Table of Contents |
---|
Meeting
Agenda
Visualization of DLP and Goals
- Pilot is specifically about Data Leakage
- Bring real business value * what keeps you up at night
- Close audit requirements
- Passive
Validate Top Level Use Cases
- User Story which Shows Proposed Workflow Parameters
- Ensure Alignment with Stakeholder Needs
Collaborative Business Participation
Needs
- Desktop Hostname and Domain IDs for example AD\JSmith
- Data Identifiers - Definition of Addresses to Add to White List
- Other Data Identifiers - Already Gathered by Anderson
Discussion
- Rules for Escalation * better rules less false positives
- Medium of Notification * email reports, direct calls
- How You Want to Action Incidents
Visualization of DLP
There are three areas of Data Leakage Prevention:
DLP | How it Works | Key Concepts | |||
---|---|---|---|---|---|
Policy Gateway (currently in place) | All data (email, web traffic, ftp traffic) flows through a central policy gateway. The service reviews and alerts on CIBC specified keywords and document profiles. |
| |||
End-Point | Protection ServicesDesktop | Installed on user machines, End-Point | Protection Services scans Desktop,
| on
In addition End-Point Desktop can interact with devices (USB, printers, etc). |
|
Data Discovery Services | Scan data repositories (network shares, websites | and , desktop computers and databases) and identify improperly protected files. Sensitive files are identified by CIBC specified keywords and document profiles. |
| files
|