Klicka här för att ta del av presentationen

Informationssäkerhet och automatiserat
informationsutbyte – går det att kombinera?
Anders Strömberg
Marknadschef
Why is
Cross Domain Security
needed today ?
Security incidents
grow 66%
Compound Annual Growth Rate – CAGR
Total number of
detected incidents in the millions – worldwide
Source: PwC | The Global State of Information™ Security Survey 2015
4
2015-10-08
5
6
Equally on the rise, there is
an comprehensive need for
information exchange
Cloud
Big Data
Internet of Things
Bring Your Own Device
Consumer technology now in the work place
“82% of organizations are making changes
to their policies and IT infrastructure to
support the proliferation…
These changes include creating policies
on how corporate data can be shared…
and purchasing secure file sharing
services.
”
Source: IDG Enterprise’s 2014 Consumerization of IT (CITE) survey.
Evolution of Safety
The first car
Safety belts
Internet
Air bags
Antivirus
Sensors
Firewalls
????
Game Changing Thinking
Whitelist
Known
BAD
Blacklist
Known
Gray Zone
GOOD
Unknown BAD & unknown GOOD
Historically, we’ve focused on blacklist first.
We need to shift thinking to focus on whitelist first.
Förutsättningarna ändras
I Sverige
Riksdag
Justitiedepartementet
MSB
Datainspektionen
http://www.unfitbits.com/index.html
2015-10-08
13
Problematiken
Integration/Interoperabilitet
Informationskvalitet
Mänskliga faktorn
Skillnad i behov
Harri Larsson, strategichef för försvar och nationell
säkerhet i Norden på Hewlett-Packard.
2015-10-08
15
Bygga tillit
•
•
•
Individens möjlighet till insyn
och förståelse
Myndighetens möjlighet att
minska misstag
Myndighetens möjlighet att
automatisera med hänsyn tagen
till kontroll och uppföljning
Government
cloud lösning
Automatisk informationsutbyte
Security
Myndighet
2
Domain 2
Filtered data
exchange
Filtered data
exchange
Security1
Myndighet
Domain 1
Tredjepart
(Kontroll myndighet)
Administration
Log
Skapa policy i samförstånd
Auditing Reports
Dept (B)
Dept (C)
Dept (A)
A to B
Policy
Policy
Policy
A to C
Definition
Development
Activation
B to A
C to A
Policies
HQ approve
Kontrollmyndighet
HQ approve
Kontrollmyndighet
Enforcement
HQ
Policy definiering och kontroll
Information Centric Design
Hela meddelandet samlas ihop innan det kontrolleras
Allt utom den väsentliga informationen tas bort
Informationen kontrolleras så att det uppfyller kraven
för barriären
Filtret tar bort det som inte får passera eller släppas
igenom
Meddelandet återskapas och vid behov anpassas till
mottagande system.
An filterer på alla nivåer. Kan byta filtyp
Receiver
Sender
Content
Size
Digital signature
No attachments
ZoneGuard is a business centric solution
Protecting & enabling your highly valued information assets
OUTSIDE
WORLD
SENSITIVE
INFORMATION
FIREWALLS
ZONEGUARD
GATEWAYS
INTRUSION
PROTECTION
DATA
LEAKAGE
DATA CENTRIC TRAFFIC
Key function is to protect from the
known bad coming from the outside.
BUSINESS CENTRIC TRAFFIC
Key function is to ONLY allow the known
good to pass through as defined by your uniquely
defined business rules.
SCANDINAVIA
I korthet







Grundat 1993
Lund – Sweden
50+ anställda
60+% utvecklare
”Made in Sweden”
Noterat på NASDAQ OMX
Mer info på
BALTIC
WESTERN EUROPE
CENTRAL EUROPE
www.advenica.com
2015-03-17
24
R&D and
manufacturing
in Lund,
Sweden
Unique solutions
for simplified
information
exchange
Match
assurance
requirements
to customer
needs
Empowering
Trust
20+ years
experience in
encryption
& security
Customer
focused
business models
Continually
addressing
threats to help
future-proof data
security
Anders Strömberg
VP Marketing
anders.stromberg@advenica.com
+46 70816 09 47
25