Informationssäkerhet och automatiserat informationsutbyte – går det att kombinera? Anders Strömberg Marknadschef Why is Cross Domain Security needed today ? Security incidents grow 66% Compound Annual Growth Rate – CAGR Total number of detected incidents in the millions – worldwide Source: PwC | The Global State of Information™ Security Survey 2015 4 2015-10-08 5 6 Equally on the rise, there is an comprehensive need for information exchange Cloud Big Data Internet of Things Bring Your Own Device Consumer technology now in the work place “82% of organizations are making changes to their policies and IT infrastructure to support the proliferation… These changes include creating policies on how corporate data can be shared… and purchasing secure file sharing services. ” Source: IDG Enterprise’s 2014 Consumerization of IT (CITE) survey. Evolution of Safety The first car Safety belts Internet Air bags Antivirus Sensors Firewalls ???? Game Changing Thinking Whitelist Known BAD Blacklist Known Gray Zone GOOD Unknown BAD & unknown GOOD Historically, we’ve focused on blacklist first. We need to shift thinking to focus on whitelist first. Förutsättningarna ändras I Sverige Riksdag Justitiedepartementet MSB Datainspektionen http://www.unfitbits.com/index.html 2015-10-08 13 Problematiken Integration/Interoperabilitet Informationskvalitet Mänskliga faktorn Skillnad i behov Harri Larsson, strategichef för försvar och nationell säkerhet i Norden på Hewlett-Packard. 2015-10-08 15 Bygga tillit • • • Individens möjlighet till insyn och förståelse Myndighetens möjlighet att minska misstag Myndighetens möjlighet att automatisera med hänsyn tagen till kontroll och uppföljning Government cloud lösning Automatisk informationsutbyte Security Myndighet 2 Domain 2 Filtered data exchange Filtered data exchange Security1 Myndighet Domain 1 Tredjepart (Kontroll myndighet) Administration Log Skapa policy i samförstånd Auditing Reports Dept (B) Dept (C) Dept (A) A to B Policy Policy Policy A to C Definition Development Activation B to A C to A Policies HQ approve Kontrollmyndighet HQ approve Kontrollmyndighet Enforcement HQ Policy definiering och kontroll Information Centric Design Hela meddelandet samlas ihop innan det kontrolleras Allt utom den väsentliga informationen tas bort Informationen kontrolleras så att det uppfyller kraven för barriären Filtret tar bort det som inte får passera eller släppas igenom Meddelandet återskapas och vid behov anpassas till mottagande system. An filterer på alla nivåer. Kan byta filtyp Receiver Sender Content Size Digital signature No attachments ZoneGuard is a business centric solution Protecting & enabling your highly valued information assets OUTSIDE WORLD SENSITIVE INFORMATION FIREWALLS ZONEGUARD GATEWAYS INTRUSION PROTECTION DATA LEAKAGE DATA CENTRIC TRAFFIC Key function is to protect from the known bad coming from the outside. BUSINESS CENTRIC TRAFFIC Key function is to ONLY allow the known good to pass through as defined by your uniquely defined business rules. SCANDINAVIA I korthet Grundat 1993 Lund – Sweden 50+ anställda 60+% utvecklare ”Made in Sweden” Noterat på NASDAQ OMX Mer info på BALTIC WESTERN EUROPE CENTRAL EUROPE www.advenica.com 2015-03-17 24 R&D and manufacturing in Lund, Sweden Unique solutions for simplified information exchange Match assurance requirements to customer needs Empowering Trust 20+ years experience in encryption & security Customer focused business models Continually addressing threats to help future-proof data security Anders Strömberg VP Marketing [email protected] +46 70816 09 47 25
© Copyright 2024