available as part of our growing Unified Threat Management solution. Right out of the box, it recognizes information from many countries (18 at first, with more to come). It can find the information you need to protect — credit card numbers, home addresses, health information, and lots more — not only in your email and web pages, but in 30 of the most common document types you might be sending (including Microsoft Office files and more). It recognizes confidential documents not because you magically tagged them with a special program, but because you used your normal “Confidential” marker in them.

And if selecting from the more than 200 rules included in the product still sounds like a lot of work, how about a single check box to enable checks for the most popular compliance regimes such as PCI DSS and HIPAA? Are you ready for Data Loss Prevention?

Accidental Data Loss a Top Priority

We recently surveyed more than 2,100 security experts around the world about the regulations that govern their operations, the types of information they need to protect, and whether or not they currently do take any actions to protect it. Here are some of the most interesting things we’ve learned from our customers and from industry analyst sources — and how we’re going to help you follow through on your data loss prevention concerns.

The results of our Data Loss Prevention survey show some surprising results

The results of our Data Loss Prevention survey show some surprising results

The information that most companies told us concerned them the most about losing was financial data, as one might expect. But personally identifiable information (PII) such as national ID numbers followed close behind, as did credit card numbers.

While about a third of companies surveyed each said Payment Card Industry (PCI), Personal Health Information (PHI) and other regulations governed them, more than half said the regulations that affected them were regional data privacy concerns. With the recent high-profile PRISM news, it’s easy to see why this concern would be even more on people’s minds than ever.

About a third of the companies surveyed reported that they did business in more than one country — making their need to protect different types of data under different regulatory regimes even more complex.

Surprisingly, only a little more than half of the companies even had a policy that made it clear to their employees what information could be shared and what needed to be protected. You might think it’s a common-sense issue, but without clear guidance, employee judgment carries too much of the responsibility for decision-making. And only a third of the organizations had any technological solution for data loss protection (DLP).

Protecting from accidental disclosure

Why do so few companies use DLP technology to keep their information safe and their behavior in compliance? More than half say it’s not a high priority for them. (Which is likely to be true until they suffer the costs of a breach, including the regulatory fines that can hit them.) Many others say it’s too expensive or too complicated. They’re right about standalone DLP solutions — but those products, which often cost in the millions of dollars, are meant to block everything from an accidental leak in email to a disgruntled employee walking out the door with a flash drive full of the corporate assets.

For the accidental data loss that can occur over the network via web or email, though, companies should be able to leverage the same sorts of systems that help them keep the bad stuff out — unified threat management (UTM) systems. But until now, these products have come up short. Either they’ve been limited in their ability to recognize global data — for instance, with only one or two built-in rules for national ID detection — or they’re delivered with no rules at all built-in, requiring you to roll your own! How many of you would be driving your car today if you’d had to build it yourself?! Some products even require you to tag the documents you want to protect with a special “watermark” — if you missed a valuable one, or you accidentally pasted the wrong information into an email message, your loss. (Literally.)

Just as WatchGuard offers with all the security services our UTM platform offers to keep the bad stuff out, we use best-of-breed technology to help you keep the good stuff in. And we let you manage it from a single pane of glass, for one UTM appliance or hundreds.

We’ve looked at security from both sides now — from outside in and from inside out — and the choice is clear: the powerful UTM capabilities of WatchGuard XTM. Request your demo of WatchGuard Data Loss Prevention now! The product will be available in September.

DLP in Two Minutes

Most people have sent an email and right after clicking the send button have realized, “Uh oh, that was not the intended recipient.” Did you know that is unintentional data loss? Usually, this type of accidental data loss isn’t a big deal, but if valuable information were to get into the wrong hands the result could be catastrophic for your company.

In order to understand Data Loss Prevention, it is important to have a clear understanding of data loss, and while it may seem like a rather simple concept, the simplicity is what makes it so frightening. Any time data is set into motion – accessed in an unconventional way, forwarded to a co-worker, sent to a printer, etc. – its security is put at risk. In fact, 3 out of 5 organizations have experienced a data loss or theft event. So, when you think about how often you send something to a coworker, or access your work via your home computer or mobile device, the likelihood of data loss becomes pretty significant.

More often than not, data loss is unintentional.  Fortunately, WatchGuard strives to ensure that your company’s corporate data is safe and secure through advanced Data Loss Prevention technologies.

Data Loss Prevention is a security term that refers to a solution that identifies, monitors, and protects sensitive data to detect and prevent the unauthorized use and transmission of confidential information.

Data Loss Prevention is:

§ A business tool that requires a comprehensive strategy

§ Technology that inspects sensitive content, and audits and enforces content use policies

Data Loss Prevention can be used for:

§ Regulatory due diligence

§ Intellectual property protection

§ Accidental data loss

§ Data theft

1. The insider who acts with malicious intent: This is typically someone with administrator rights or privileges to access sensitive information or data — aka a trusted employee with normal access rights to confidential data.. What happens if this employee decides to leave and joins a competitor, or simply tries to trade this information for cash?

2. The non-malicious insider who violates policy or leak data without necessarily seeking to do so: For every malicious insider, there are dozens to hundreds of employees who are simply trying to get their work done. In the process, they perform all sorts of unwitting policy violations that put your company’s confidential data at risk.

The WatchGuard 2 minute DLP will show you just how easy it is to implement data loss prevention into your business network.  Two minutes with WatchGuard DLP can mean the difference between “oops, I didn’t mean to send that,” to front-page, headline news.