18 th Panhelenic Conference of Informatics University of
- Slides: 30
18 th Panhelenic Conference of Informatics University of Piraeus DESIGNING AND DEVELOPING FREE DATA LOSS PREVENTION SYSTEM Koutsourelis Dimitrios a Sokratis K. Katsikas b Systems Security Laboratory Dept. of Digital Systems School of Information & Communication Technologies University of Piraeus a. Msc in Security of Digital Systems b. Professor, University of Piraeus
Outline 1. Data Loss Prevention and other boring terms. 2. Main goal and benefits. 3. Implementation.
Data Loss Prevention - What is it? Data Loss Prevention Firewalls and IDSs Data Loss Prevention
Data Loss Prevention - What is it? Dta Leak Prevention Extrusion Prevention Data Loss Information Loss Prevention DLP Prevention Content Monitoring and Filtering Data Loss Protection Data Leak Protection
Types of DLP 3 Primary states of Datain atin. Motion Rest Use Information
DLP Basic Components v. Endpoint DLP v. Network DLP v. Central Management Console
DLP’s Basic Characteristic Content Discovery Content What and Awareness Where?
Open. DLP v. Windows filesystem Only deals with the Free , Open Source, agent Components: Regular expressions defeats v. Encryption Windows Network Share and agentless based DLP Endpoint vthis UNIX Filesystem v Web application found tool in cleartext software tool v. Microsoft SQL Server v Agents v. My. SQL
Open. DLP More information: 1. Open. DLP, Available online: https: //code. google. com/p/opendlp/. 2. Open. DLP: Data loss prevention tool,
My. DLP v Data in motion Free. Agent DLP software based Windows OS v Data at rest tool. v Data in use
My. DLP Enterprise Edition Community Edition
My. DLP More information: 1. R. K, Open Source DLP – Data Leak/Loss Prevention Application: My. DLP, Available Online: http: //www. excitingip. com/3950/open-source-dlp-dataleakloss-prevention-application-mydlp/. 2. My. DLP, Available Online: http: //www. mydlp. com/why-mydlp/. 3. My. DLP Administration Guide, Version 2. 0, My. DLP, 2012. 4. My. DLP Endpoint Installation Guide, Version 2. 0, My. DLP, 2013. 5. My. DLP Installation Guide, Version 2. 0, My. DLP, 2013.
Main Goal DLP solution based exclusively on free software tools. v My. DLP and Open. DLP. v Combination and colaboration. v
My. DLP Community vs Enterprise Edition
Open. DLP – My. DLP combination Open. DLP My. DLP Data in Motion Data at Rest Data in Use Data at Rest
Open. DLP – My. DLP combination v Open. DLP - What data and where. v My. DLP – Exact policies for Data in Motion, Data in Use.
Open. DLP – My. DLP combination Se n o i t c ? ? ? Titl e? ? ?
Open. DLP – My. DLP combination Benefits: 1. Limit resources consumption 2. Increase detection speed 3. Reduce False Positives
Human Factor – The weak link Constant need for Start. DLP scans Update Check results Policies human interference
Human Factor – The weak link Hu an ma d. N n. E eg rro lige r nce
The Need for Automation Event scheduling NOT TO REPLACE THE 2. Open. DLP’s scan results comparison. mechanism WEB PLATFORMS 1. Scan initiation procedure in Open. DLP. 3. Rules creation procedure in My. DLP. e. g. Cron scheduler
Open. DLP Automation Selenium Webdriver Export and save HTML Startelements scan results
Results Comparison Automation Existing Data If filename EXISTS, Md 5 value NOT if filename AND md 5 values NOT in if filename AND md 5 value EXIST in XML Document Current Previous Scan Results File unchanged Modified File Deleted incurrent scan’s results Modification
Results Comparison If. New filename EXISTS, but New Data Entries New data entries or New If filename File Detected NOT infiles Data detection pattern NOT in Detected detected sent to previous scan’s results previous scan’s administrator viaresults e-mail
My. DLP Automation Flash app disassembling not Use of Selenium Webdriver Limitation reliable NOT possible
Sikuli Create rules based on custom user Parse Open. DLP’s detected data Image Recognition Custom user object Technology
Conclusion v. Solid DLP services at no cost! v. Combination of tools counterbalances weaknesses. v. Automation increases system’s capabilities. v. Minimize human error and negligence
References � ISACA, "Data Leak Prevention“, ISACA, 2010. � Prathaben Kanagasingham, Sans Insitute, "Data Loss Prevention“, Sans Insitute, 2008. � T. Torsteinbø, “Data Loss Prevention Systems and Their Weaknesses”, University of Agder, 2012. � Securosis, L. L. C, "Understanding and Selecting a Data Loss Prevention Solution“, Securosis, 2010
References � D. Koutsourelis, Designing a free Data Loss Prevention System, MSc Thesis, Piraeus: Systems Security Laboratory, Dept. of Digital Systems, University of Piraeus, 2014.
Questions ? ? ?
Opendlp
Belarusian university of informatics and radioelectronics
George mason university health informatics
Steve jobs commencement address
Observational health data sciences and informatics
Nursing informatics and healthcare policy
Introduction to medical informatics
Informatics 43 uci
Informatics 43 uci
Supply chain informatics
Python for informatics
Dikw examples in nursing
Supply chain informatics
Python for informatics
Python for informatics
Python for informatics
Informatics basics
Health informatics
Medical automation systems
Nursing informatics theories, models and frameworks
Python for informatics: exploring information
What is pharmacy
Asc code
Social informatics definition
Chapter 26 documentation and informatics
Health informatics skills
History of pharmacy informatics
History of pharmacy informatics
Biomedical informatics definition
Va office of health informatics
Pitt health informatics
