Podcasts about data loss prevention

  • 67PODCASTS
  • 99EPISODES
  • 26mAVG DURATION
  • 1MONTHLY NEW EPISODE
  • Apr 24, 2025LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about data loss prevention

Latest podcast episodes about data loss prevention

Microsoft Mechanics Podcast
How Microsoft 365 Backup works and how to set it up

Microsoft Mechanics Podcast

Play Episode Listen Later Apr 24, 2025 0:50 Transcription Available


Protect your Microsoft 365 data and stay in control with Microsoft 365 Backup —whether managing email, documents, or sites across Exchange, OneDrive, and SharePoint. Define exactly what you want to back up and restore precisely what you need to with speeds reaching 2TB per hour at scale. With flexible policies, dynamic rules, and recovery points up to 365 days back, you can stay resilient and ready. Jeremy Chapman, Director on the Microsoft 365 product team, shares how to minimize disruption and keep your organization moving forward with Microsoft 365 Backup. QUICK LINKS:  00:00 - Automate recovery process 00:37 - How to use Microsoft 365 Backup 01:49 - Compare with migration-based solutions 02:30 - How to set it up 03:33 - Exchange policy for email backup 05:00 - View and manage backups 05:24 - Recover from a restore point 07:45 - Restore from OneDrive & SharePoint 08:33 - Bulk restore 09:41 - Wrap up ► Link References Check out https://aka.ms/M365Backup Additional backup and restore considerations at https://aka.ms/M365BackupNotes ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics  

Microsoft Mechanics Podcast
Microsoft Purview protections for Copilot

Microsoft Mechanics Podcast

Play Episode Listen Later Apr 22, 2025 9:11 Transcription Available


Use Microsoft Purview and Microsoft 365 Copilot together to build a secure, enterprise-ready foundation for generative AI. Apply existing data protection and compliance controls, gain visibility into AI usage, and reduce risk from oversharing or insider threats. Classify, restrict, and monitor sensitive data used in Copilot interactions. Investigate risky behavior, enforce dynamic policies, and block inappropriate use—all from within your Microsoft 365 environment.  Erica Toelle, Microsoft Purview Senior Product Manager, shares how to implement these controls and proactively manage data risks in Copilot deployments.  ► QUICK LINKS: 00:00 - Microsoft Purview controls for Microsoft 365 Copilot 00:32 - Copilot security and privacy basics 01:47 - Built-in activity logging 02:24 - Discover and Prevent Data Loss with DSPM for AI 04:18 - Protect sensitive data in AI interactions 05:08 - Insider Risk Management 05:12 - Monitor and act on inappropriate AI use 07:14 - Wrap up ► Link References Check out https://aka.ms/M365CopilotwithPurview Watch our show on oversharing at https://aka.ms/OversharingMechanics ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics  

Microsoft Mechanics Podcast
Microsoft Purview: New data security controls for the browser & network

Microsoft Mechanics Podcast

Play Episode Listen Later Apr 9, 2025 9:57 Transcription Available


Protect your organization's data with Microsoft Purview. Gain complete visibility into potential data leaks, from AI applications to unmanaged cloud services, and take immediate action to prevent unwanted data sharing. Microsoft Purview unifies data security controls across Microsoft 365 apps, the Edge browser, Windows and macOS endpoints, and even network communications over HTTPS —all in one place. Take control of your data security with automated risk insights, real-time policy enforcement, and seamless management across apps and devices. Strengthen compliance, block unauthorized transfers, and streamline policy creation to stay ahead of evolving threats. Roberto Yglesias, Microsoft Purview Principal GPM, goes beyond Data Loss Prevention (DLP) and shows how to ensure your data stays protected no matter where it goes. ► QUICK LINKS: 00:00 - Data Loss Prevention in Microsoft Purview 01:33 - Assess DLP Policies with DSPM 03:10 - DLP across apps and endpoints 04:13 - Unmanaged cloud apps in Edge browser 04:39 - Block file transfers across endpoints 05:27 - Network capabilities 06:41 - Updates for policy creation 08:58 - New options 09:36 - Wrap up ► Link References Get started at https://aka.ms/PurviewDLPUpdates ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

CISO Tradecraft
#224 - The Evolution of Data Loss Prevention (DLP)

CISO Tradecraft

Play Episode Listen Later Mar 17, 2025 30:34 Transcription Available


In this episode of CISO Tradecraft, host G. Mark Hardy dives into the evolution, challenges, and solutions of Data Loss Prevention (DLP). From early methods like 'dirty word lists' in the military to advanced AI and machine learning models of today, discover how DLP technologies have developed to safeguard sensitive information. Learn about different DLP phases, regulatory impacts, and modern tools like Microsoft Purview that can help manage and classify data effectively. This episode is packed with valuable insights to help you tackle data security with confidence and efficiency. Transcripts https://docs.google.com/document/d/1u7owNI5P3WajJvRPIXbzrUYy-PCsRcfC References Crash course in Microsoft Purview: A guide to securing and managing your data estate Chapters 00:00 Introduction to Data Loss Prevention (DLP) 00:45 Early Days of DLP: Dirty Word Lists and Simple Networks 02:39 Evolution of DLP: Content Filtering and Endpoint Protection 06:05 Advanced Content Inspection and Policy Enforcement 09:19 Unified DLP and Cloud Adoption 16:04 Modern DLP: AI, Machine Learning, and Zero Trust 19:12 Implementing DLP with Microsoft Purview 28:59 Summary and Final Thoughts  

Microsoft Mechanics Podcast
Data Security Posture Management (DSPM), new to Microsoft Purview Unlisted

Microsoft Mechanics Podcast

Play Episode Listen Later Nov 22, 2024 9:57


Stay ahead of evolving risks and mitigate vulnerabilities with Microsoft Purview Data Security Posture Management (DSPM). Gain prioritized visibility into data security risks, track unprotected sensitive information, and receive actionable insights. With built-in classifiers, automated risk assessments, and AI-powered capabilities like Security Copilot, you can identify and mitigate threats, ensuring a compliant data security environment. Talhah Mir, Microsoft Purview's Principal Group Product Manager, shows how to transform your data security strategy with automated, intelligent risk management and maintain continuous protection across your organization.   ► QUICK LINKS: 00:00 - Build and maintain a strong data security posture 01:25 - Start in Microsoft Purview Portal 02:14 - Microsoft Purview solutions 03:39 - Analytic reports 04:39 - Take action 05:30 - AI app-focused view 06:13 - View trends 06:59 - Add Security Copilot capabilities 09:37 - Wrap up   ► Link References Get started at https://aka.ms/DSPM   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Microsoft Mechanics Podcast
Oversharing Control at Enterprise Scale | Updates for Microsoft 365 Copilot in Microsoft Purview

Microsoft Mechanics Podcast

Play Episode Listen Later Nov 21, 2024 11:35


Minimize risks that come with oversharing and potential data loss. Use Microsoft Purview and its new Data Security Posture Management (DSPM) for AI insights, along with new Data Loss Prevention policies for Microsoft 365 Copilot, and SharePoint Advanced Management, which is now included with Microsoft 365 Copilot. Automate site access reviews at scale and add controls to restrict access to sites if they contain highly sensitive information. Erica Toelle, Microsoft Purview Senior PM, shows how to control data visibility, automate site access reviews, and fine-tune permissions with Pilot, Deploy, Optimize phases. ► QUICK LINKS: 00:00 — Minimize risk of oversharing 01:24 — Oversharing scenarios 04:03 — How oversharing can occur 05:38 — Restrict discovery & limit access 06:36 — Scope sites 07:15 — Pilot phase 08:16 — Deploy phase 09:17 — Site access reviews 10:00 — Optimize phase 10:54 — Wrap up ► Link References Check out https://aka.ms/DeployM365Copilot  Watch our show on the basics of oversharing at https://aka.ms/SMBoversharing ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Telecom Reseller
Trustifi's Email Security Awareness Module Empowers MSPs to Help Companies Train & Protect Users, Podcast

Telecom Reseller

Play Episode Listen Later May 3, 2024


Recently, Trustifi, the premier provider of AI- and cloud-based email cyber security solutions, announced it is launching a new Email Security Awareness training module, a threat simulation tool that MSPs can offer to their end-customers. The module helps train network users to recognize and avoid phishing attacks, then goes a step further to provide actionable strategies, analytics, and reports that help administrators evaluate the module's results and enhance the protection of their networks. The Email Security Awareness tool identifies users who are most vulnerable to phishing attempts, allowing IT administrators to apply warning banners and training strategies to users who fall prey to the program's mock phishing attacks. The module and its campaigns can be conducted by the end-users' IT department, or by the managing MSP itself, depending on the customer/MSP business model. Information on the Email Security Awareness Module can be found here. Zack Schwartz In this podcast, Zack Schwartz, Vice President - Strategic Partnerships, discusses this new tool and opportunity for the MSP community. Trustifi is a cybersecurity firm featuring solutions delivered on a software-as-a-service platform including sophisticated AI-driven tools. Trustifi leads the market with the easiest-to-use and deploy email security products providing both inbound and outbound email security from a single vendor. The most valuable asset to any organization, other than its employees, is the data contained in its email, and Trustifi's key objective is keeping clients' data, reputations, and brands safe from all threats related to email. With Trustifi's Inbound Shield, Data Loss Prevention, Account Takeover Protection, and Email Encryption, clients are always one step ahead of attackers. www.trustifi.com Follow Trustifi: Twitter, LinkedIn, and Facebook.

Microsoft Mechanics Podcast
Extend your data security to Microsoft Fabric

Microsoft Mechanics Podcast

Play Episode Listen Later Mar 27, 2024 8:48


A unified solution for comprehensive data protection with Microsoft Fabric and Microsoft Purview. Extend the security measures of Microsoft 365 to your schematized data, ensuring consistent protection across your entire data estate. From detecting insider risks to mitigating data loss and unauthorized sharing, leverage advanced visibility and control to safeguard sensitive information effectively. Daniel Hidalgo, Microsoft Purview Product Manager, shares how to simplify your security strategy and gain deeper insights into data risks.   ► QUICK LINKS: 00:00 - Unified solution to prevent data loss and detect data risk 01:36 - Microsoft Fabric experience 02:53 - Confidential labels are automatically inherited 03:16 - Detect sensitive information with DLP policies 04:03 - Create and publish a label 04:59 - Define protections 05:50 - Data Loss Prevention experience in Microsoft Purview 06:57 - Insider Risk Management with Microsoft Fabric 07:39 - Visibility of sensitive data with Microsoft Purview 08:19 - Wrap Up   ► Link References: Check out https://aka.ms/PurviewforFabric Watch our shows on Insider Risk Management, check out https://aka.ms/IRMMechanics    ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

The Bid Picture - Cybersecurity & Intelligence Analysis

In this episode, host Bidemi Ologunde spoke with Yasir Ali, the Founder and CEO of Polymer, a smart data loss prevention platform for SaaS and AI that automates the protection of sensitive information across SaaS apps such as Google Drive, Slack, Microsoft Teams, and Zoom with a 15-minute install.Support the show

Microsoft Mechanics Podcast
Insider Risk in Conditional Access | Microsoft Entra + Microsoft Purview Adaptive Protection

Microsoft Mechanics Podcast

Play Episode Listen Later Mar 16, 2024 7:40


Protect your organization from insider threats with Microsoft Entra's Conditional Access and Adaptive Protection in Microsoft Purview. Automatically block access to critical assets when insider risk levels elevate, ensuring data security and compliance seamlessly. Set up custom policies based on risk levels and enforce strong authentication measures, safeguarding against data breaches. Gain control and visibility over insider activities without manual intervention, empowering proactive security measures. Erin Miyake, Microsoft Purview's Principal Product Manager shares how to enhance your data protection strategy.   ► QUICK LINKS: 00:00 - Insider Risk in Conditional Access 00:41 - Extend Conditional Access 01:20 - Privacy-first approach 01:56 - Configure policy indicators 03:21 - Adapt protections based on changing risk 04:13 - Set custom policies 05:27 - Set a Conditional Access policy for moderate risk users 06:12 - Insider risk level changing over time 07:04 - Wrap Up   ► Link References: For more about the policies you can set up go to https://aka.ms/IRM Mechanics Get started today at https://aka.ms/adaptiveprotection  Watch our series on Insider Risk Management at https://aka.ms/IRMMechanics   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Microsoft Mechanics Podcast
Protect data used in prompts with common AI apps | Microsoft Purview

Microsoft Mechanics Podcast

Play Episode Listen Later Mar 15, 2024 7:56


Protect data while getting the benefits of generative AI with Microsoft Defender for Cloud Apps and Microsoft Purview. Safeguard against shadow IT risks with Microsoft Defender for Cloud Apps, unveiling hidden generative AI applications. Leverage Microsoft Purview to evaluate data exposure, automating policy enforcement for enhanced security. Ensure compliance with built-in data protections in Copilot for Microsoft 365, aligned with organizational policies set in Microsoft Purview, while maintaining trust and mitigating risks seamlessly across existing and future cloud applications. Erin Miyake, Microsoft Purview's Principal Product Manager, shares how to take a unified approach to protecting your data. ► QUICK LINKS: 00:00 - Secure your data for generative AI 01:16 - App level experiences 01:46 - Block based on data sensitivity 02:45 - Admin experience 03:57 - Microsoft Purview AI Hub 05:08 - Set up policies 05:53 - Tailor policies to your needs 06:35 - Set up AI Hub in Microsoft Purview 07:09 - Wrap Up   ► Link References: For information on Microsoft Defender for Cloud Apps go to https://aka.ms/MDA Check out Microsoft Purview capabilities for AI go to https://aka.ms/PurviewAI/docs Watch our episode on Copilot for Microsoft 365 data protections at https://aka.ms/CopilotAdminMechanics Watch our episode about Data Loss Prevention policy options at https://aka.ms/DLPMechanics   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Microsoft 365 Voice
Episode 110 – What are all the Data Loss Prevention tools in M365?

Microsoft 365 Voice

Play Episode Listen Later Mar 6, 2024 19:29


https://www.youtube.com/embed/l5_F2hnOuQA

Packet Pushers - Heavy Networking
HN709: Protecting Data, Apps With Cloud DLP And CASB (Sponsored)

Packet Pushers - Heavy Networking

Play Episode Listen Later Nov 10, 2023 40:27


Cloud environments often have poor visibility and monitoring, and controlling access to sensitive corporate data is difficult. We speak with sponsor Palo Alto Networks about how it integrates CASB and Data Loss Prevention to control Web access and prevent sensitive information from leaking from your organization. The post HN709: Protecting Data, Apps With Cloud DLP And CASB (Sponsored) appeared first on Packet Pushers.

Packet Pushers - Full Podcast Feed
HN709: Protecting Data, Apps With Cloud DLP And CASB (Sponsored)

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Nov 10, 2023 40:27


Cloud environments often have poor visibility and monitoring, and controlling access to sensitive corporate data is difficult. We speak with sponsor Palo Alto Networks about how it integrates CASB and Data Loss Prevention to control Web access and prevent sensitive information from leaking from your organization. The post HN709: Protecting Data, Apps With Cloud DLP And CASB (Sponsored) appeared first on Packet Pushers.

Packet Pushers - Fat Pipe
HN709: Protecting Data, Apps With Cloud DLP And CASB (Sponsored)

Packet Pushers - Fat Pipe

Play Episode Listen Later Nov 10, 2023 40:27


Cloud environments often have poor visibility and monitoring, and controlling access to sensitive corporate data is difficult. We speak with sponsor Palo Alto Networks about how it integrates CASB and Data Loss Prevention to control Web access and prevent sensitive information from leaking from your organization. The post HN709: Protecting Data, Apps With Cloud DLP And CASB (Sponsored) appeared first on Packet Pushers.

ITSPmagazine | Technology. Cybersecurity. Society
The Future of Secure Business Browsing: Isolation and Protection | Browser Security : Isolation-101 | A SecTor Event Coverage Conversation with Evgeniy Kharam

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Oct 13, 2023 36:35


Guest: Evgeniy Kharam, Cybersecurity Professional, Security Architecture Podcast [@secarchpodcast]On Linkedin | https://www.linkedin.com/in/ekharam/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________Episode NotesIn this episode of the Redefining CyberSecurity Podcast, host Sean Martin is joined by Evgeniy Kharam to explore the world of browser security and browser isolation. They discuss the user experience and the policies that organizations can apply to protect against security threats.The conversation delves into the concept of remote browser isolation and its application in ensuring user safety when visiting unknown or malicious websites. They also dive into the benefits of using enterprise browsers and the control they provide over website access, malware scanning, data loss prevention, and more.The episode touches on the impact of browser security on security programs, team structures, and the tech stack. They discuss the relatively new browser security space and its potential to disrupt the SASE and SSE markets. Evgeniy shares insights into the potential transformation of the cybersecurity landscape and predicts that endpoint solutions may incorporate isolation technology. The episode concludes with a preview of Evgeniy's upcoming session at the SecTor security conference in Toronto, where he will dive deeper into browser security isolation.Overall, this episode offers valuable insights into the evolving world of browser security and its potential impact on cybersecurity practices. Listeners can expect an engaging conversation that combines technical knowledge with practical applications.About Evgeniy's SecTor Session: There has been renewed hype about adding more security efforts around the browser. New security startups and the bigger players as well have been making the case that because browsing is such an inherent part of our work and personal lives, we should address phishing and other attacks there. After interviewing and analyzing the offerings of many providers, I will share my findings and perspective on the market. This session will go over key points on how such a technology might be used in your organization, the pitfalls and how it fits in with / competes with other product suites like SASE and EDR. What you will learn:- Use cases for browser isolation/enterprise browser- ZTNA using browser isolation/enterprise browser- Where browser isolation/enterprise browser fits in an environment- Vendor land space- What we should expect in the next 12-18 months____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Redefining CyberSecurity
The Future of Secure Business Browsing: Isolation and Protection | Browser Security : Isolation-101 | A SecTor Event Coverage Conversation with Evgeniy Kharam

Redefining CyberSecurity

Play Episode Listen Later Oct 13, 2023 36:35


Guest: Evgeniy Kharam, Cybersecurity Professional, Security Architecture Podcast [@secarchpodcast]On Linkedin | https://www.linkedin.com/in/ekharam/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________Episode NotesIn this episode of the Redefining CyberSecurity Podcast, host Sean Martin is joined by Evgeniy Kharam to explore the world of browser security and browser isolation. They discuss the user experience and the policies that organizations can apply to protect against security threats.The conversation delves into the concept of remote browser isolation and its application in ensuring user safety when visiting unknown or malicious websites. They also dive into the benefits of using enterprise browsers and the control they provide over website access, malware scanning, data loss prevention, and more.The episode touches on the impact of browser security on security programs, team structures, and the tech stack. They discuss the relatively new browser security space and its potential to disrupt the SASE and SSE markets. Evgeniy shares insights into the potential transformation of the cybersecurity landscape and predicts that endpoint solutions may incorporate isolation technology. The episode concludes with a preview of Evgeniy's upcoming session at the SecTor security conference in Toronto, where he will dive deeper into browser security isolation.Overall, this episode offers valuable insights into the evolving world of browser security and its potential impact on cybersecurity practices. Listeners can expect an engaging conversation that combines technical knowledge with practical applications.About Evgeniy's SecTor Session: There has been renewed hype about adding more security efforts around the browser. New security startups and the bigger players as well have been making the case that because browsing is such an inherent part of our work and personal lives, we should address phishing and other attacks there. After interviewing and analyzing the offerings of many providers, I will share my findings and perspective on the market. This session will go over key points on how such a technology might be used in your organization, the pitfalls and how it fits in with / competes with other product suites like SASE and EDR. What you will learn:- Use cases for browser isolation/enterprise browser- ZTNA using browser isolation/enterprise browser- Where browser isolation/enterprise browser fits in an environment- Vendor land space- What we should expect in the next 12-18 months____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Microsoft Partner Podden
Bli redo för M365 Copilot

Microsoft Partner Podden

Play Episode Listen Later Oct 2, 2023 34:45


Lanseringen av Microsoft 365 Copilot står inför dörren. Vi tog ett prat med Anders Olsson från Onevinn om hur man gör sig redo för att användandet av Copilot ska fungera så bra som möjligt och så säkert som möjligt. Vi kommer in på ämnen som Purview Data Governance, Information Protection, Data Loss Prevention och mycket annat.Learning pathhttps://learn.microsoft.com/en-us/training/paths/prepare-your-organization-microsoft-365-copilot/Anders artikel om hur man säkrar upp MIcrosoft 365 Copilothttps://itsakerhetsguiden.se/2023/09/24/secure-your-microsoft-365-copilot-journey/ Hosted on Acast. See acast.com/privacy for more information.

Microsoft Mechanics Podcast
Data Security Exploit Real Crime Case + How Microsoft Purview is Designed to Detect & Respond

Microsoft Mechanics Podcast

Play Episode Listen Later Sep 12, 2023 5:20


Detect and prevent data security incidents with Microsoft Purview. Combine data classification with proactive and adaptive data loss prevention policies aligned to the assessed insider risk level for a multi-layered approach. Trusted insiders working for your organization contribute to 25% of data breaches. Many of these breaches remain undetected or are discovered long after the damage is done. We deconstruct what occurred at a prominent company with an account inspired by a true story of corporate espionage and how Microsoft Purview is designed to detect and prevent this type of data security incident. ► QUICK LINKS: 00:00 - Detect and prevent data security incidents 00:29 - Watch a real crime case 02:06 - Data security strategies 02:55 - Secure data with policies 04:10 - Insider Risk Management 04:40 - Wrap up ► Link References: Check out our comprehensive series at https://aka.ms/DataSecurityMechanics ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics  

RunAs Radio
Securing Sprawling Services with Karinne Bessette

RunAs Radio

Play Episode Listen Later Jul 19, 2023 33:05


How do you secure the sprawling array of services your organization depends on? Richard talks to Karinne Bessette about her experiences working with companies with virtually no internal infrastructure - using Software-as-a-Service products from various providers and finding their glue to keep multiple bits working together. Karinne talks about putting together teams to understand how workflows function first - then trying to put some governance around it. Single sign-on is a great place to start, but the solutions depend on what tools you're using. This is the new reality we're working in - we must find a way to secure it!Links:Azure Single Sign OnOktaZero TrustData Loss PreventionAzure PurviewMicrosoft SyntexRecorded June 5, 2023

Google Workspace Recap
Customize Error Messages in Google Chat Data Loss Prevention Rules, Pin Links in Admin Console Nav..

Google Workspace Recap

Play Episode Listen Later Jul 11, 2023 20:51


Short show and an early release this week as my schedule finally returns to normal. This intro is a fun one as we test out my new XLR interface device the Rode Streamer X. My nerdy shirt of the week is another awesome one from  @LAWRENCESYSTEMS, go check out their channel and swag to get your own :-D I want to give a special shoutout to our friends at Jamf who have been helping us bring you these weekly updates for sponsoring us. If you're juggling Apple devices and Google Workspace, you need to know about Jamf. They're experts at seamlessly integrating Apple devices into your Google IT ecosystem. With their Google and Jamf integrations, you can easily manage Chrome for safe browsing and achieve that coveted zero-trust security using Google Identity. You've probably heard of them already, and if not head over to https://www.jamf.com/workspacerecap Thank you to everyone who subscribed to the channel and has allowed us to reach the 500 subscribers milestone, on to 1000! Please share us with your friends!

EM360 Podcast
BlackFog: DLP is Dead - Long Live Data Exfiltration!

EM360 Podcast

Play Episode Listen Later May 31, 2023 16:31


Data exfiltration has become a serious issue for companies in today's world.The unauthorised removal and theft of company data are becoming more commonplace as cybercriminals become more sophisticated in their attacks. A good Data Loss Prevention, or DLP, strategy used to be enough to help protect the enterprise from malicious attacks, but has this changed? Is DLP dead?In this episode of the EM360 Podcast, Analyst Richard Stiennon speaks to Darren Williams, CEO and Founder at Blackfog, as they discuss:The current state of cybersecurityHow companies are struggling to protect their dataDifferences between anti data exfiltration and DLP

Microsoft Mechanics Podcast
Can security be automatic for your files and data? | Microsoft Purview

Microsoft Mechanics Podcast

Play Episode Listen Later Apr 24, 2023 4:14


Detect data loss, exfiltration, and data theft with intelligent automation solutions in Microsoft Purview. Data lives across apps, databases, and in file sharing locations inside and outside your infrastructure. It can be stored on devices and removable media, and it travels with each interaction. Secure data with a scalable and automated approach— discover and understand the growing volume of sensitive data, apply protections that follow data wherever it lives or travels, take preventative action when there's a risk of data loss, and elevate or lower data protections based on individual users to balance productivity with data security. Information Protection, Data Loss Prevention, and Insider Risk Management provide a unified platform in Microsoft Purview for intelligent, automated data protection. ► QUICK LINKS: 00:00 - Introduction 00:45 - Intelligent data security 01:29 - Information Protection 01:53 - Data Loss Prevention 02:22 - Insider Risk Management 03:00 - Example of information protection 03:55 - Wrap up ► Link References: Watch our series on Microsoft Purview at https://aka.ms/DataSecurityMechanics ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

Digital Dispatch Podcast
The Role of IT in a 3PL with Ezey Peralta

Digital Dispatch Podcast

Play Episode Listen Later Apr 20, 2023 62:29 Transcription Available


In this episode of Everything is Logistics, Blythe Brumleve interviews Ezequiel (Ezey) Peralta, the VP of Technology at SPI Logistics, about the role of IT in 3PL. Ezey talks about his early background in technology and databases, including creating software for his own small businesses. He then goes on to describe his work with SPI Logistics on developing data warehouses and analytics solutions. The discussion highlights the importance of investing in IT infrastructure for 3PLs and the significant role it plays in optimizing their operations.LINKS: Connect with Ezey via email at eperalta@spi3pl.com TIME STAMPS: [00:03:09] Building a database.[05:14] Designing databases and data modeling.[00:08:49] Data Loss Prevention.[00:13:08] Talking to team before implementing.[00:16:42] SPI's tech stack.[00:22:24] Freight management flexibility.[00:28:17] Automating the onboarding process.[00:30:30] Benefits of tech transition.[00:35:37] Cybersecurity risks in remote work.[00:41:15] AI and Chat GPT technology.[00:43:28] Chat GPT and business processes.[00:46:16] Digital matching of freight.[00:53:31] Improving carrier relationships.[00:55:10] TMS Integration and Customization.---------------------------------------------THANK YOU TO OUR SPONSORS!At SPI Logistics they have industry-leading technology, systems, and back-office support to help you succeed. Learn more about SPI's freight agent program here. Make sure to let them know we sent you!Digital Dispatch helps you speak confidently about ROI with a website built for your customers, prospects, and employees. With plans starting as low as $90/month, learn how you can take your website from good to great by visiting Digital Dispatch. ---------------------------------------------ABOUT THE PODCAST: Everything is Logistics is a podcast for the thinkers in freight. Subscribe to our newsletter to never miss an episode. Follow EIL host Blythe Brumleve on social: Twitter | LinkedIn| Instagram| TikTok| YouTube

Uncovering Hidden Risks
Cloud Native Data Loss Prevention: The Future of Data Security

Uncovering Hidden Risks

Play Episode Listen Later Mar 22, 2023 26:46


Maithili Dandige, Partner Group Product Manager at Microsoft, joins Erica Toelle and guest host Shilpa Bothra on this week's episode of Uncovering Hidden Risks. Maithili's team is behind Microsoft Purview products such as Information Protection, Data Loss Prevention, Data Lifecycle Management, Records Management, eDiscovery, and Audit. Maithili discusses Data Loss Prevention, some recent DLP research, and what's upcoming in this space.     In This Episode You Will Learn:       The journey of DLP solutions and where the market is today  What customers should be expecting from DLP solution providers  The benefits of adopting a cloud-native solution    Some Questions We Ask:      What do you see as the future of DLP space?   How can you empower your users to make the right data-handling decisions?    What trends do you currently see evolving?     Resources:     View Maithili Dandige on LinkedIn  View Shilpa Bothra on LinkedIn  View Erica Toelle on LinkedIn    Related Microsoft Podcasts:            Listen to: Afternoon Cyber Tea with Ann Johnson    Listen to: Security Unlocked       Listen to: Security Unlocked: CISO Series with Bret Arsenault        Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Uncovering Hidden Risks is produced by Microsoft and distributed as part of The CyberWire Network.  

NextExec - EWF
Season 4 Episode 6 - A Day in the Life: Data Protection and Privacy, Diane Tran

NextExec - EWF

Play Episode Listen Later Feb 24, 2023 22:12


In this episode, Aparna Kadari speaks with Diane Tran about her role in the Data Protection Space. Diane shares the challenges organizations face to protect data in this Global age, the support system she has had in her family and how she continues to be a trailblazer supporting women in the Information Security space. She encourages women to hone their craft and create work life harmony in all areas of their lives. Please enjoy. HOST:Aparna Kadari is an Information Security Director for Operations, Endpoint Security, and Cloud Protection Engineering teams at Fannie Mae.  She has an MBA with a double major in Pharmaceutical and Chemical Management from Fairleigh Dickinson University, and a minor in International Business from Wroxton College, Oxfordshire, UK. She is an avid Cyber Security speaker and an active blogger. She also writes poetry and has four anthologies published to her credit. She continues to be a mentor at the Girls in Technology (GIT) and Women in Technology (WIT); served as Vice-Chair for the WIT Mentor - Protege program, and as the ATA Convention Women's Forum Chair. She has been involved with community give-back organizations like ASCEND ( a Pan-Asian Leadership group), Executive Women's Forum, developed online awareness campaigns such as STOP Elder Abuse (SEA), continues to advocate for equity for women in STEM and meritocracy in our education system.SPEAKER:Diane Tran is an innovative leader with a unique background consisting of cross-disciplinary skills and experience in Data Protection and Privacy, Information Security and Information Technology. As a leader, she strives for continuous improvement while leading high-performance teams in diverse and dynamic environments. She currently leads the Data Protection program with a big focus on Data Loss Prevention. The program's objective is to ensure data is well protected while supporting regulatory mandates and business priorities. It includes the development and implementation of enterprise-wide data management policies, control & governance frameworks, and technical capabilities.Support the show

21st Century Entrepreneurship
Yasir Ali: How Entrepreneurs Can Protect Sensitive Data in the Cloud

21st Century Entrepreneurship

Play Episode Listen Later Feb 16, 2023 28:13


Yasir Ali, a cloud security expert and CEO Polymer-Data Governance & Security with No Code DLP, joined the podcast to discuss how organizations can better protect sensitive data in the cloud. He spoke about the challenges of collaboration when working with cloud applications, how a lack of data security protocols can lead to a breach and the importance of having proper risk mitigation strategies. Yasir spoke about a no-code data loss prevention solution that helps organizations automatically monitor and detect sensitive files, as well as create policies around what is considered to be sensitive. He also discussed their hosted solution for free users, their business model and pricing, and his experience on Wall Street. In addition to discussing how Polymer works to protect data, he also touched on risk mitigation strategies for data loss prevention software, the importance of resiliency in managing cyber security risks, and his vision for taking Polymer public within five years. Listen to this episode of 21st Century Entrepreneurship with Yasir Ali to learn more about data loss prevention solutions, risk mitigation strategies, and what it takes to build a successful cloud security product. Don't miss out!

Secure Talk - Cybersecurity
Best Practices for Cybersecurity Practitioners

Secure Talk - Cybersecurity

Play Episode Listen Later Feb 10, 2023 44:57


Luis Valenzuela is Director, Data Loss Prevention & Data Governance for InComm Payments. He is also a CISSP and PMP. Luis talks about best practices for data loss prevention, data governance, and cybersecurity leadership. He also provides insights and advice related to transitioning to a career in cybersecurity, career advancement and the importance of continual leadership and subject matter-specific learning. InComm Payments https://www.incomm.com/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Microsoft Mechanics Podcast
Risk-based automatic DLP policy adjustment with Adaptive Protection | Microsoft Purview

Microsoft Mechanics Podcast

Play Episode Listen Later Feb 6, 2023 8:27


Adjust the strength of your data protection automatically based on the calculated data security risk levels of users. Stringent controls are applied to high risk users, while low risk users continue to work productively with the right controls in place—all done automatically. Alleviate your security team's burden from manually fine tuning policies. Elevate your existing Data Loss Prevention controls for content. Talhah Mir, Principal PM for Insider Risk Solutions, shares how to use Adaptive Protection to address the most critical risks, while saving time. Balance data security and productivity with the Adaptive Protection capability in Microsoft Purview. ► QUICK LINKS: 00:00 - Introduction 00:45 - How Adaptive Protection works 01:57 - Cumulative Exfiltration Anomaly Detection Model 02:58 - Data Security Risk Level 04:17 - Admin views 05:09 - Enable Adaptive Protection 05:55 - Customization 06:59 - DLP Policies 07:56 - Wrap up ► Link References: Try it out at https://aka.ms/PurviewTrial More on Adaptive Protection at https://aka.ms/adaptiveprotection ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/website ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

Microsoft Mechanics Podcast
Data Loss Prevention across endpoints, apps, & services | Microsoft Purview

Microsoft Mechanics Podcast

Play Episode Listen Later Feb 6, 2023 12:43


Protect sensitive data everywhere you create, view, and access information with one Data Loss Prevention policy in Microsoft Purview. From email, SharePoint and OneDrive accounts, to Microsoft 365 apps including Microsoft Teams, files managed on device endpoints for both Windows and macOS, as well as non-Microsoft cloud apps and services, and file share servers running on-premises or in the cloud. One policy protects data across all these locations and services. Cloud-native protection is built into apps, services, and devices, eliminating the need to add solutions, deploy agents, or configure policies in multiple locations. Shilpa Bothra, Product Marketing Manager for Microsoft Purview DLP, shares how to keep data safe and users productive with differentiated data restrictions in place. ► QUICK LINKS: 00:00 - Introduction 02:29 - Prereqs to configure Endpoint DLP 05:25 - Policy demo 08:12 - Customization and business justification 10:18 - Monitor your policy 11:27 - Migrate Symantec DLP to Purview DLP 11:50 - Wrap up ► Link References: Watch our Microsoft Purview series at https://aka.ms/DataSecurityMechanics Information on Data Loss Prevention at https://aka.ms/DLPDocs Details about advanced classification methods at https://aka.ms/DLPadvancedclassification ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/website ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

durch die bank
Data Loss Prevention – Schutz für die Reputation der Bank

durch die bank

Play Episode Listen Later Jan 20, 2023 18:55


Sensible und personenbezogene Daten gehören zum Kerngeschäft eines jeden Instituts. Entsprechend hoch sind die Anforderungen an den Schutz vor „Data Loss“, sprich dem ungewünschten Abfluss sensibler Daten. Warum Banken und Finanzdienstleister unbedingt eine Data Loss Prevention (DLP) haben sollten und welche Herausforderungen die Implementierung und der Betrieb mit sich bringen, erläutert Bastian Bolender, Head of Information Security der UBS Europe. Neben der Integration ins gesamte Informations- oder Cyber-Schutzkonzept der Bank geht es auch darum, auf allen Ebenen – von der Geschäftsleitung bis hin zu den Mitarbeitern – ein Bewusstsein für die Thematik zu schaffen.

The Cyber Ranch Podcast
Managing Careers with Luis Valenzuela

The Cyber Ranch Podcast

Play Episode Listen Later Jan 11, 2023 30:54


This episode is jam-packed with wisdom that is delivered at a rapid pace.  Some folks will find themselves rewinding and taking notes.  Luis Valenzuela, Director of Data Loss Prevention and Data Governance at InComm Payments, joins Allan Alford to talk about managing careers - how to manage your own, and, for leaders, how to help your team manage theirs.  Topics include: - Pivotal career transitions - Is a plan _really_ required? - Principles, foundations, and successful behaviors - Practical steps and resources - Is the power of envisioning enough? - Tactical and other tips   Y'all enjoy this one, now!

RunAs Radio
M365 Governance in 2023 with Martina Grom

RunAs Radio

Play Episode Listen Later Jan 4, 2023 33:08


What are the new governance challenges in M365? Richard chats with Martina Grom about her ongoing work helping organizations provide governance over the growing surface area of Microsoft 365. Martina talks about the challenges around identity and multi-factor authentication and the improvements that Microsoft is making to MFA to make it easier for users to do the right thing. The conversation also turns to data loss prevention and the approaches to minimizing a company's legal exposure to data loss - starting with not storing data if you can avoid it! Martina also talks about the new challenges in governance with Power Apps, including the tools available to help sysadmins see what apps exist, how they touch data, and what privacy and security controls are in place. Governance is an ongoing effort!Links:Microsoft EntraPrivileged Identity ManagementPrivileged Access ManagementAzure PurviewData Loss PreventionCalifornia Consumer Privacy ActMicrosoft Power Platform Center of Excellence Starter KitPower Platform Usage InsightsChanges to Microsoft AuthenticatorMicrosoft Purview Insider RiskCollaboration GovernanceCloud Hub for EvergreeningAtWork BlogRecorded December 13, 2022

CISO Tradecraft
#101 - SaaS Security Posture Management (with Ben Johnson)

CISO Tradecraft

Play Episode Listen Later Oct 24, 2022 40:07


Special Thanks to our podcast sponsor, Obsidian Security.   We are really excited to share today's show on SaaS Security Posture Management.  Please note we have Ben Johnson stopping by the show so please stick around and enjoy.  First let's go back to the basics: Today most companies have already begun their journey to the cloud.  If you are in the midst of a cloud transformation, you should ask yourself three important questions:   How many clouds are we in? What data are we sending to the cloud to help the business? How do we know the cloud environments we are using are properly configured? Let's walk through each of these questions to understand the cyber risks we need to communicate to the business as well as focus on one Cloud type that might be forecasting a major event.  First let's look at the first question.   How many clouds are we in?  It's pretty common to find organizations still host data in on premises data centers.  This data is also likely backed up to a second location just in case a disaster event occurs and knocks out the main location.  Example if you live in Florida you can expect a hurricane.  When this happens you might expect the data center to lose power and internet connectivity.  Therefore it's smart to have a backup location somewhere else that would be unlikely to be impacted by the same regional event.  We can think of our primary data center and our backup data center as an On-Premises cloud.  Therefore it's the first cloud that we encounter.   The second cloud we are likely to encounter is external.  Most organizations have made the shift to using Cloud Computing Service providers such as Amazon Web Services, Azure, Google Cloud Platform, or Alibaba.  Each of these cloud providers has a multitude of offerings designed to help organizations reduce the need to host IT services on premises.  Now if you are using both on-premises and a cloud computing provider such as AWS, congratulations you are in what is known as a hybrid cloud environment.  If you use multiple cloud computing providers such as AWS and Azure then you are in a multi-cloud environment.  Notice the difference between terms.  Hybrid cloud means you host on premises and use an external cloud provider, whereas multi-cloud means you use multiple external cloud providers.  If you are using a Common Cloud platform like AWS, Azure, or GCP then you can look into a Gartner Magic Quadrant category known as Cloud Workload Protection Platforms.  Here you might encounter vendors like Palo Alto Prisma Cloud, Wiz, or Orca who will provide you with recommendations for your cloud configuration settings. So let's say your organization uses on premises and AWS but not Azure or GCP.  Does that mean you only have two clouds?  Probably not.  You see there's one more type of cloud hosted service that you need to understand how to defend.  The most common cloud model organizations leverage is Software as a Service commonly pronounced as (SaaS). Frankly we don't hear about SaaS security being discussed much which is why we are doing a deep dive on its security in this episode.  We think there's a real danger of SaaS clouds turning from a nice cloud that gently cools down a hot summer day into a severe weather storm that can cause an event.  So let's look at SaaS Security in more depth.   SaaS refers to cloud hosted solutions whereby vendors maintain most everything.  They run the application, they host the data, they host runtime environments, middleware, operating systems, virtualization technologies, servers, storage, and networking.  It can be a huge win to run SaaS solutions since it minimizes the need to have IT staff running all of these IT services.  Example: Hiring HVAC folks to ensure we have proper heating and cooling for servers on premises won't add new sales revenue to the business.   Now that you understand why SaaS is important you should ask yourself.  How many external SaaS providers are we sending sensitive data to?  Every company is different but most can expect to find dozens to hundreds of SaaS based solutions.  Examples of external SaaS solutions commonly encountered by most businesses include:  Service Now or Jira in use as a ticketing service,  Salesforce for customer relationship management Workday for HR information G Suite or Microsoft Office 365 in use to send emails and create important documents Github as a source code repository for developers Zoom for virtual teleconferences Slack for instant messaging like conversations Okta for Identity and Access Management Once you build out an inventory of your third parties hosted SaaS solutions, you need to understand the second question.  What kind of data is being sent to each service?  Most likely it's sensitive data.  Customer PII and PCI data might be stored in Salesforce, Diversity or Medical information for employees is stored in Workday, Sensitive Algorithms and proprietary software code is stored in GitHub, etc.  OK so if it is data that we care about then we need to ensure it doesn't get into the wrong hands.  We need to understand why we care about SaaS based security which is commonly known as SaaS Security Posture Management.  Let's consider the 4 major benefits of adopting this type of service.   Detection of Account Compromise.  Today bad actors use man in the middle attacks to trick users to give their passwords and MFA tokens to them.  These attacks also provide the session cookie credentials that allow a website to know a user has already been authenticated.  If attackers replay these session cookie credentials there's no malware on the endpoints.  This means that Antivirus and EDR tools don't have the telemetry they need to detect account compromise.  Therefore, you need log data from the SaaS providers to see anomalous activity such as changing IP addresses on the application.  Note we talked about this attack in much more detail on episode 87 From Hunt Team to Hunter with Bryce Kunze.   In addition to detecting account compromises, we see that SaaS security posture management solutions also improve detection times and response capabilities.  Let's just say that someone in your organization has their login credentials to Office 365 publicly available on the dark web.  So a bad actor finds those credentials and logs into your Office 365 environment.  Next the bad actor begins downloading every sensitive file and folder they can find.  Do you have a solution that monitors Office 365 activity for Data Loss Prevention?  If not, then you are probably going to miss that data breach.  So be sure to implement solutions that both log and monitor your SaaS providers so you can improve your SaaS incident detection and response capabilities. A third benefit we have seen is improvements to configuration and compliance.  You can think of news articles where companies were publicly shamed when they lost sensitive data by leaving it in a Public Amazon S3 bucket when it should have been private.  Similarly there are settings by most SaaS solutions that need to be configured properly.  The truth is many of these settings are not secure by default.  So if you are not looking at your SaaS configurations then access to sensitive data can become a real issue.  Here's an all too common scenario.  Let's say your company hires an intern to write a custom Salesforce page that shows customer documents containing PII.  The new intern releases updates to that webpage every two weeks.  Unfortunately the intern was never trained on all of the Salesforce best practices and creates a misconfiguration that allows customer invoices to be discovered by other customers.  How long would this vulnerability be in production before it's detected by a bad actor?  If you think the answer is < 90 days, then performing yearly penetration tests is probably too slow to address the brand damage your company is likely to incur.  You need to implement a control that finds vulnerabilities in hours or days not months.  This control might notify you of compliance drift in real time when your Salesforce configuration stopped meeting a CIS benchmark.  Now you could pay a penetration testing provider thousands of dollars each week to continually assess your Salesforce environment, but that would become too cost prohibitive.  So focus on being proactive by switching from manual processes such as penetration testing to things that can be automated via tooling The fourth major benefit that we observe is proper access and privilege management. Here's one example.  For critical business applications you often need to enforce least privilege and prevent the harm that one person can cause.  Therefore, it's common to require two or more people to perform a function.  Example: One developer writes the new code for a customer facing website, another developer reviews the code to detect if there's any major bugs or glaring issues that might cause brand damage.  Having a solution that helps mitigate privilege creep ensures that developers don't increase their access.  Another example of the importance to proper access management occurs when bad employees are fired.  When a bad employee is fired, then the company needs to immediately remove their access to sensitive data and applications.  This is pretty easy when you control access via a Single Sign On solution.  Just disable their account in one place.  However many SaaS providers don't integrate with SSO/SAML.  Additionally the SaaS website is generally internet accessible so people can work from home even if they are not on a corporate VPN.  Therefore it's common to encounter scenarios where bad employees are fired and their account access isn't removed in a timely manner.  The manager probably doesn't remember the 15 SaaS accounts they granted to an employee over a 3 year time frame.  When fired employees are terminated and access isn't removed you can generally expect an audit finding, especially if it's on a SOX application.   OK so now that we talked about the 4 major drivers of SaaS Security Posture Management (detection of account compromise, improved detection and response times, improvements to configuration and compliance, and proper access and privilege management) let's learn from our guest who can tell us some best practices with implementation. Now I'm excited to introduce today's guest:  Ben Johnson Live Interview Well thanks again for taking time to listen to our show today.  We hoped you learning about the various clouds we are in (On Premises, Cloud Computing Vendors, and SaaS), Understanding the new Gartner Magic Quadrant category known as SaaS Security Posture Management.  So if you want to improve your company's ability on SaaS based services to: detect account compromise,  improve detection and response times,  improve configuration and compliance, and  proper access and privilege management  Remember if you liked today's show please take the 5 seconds to leave us a 5 star review with your podcast provider.  Thanks again for your time and Stay Safe out there.  

The Tech Blog Writer Podcast
2092: No-Code Data Loss Prevention for SaaS

The Tech Blog Writer Podcast

Play Episode Listen Later Sep 3, 2022 24:32


Polymer is a no-code Data Loss Prevention (DLP) platform that allows companies to monitor, auto-remediate & apply behavioral techniques to reduce the risk of insider threats, sensitive data misuse & leakage over 3rd Party SaaS platforms. It focuses on SaaS platform data security because that is a 'dark web' of sorts for organizations where data controls generally do not exist. Additionally, most SaaS applications' high collaboration focus makes it easy to lose or exfiltrate sensitive data. Data Loss Prevention is no longer a technical problem but a business risk, especially in a remote/hybrid work environment. In addition, information security resiliency is critical in the cloud-first infrastructure where the tech stack is no longer a clear set of boxes (like it used to be for on-premises tech architecture) but rather a mishmash of SaaS and an overlapping set of technology services. Often in infosec, teams view security as a 0 or 1 problem-either I am secured (check box) or I am not. As an ex-wall street bond trader, Yasir Ali looks at risk on a more probabilistic gradient. By deploying mitigating controls and nudging the workforce to behave responsibly, one can make any organization's information security posture resilient.

Microsoft Cloud IT Pro Podcast
Episode 296 – Microsoft Purview data loss prevention

Microsoft Cloud IT Pro Podcast

Play Episode Listen Later Aug 25, 2022 34:03


In Episode 296, Ben and Scott continue their whirlwind tour of Microsoft Purview by turning their attention to the data loss prevention capabilities that fall under the Purview banner. They talk through what you can do with DLP policies and things to consider as you start to configure them. Like what you hear and want to support the show? Check out our membership options. Show Notes How the Graph X-Ray Tool Helps PowerShell Developers (office365itpros.com) Microsoft Purview- Paint By Numbers Series (Part 0) - Overview - Microsoft Tech Community Learn about data loss prevention - Microsoft Purview (compliance) | Microsoft Docs Using Endpoint DLP - Microsoft Purview (compliance) | Microsoft Docs Learn about the default DLP policy in Microsoft Teams (preview) - Microsoft Purview (compliance) | Microsoft Docs Get started with the default DLP policy - Microsoft Purview (compliance) | Microsoft Docs Get started with the DLP Alerts dashboard - Microsoft Purview (compliance) | Microsoft Docs About the sponsors Intelligink utilizes their skill and passion for the Microsoft cloud to empower their customers with the freedom to focus on their core business. They partner with them to implement and administer their cloud technology deployments and solutions. Visit Intelligink.com for more info.

The SysAdmin DOJO Podcast
Just How Secure is Outlook Really?

The SysAdmin DOJO Podcast

Play Episode Listen Later Aug 23, 2022 45:51


In this episode, we welcome security expert Gil Blumberg to the show! Gil has been working in various roles in security for several years now and has some highly useful insights into the world of cybersecurity and M365! We discuss the findings of our survey on email security in which we polled a large cross-section of the IT community with questions about M365 security. Email continues to be the primary method of communication for business today, and with that in mind, it's no wonder that threat actors continue to use email to make inroads into target organizations. With this survey, we wanted to find out what types of attacks respondents are seeing, what common vectors they're running into, as well as the impact of these attacks. Some of the findings have huge implications for the M365 security landscape. For example, did you know that there are some organizations not leveraging features like MFA and Exchange Online Protection? We were shocked as well! In This Episode Is Microsoft 365 Keeping you Safe - A Survey Introduction? - 3:13 1 in 4 companies reported a “known” email security breach - 5:24 What are common vectors of attack for email security threats? - 7:10 Are there still companies out there not using MFA? - 12:11 How does Conditional Access help with MFA? - 18:06 Are people using digitally signed messages or message encryption? - 23:32 Are the Data Loss Prevention features in M365 helpful for organizations? - 30:01 Does company size play a factor in whether or not they are a target by attackers? - 39:00 Resources for This Episode Hornetsecurity Email Security Survey Findings Security Incident Survey Findings Conditional Access on the DOJO A History of Message Encryption Podcast Episode with Paul on Microsoft 365 Licensing

Minuto do Conhecimento
Minuto do Conhecimento - Data Loss Prevention (DLP)

Minuto do Conhecimento

Play Episode Listen Later Aug 12, 2022 1:25


Já ouviu falar em Data Loss Prevention (DLP)? Descubra como essa estratégia pode impactar o seu negócio no episódio do Minuto do Conhecimento de hoje.

Mission Matters Podcast with Adam Torres
The Importance of Data Loss Prevention

Mission Matters Podcast with Adam Torres

Play Episode Listen Later Aug 1, 2022 15:30


Data loss prevention is an area that more business owners are turning their attention to. In this episode,  Adam Torres and Yasir Ali, CEO and Founder of Polymer DLP SaaS, explore what executives need to know about data loss prevention.  Follow Adam on Instagram at https://www.instagram.com/askadamtorres/ for up to date information on book releases and tour schedule.Apply to be interviewed by Adam on our podcast:https://missionmatters.lpages.co/podcastguest/Visit our website:https://missionmatters.com/

Software Engineering Daily
Data Loss Prevention with Yasir Ali

Software Engineering Daily

Play Episode Listen Later Apr 29, 2022 40:55 Very Popular


Data loss can occur when large data sources such as Slack or Google Drive get leaked. In order to detect and avoid leaks, a data asset graph can be built to understand the risks of a company environment. Polymer is a data loss prevention product that helps companies avoid problematic data leaks. Yasir Ali is The post Data Loss Prevention with Yasir Ali appeared first on Software Engineering Daily.

Podcast – Software Engineering Daily
Data Loss Prevention with Yasir Ali

Podcast – Software Engineering Daily

Play Episode Listen Later Apr 29, 2022 47:26


Data loss can occur when large data sources such as Slack or Google Drive get leaked. In order to detect and avoid leaks, a data asset graph can be built to understand the risks of a company environment. Polymer is a data loss prevention product that helps companies avoid problematic data leaks. Yasir Ali is The post Data Loss Prevention with Yasir Ali appeared first on Software Engineering Daily.

RunAs Radio
Managing Teams Sprawl with Erica Toelle and John Gruszczyk

RunAs Radio

Play Episode Listen Later Apr 27, 2022 36:23


How do you manage the sprawl of Teams? Richard chats with Erica Toelle and John Gruszczyk about the governance of Teams, starting with allowing a bit of sprawl in the first place - people give up on tools that are too locked down. You have to leave room to explore! But once folks engage with Teams and the sprawl gets a bit out of control, there are tools to help you protect people and information shared there. John talks about controlling access to different parts of Teams, depending on your role in the organization and external guests. Erica dives into labeling data as sensitive and how the Data Loss Prevention tooling can help protect data and indicate where it might be exposed inappropriately. There are many approaches to controlling sprawl. You can choose what is best for your organization!Links:Microsoft TeamsMultifactor AuthenticationAccess Governance in TeamsData Loss Prevention PolicyPower AutomateVirtual AgentsTeams and SharePoint IntegrationRecorded March 3, 2022

Microsoft Cloud IT Pro Podcast
Episode 267 – Microsoft 365 Compliance – Data Loss Prevention (DLP)

Microsoft Cloud IT Pro Podcast

Play Episode Listen Later Feb 3, 2022 39:07


In Episode 267, Ben and Scott talk about some of the updates that have come to Data loss prevention (DLP) in Microsoft 365 and how you can leverage DLP to protect your sensitive data across the M365 stack and even external cloud apps like Box, Dropbox, and Salesforce. Sponsors Intelligink - We focus on the Microsoft Cloud so you can focus on your business Show Notes Learn about data loss prevention Microsoft Information Protection in Microsoft 365 Create a DLP policy from a template Data Loss Prevention policy reference Create, test, and tune a DLP policy Data loss prevention and Microsoft Teams Using Endpoint data loss prevention Use data loss prevention policies for non-Microsoft cloud apps How DLP works between the Microsoft 365 Compliance Center and Exchange admin center About the sponsors Intelligink utilizes their skill and passion for the Microsoft cloud to empower their customers with the freedom to focus on their core business. They partner with them to implement and administer their cloud technology deployments and solutions. Visit Intelligink.com for more info.

RunAs Radio
Modern Client Management with Julie Andreacola

RunAs Radio

Play Episode Listen Later Feb 2, 2022 33:22


It's 2022, how do you manage your client machines? Richard chats with Julie Andreacola about modern client management. Julie talks about how the pandemic accelerated the need for modern client technologies, including being able to provision and configure computers that will never be in the office. The conversation digs into Windows Autopilot and Microsoft Intune compared with more traditional deployment and configuration approaches. While the new approaches are broader and don't have as many detailed options as the old approaches, security is a key strength in modern client architecture - and that could be the key driver to change up your client management approach!Links:Microsoft FastTrackWindows AutopilotMicrosoft IntuneAzure AD Joined DevicesWindows 11DFCI on Surface DevicesDeploying Win32 Apps via IntuneWindows 365 Cloud PCAzure Virtual DesktopM365 Data Loss PreventionRecorded December 27, 2021

Secure Talk - Cybersecurity
Data Loss Prevention (DLP) with Rohan Sathe, CTO & Co-Founder of Nightfall

Secure Talk - Cybersecurity

Play Episode Listen Later Dec 6, 2021 29:10


Rohan Sathe, CTO & Co-Founder of Nightfall talks about the different types of data loss prevention (DLP) tools and platforms and explains Nightfall's unique approach to DLP. Rohan also explains how his previous role as one of the founding engineers of Uber Eats put him on the path to looking for a better DLP solution. https://nightfall.ai/

Business Eye
Interview with Conor O'Connell

Business Eye

Play Episode Listen Later Nov 24, 2021 41:00


Conor is an Experienced Managing Director with significant success in delivering personalized solutions from a wide technology portfolio.Currently leading the company through an exciting growth phase, helping Irish SMEs to manage core business processes by providing the most effective, flexible, Enterprise Resource Planning (ERP) software.Specialties: Data Mining, Data warehousing, business intelligence, Data analysing, Cost Analysing, Data Security, Data Loss Prevention, DLP, Payroll bureau, Qlikview, Payroll, Sage Accounts, Sage 50, Sage 200, Sage HR, Sage CRM, ACT, Software Development, Web Development, IT Requirements, Fantasy GAA, SQL, SQL Server, ASPX, .Net , Ajax, Obout, Cobol, See acast.com/privacy for privacy and opt-out information.

Protecting People
The Inside Line on Information Protection: Bringing Your DLP Program into the 21st Century

Protecting People

Play Episode Listen Later Nov 16, 2021 37:50 Transcription Available


What does Data Loss Prevention look like in an increasingly remote world? Is the entire concept of DLP flawed? And at the end of the day, whose responsibility is DLP? DLP is a complex and complicated topic that is crucial for any business to fully understand. After all, you're protecting your most valuable assets, your intellectual property. On this episode of Protecting People, host Brian Reed sits down for a conversation with Cosmo Romero, Sr. Sales Engineer at Proofpoint, for a conversation all about DLP, incident response, and more. Join us as we discuss: What a modern information protection offering actually looks like Why DLP is a business issue, not a technology issue How to transition away from a legacy DLP mindset Why DLP as an acronym and concept may not make much sense in 2021   Resources mentioned during the interview: Gartner - It's Time to Redefine Data Loss Prevention   For more episodes like this one, subscribe to us on Apple Podcasts, Spotify, and the Proofpoint website, or just search for Protecting People in your favorite podcast player.

AGLEA SAP Security
Data Loss Prevention in SAP tramite Nextlabs

AGLEA SAP Security

Play Episode Listen Later Sep 27, 2021 4:46


Data Loss Prevention in SAP. Cosa fare?   Non esiste una soluzione unica per gestire gli aspetti di Data Loss Prevention. Ma cosa significa questo termine? Come è possibile fare in modo di controllare e verificare se ci sono fughe di dati non autorizzate?

Philosophical Thoughts
Philosophical Thoughts - Benefits of Data Loss Prevention

Philosophical Thoughts

Play Episode Listen Later Sep 8, 2021 5:55 Transcription Available


Today's episode is dedicated to addressing the benefits of data loss prevention and what companies could do and should do on that matter. To know more listen to the podcast episode! If you want to help this podcast, I created a Patreon - https://www.patreon.com/steacomedy_philosophy All the help is welcome. You can enter in contact via email (stea.comedy.philosophy@outlook.pt) Or even by my social media accounts: Instagram - https://instagram.com/stea_comedy?igshid=5upgor5cwjh2 Tiktok - https://www.tiktok.com/@stea_comedy? Youtube channel - https://www.youtube.com/channel/UClvnLCF-TCnjfMVP-7xa5yQ

Contractor Success Forum
Don't become a target: Cybersecurity tips from IT expert Morrelle McCrary

Contractor Success Forum

Play Episode Listen Later Aug 24, 2021 23:50


This week, we're following up on our fraud and employee dishonesty discussion with an episode focused on one of the biggest threats to your business: cybercrime. Morrelle McCrary of RAM-Tech PC Solutions joins us for this important conversation. Topics we cover include:How cybersecurity has changed and why you need to worry about breaches more than hackers nowHow much it costs on average to deal with a security breach and how many businesses go under after an attackThe tools that can help protect your data and their limitationsThe process of applying for cyber security insurance and completing an auditHow you can work with an IT professional to secure your data and your clients' dataLINKSVisit the episode page at contractorsuccessforum.com/cybersecurity for more details and a transcript of the show.Subscribe for free resources and to be notified of future episodes at contractorsuccessforum.com/subscribe.Find all episodes and related links at ContractorSuccessForum.com.Have questions? Need help with your cybersecurity?  Contact Morrelle at RAM-Tech PC Solutions:RAMTechPCS.commmccrary@ramtechpcs.com678-999-2172FIND US ONLINERob Williams, Profit Strategist | IronGateESS.comWade Carpenter, CPA, CGMA | CarpenterCPAs.comStephen Brown, Bonding Expert | McWins.com

Contractor Success Forum
Don't become a target: Cybersecurity tips from IT expert Morrelle McCrary

Contractor Success Forum

Play Episode Listen Later Aug 24, 2021 23:50


This week, we're following up on our fraud and employee dishonesty discussion with an episode focused on one of the biggest threats to your business: cybercrime. Morrelle McCrary of RAM-Tech PC Solutions joins us for this important conversation. Topics we cover include:How cybersecurity has changed and why you need to worry about breaches more than hackers nowHow much it costs on average to deal with a security breach and how many businesses go under after an attackThe tools that can help protect your data and their limitationsThe process of applying for cyber security insurance and completing an auditHow you can work with an IT professional to secure your data and your clients' dataLINKSVisit the episode page at contractorsuccessforum.com/cybersecurity for more details and a transcript of the show.Subscribe for free resources and to be notified of future episodes at contractorsuccessforum.com/subscribe.Find all episodes and related links at ContractorSuccessForum.com.Have questions? Need help with your cybersecurity?  Contact Morrelle at RAM-Tech PC Solutions:RAMTechPCS.commmccrary@ramtechpcs.com678-999-2172FIND US ONLINERob Williams, Profit Strategist | IronGateESS.comWade Carpenter, CPA, CGMA | CarpenterCPAs.comStephen Brown, Bonding Expert | McWins.com

Ethical Hacking
Data loss prevention (DLP) this is how we inspect the data that is going out of our network...

Ethical Hacking

Play Episode Listen Later Aug 2, 2021 6:54


Hello everyone my name is vijay kumar Devireddy and i am glad to have you back on my episode 60 today we're going to discuss about Data loss prevention.Data loss prevention, or DLP systems,are designed to protect data by conducting content inspection of your data as it's being sent out of your organization's network.While data loss prevention is the most commonly used term,it's also referred to as ILP for Information Leak Prevention or EPS, Extrusion Prevention Systems.Usually these systems are installed as a network based DLP or a Cloud based DLP.For example, my company happens to use a Cloud based DLP through Google's G Suite.Anytime one of our employees tries to send information outside of our own domain through email,that email is flagged and they have to verify that they understand the data is being sent outside of security.com We have our DLP set to low because we communicate with so many people outside of our organization on a daily basis.But if we wanted to, we could force a higher security level and make each email being sent be checked and verified by a third employee before it was sent out to ensure that no confidential data was being left outside of our network.Now, there's also automated ways to do this,so you can flag particular emails based on key words or a no-no list and prevent any files or emails from being transferred with those keywords inside of them.It all depends on how you want to configure your DLP.DLPs are used to ensure your data stays within your network,that it isn't leaked out to outsiders,and that the privacy of your confidential data remains private.That's the whole goal here.We want to make sure that data isn't being sent outside of your network over and over again and have this massive data exfiltration going on.DLP systems can help you with that.

AnexiPod – Anexinet
Episode 61: Securing Identities with Ping

AnexiPod – Anexinet

Play Episode Listen Later Jul 14, 2021 49:41


Show Notes Anexinet Infrastructure Modernization Podcast: Securing Identities with Ping Episode 61 Chris and Dave are joined by Aubrey Turner, Executive Advisor at Ping Identity. The conversation centers around the evolving concept of Identity, what it means to track, restrict, and audit, the activities of an Identity. They discuss the idea of how Identity protection and defensive strategies of the past were passive in nature; the future of Identity protection revolves around Data Loss Prevention. Other Identity-based topics include passwordless authentication, zero trust, data stewardship, and end-user education. Hosts Chris Hayner, Enterprise Solutions Architect, Anexinet Dave Mahoney, Enterprise Services Architect, Anexinet Guests Aubrey Turner, Executive Advisor, Ping Identity Audio Editor Dustin Karrat Music Credits lophiile: Preach djscoutmusic@gmail.com https://soundcloud.com/lophiile Twitter/Instagram: @lophiile About Us The Anexinet Infrastructure Modernization Podcast is a product of Anexinet. We use this platform to allow industry professionals and subject matter experts to discuss current trends and technology topics. If you have any questions please call us at (610)-239-8100, or email us at info@anexinet.com. We are online at https://anexinet.com

AGLEA SAP Security
Nextlabs SAP Data Protection

AGLEA SAP Security

Play Episode Listen Later Jul 6, 2021 4:13


Data Protection in SAP. Cosa fare?   Non esiste una soluzione unica per gestire gli aspetti di Data Loss Prevention. Ma cosa significa questo termine? Come è possibile fare in modo di controllare e verificare se ci sono fughe di dati non autorizzate?   Come Nextlabs può essere di aiuto su questo aspetto? Che soluzioni propone? Lo scopriamo oggi!

No Password Required
Dan Burke - a Cyber Practice Leader and natural optimist who believes every day is the best day

No Password Required

Play Episode Listen Later Jun 24, 2021 71:48


Dan Burke is the Cyber Practice Leader at Woodruff Sawyer, one of the largest insurance brokerage and consulting firms in the US. Dan is a natural optimist and family man who believes every day is going to be the best day and the next shot will always be his greatest golf shot. In this episode, Dan joins the No Password Required team to talk about his personal connection to Colby-jack cheese, the most misunderstood things about cyber risk and insurance, and his bucket-list golfing spots. Ernie, Clabby, and Pablo discuss the recent Colonial Pipeline/Bitdefender controversy and the pros and cons of publicizing intelligence that could help ransomware victims. In the “Positively Cyber” segment, Pablo introduces the iconic Winston Wolfe to our fictitious cybersecurity organization as a Data Loss Prevention freelancer.

Cybersecurity FOREVER
Day-283: What Factors Should Be Considered For Data Loss Prevention?

Cybersecurity FOREVER

Play Episode Listen Later May 10, 2021 10:06


Today I will discuss: 1. Why is DLP crucial for organizations? 2. What are the important factors for DLP? 3. Data Loss Prevention options! Watch

#gkgab
Verhindern Sie Datenverlust mit Data Loss Prevention

#gkgab

Play Episode Listen Later Apr 25, 2021 54:39


Unternehmen sind immer häufiger von Datenverlust und Datendiebstahl betroffen. Besonders brisant wird es, wenn vertrauliche Daten in die falschen Hände geraten. Data Loss Prevention ist Teil der Microsoft Information Protection Produktfamilie, die mit der E5 Subscription erhältlich ist. Mit einer Data Loss Prevention-Regel im Microsoft 365 Compliance Center können Sie sensible Informationen in Microsoft 365 identifizieren, überwachen und automatisch schützen. Wir geben Ihnen einen Überblick. Mit Alexander Rudolph und Nadine Kern

Cybersecurity FOREVER
Day-263: What Is Data Loss Prevention (DLP)?

Cybersecurity FOREVER

Play Episode Listen Later Apr 20, 2021 10:11


Today I will discuss: 1. What is Data Loss Prevention (DLP)? 2. Why is the importance of DLP? 3. What are the causes of data loss? Watch

Ethical Hacking
For Keeping your information under your control use Data Loss Prevention(DLP) tool.

Ethical Hacking

Play Episode Listen Later Apr 18, 2021 15:26


hello everyone my name is vijay kumar Devireddy and i am glad to have you back on my episode 16 today we are discussing about Data loss prevention.Data loss prevention is set up to monitor the data of a system while it's in use,in transit, or at rest.It does this, in order to detect any attempts to steal the data.Let's think about when we had data stored,20 or 30 years ago.Where did they store most of it?Well, most businesses stored it printed off,and in a filing cabinet.And if somebody wanted to get it,they'd have to break into your offices,open the filing cabinet, and physically take the files.This limited the amount of information that somebody could steal from you,because they really could only steal,what they could carry with them.Then, we started allowing people to work remotely,and a lot of data was stored on laptops.If you happened to stop for lunch and you left your laptop sitting in your car,somebody could've broken in your car,and stolen your laptop.And they now have access to all the data that was on it.The next evolution in data theft occurred when we started using external hard drives.These started being used,all throughout our offices.These hard drives could hold large amounts of data.We could plug it into the network, through our laptop,and download a ton of information and data,and then walk out of the building with it.But, these were kind of large and easy to detect.Next, we started seeing thumb drives,that hold just as much as these external hard drives,carrying billions of documents out the front door with no one knowing it,because they're so small,and fit right in your pocket.But wait, we don't even need to do that nowadays,because we have things like Dropbox and Google Drive,where we get terabytes of storage available to you,hooked up to the network.And I could sit there and upload everything your company has,and get access to it,anywhere in the world.This is a huge problem for businesses,because our data and our intellectual property is what the currency of business is these days.To protect it, we have to use data loss prevention systems.These systems come as either software or hardware solutions.The first data loss prevention system we're going to talk about is an endpoint DLP system.An endpoint system, is usually a piece of software that's installed on a workstation or a laptop,and it's going to monitor the data that's in use on that computer.And if someone tries to do a file transfer,it'll either stop that file transfer,or it'll alert the admin of the occurrence based on certain rules and policies.Very much liked an IDS or an IPS would, but focused on data.DLPs can be set to detection mode, or prevention mode.The next one we have,is a network DLP system.This is a piece of software or hardware,that's a solution placed at the perimeter of your network.It's sole function in life,is to check all of the data going into,and out of your network,with a special focus on things going out of the network.They want to detect data in transit,that shouldn't be leaving the building.The third type we have,is called storage DLP.This is a software that's installed on a server in the data center and inspects the data while its at rest, on the server.This is usually because they've encrypted it or watermarked it,and we want to make sure that nobody's accessing the data at times that they shouldn't be.For example, if someone starts downloading large amounts of data at two in the morning,that's probably against your policy,and the DLP could catch it.The fourth type of DLP, is a cloud-based DLP system.These systems are usually offered as software, as a service,and it's part of your cloud service and storage needs.

RunAs Radio
Securing Teams with Tobias Zimmergren

RunAs Radio

Play Episode Listen Later Mar 24, 2021 37:03


Are your teams secure? Richard chats with Tobias Zimmergren about securing Office 365 Teams - both internally and externally! The challenge of Teams collaboration is the risk of sharing too much - and as Tobias says, by default, everyone can see everything. Certain teams in your organization, like HR, legal, and RnD, have to limit who can see their collaborations: Teams has information barriers to protect sensitive collaborations. Tobias also dives into eDiscovery and Data Loss Prevention, two huge topics on their own, and typically connected with Exchange: But also important with Teams. Get secure!Links:Managing Teams SecurityManaging External Access in TeamsSecurity and Compliance in TeamsInformation Barriers in Microsoft TeamseDiscovery Solution in Microsoft 365Office 365 Data Loss PreventionMicrosoft Defender for Office 365Microsoft Cloud App Security

RunAs Radio
Securing Teams with Tobias Zimmergren

RunAs Radio

Play Episode Listen Later Mar 24, 2021 38:00


Are your teams secure? Richard chats with Tobias Zimmergren about securing Office 365 Teams - both internally and externally! The challenge of Teams collaboration is the risk of sharing too much - and as Tobias says, by default, everyone can see everything. Certain teams in your organization, like HR, legal, and RnD, have to limit who can see their collaborations: Teams has information barriers to protect sensitive collaborations. Tobias also dives into eDiscovery and Data Loss Prevention, two huge topics on their own, and typically connected with Exchange: But also important with Teams. Get secure!

Cyber Security med Olav og Karim
S01E09 – D16: Data Loss Prevention og D17: Security Testing

Cyber Security med Olav og Karim

Play Episode Listen Later Mar 7, 2021 19:15


Beskrivelse:I episode 9 går Olav og Karim gjennom domene 16 Data Loss Prevention og domene 17 Security testing.Under domene 16 går vi blant annet gjennom DLP, informasjonsklassifisering, Azure Information Protection, DLP i Firewall, med mer. Under domene 17 dekker vi blant annet Pentest, Black Box, White Box, Grey Box, Red Team, Blue team, Purple team, frekvens,

The Clearly Podcast
Governance

The Clearly Podcast

Play Episode Listen Later Feb 15, 2021 49:22


This week we talk to special guest, Reza Rad, about governance.  If you have read any of the previous podcast descriptions, you will probably be familiar with Reza's work.  If you're not aware of Reza yet, you should fix that as he is one of the leading experts in the world in Power BI.Today, we cover all aspects of data and BI governance, from data sources through to outputs via training and encouraging a data culture.One of the key aspects of governance is getting the overall architecture right.  If at all possible, this should be in place from day one.  Often, though, with the increase in "citizen developer" tools we can end up in something similar to the old "Excel hell" and a lack of a single source of truth.The more code that can be re-used, such as creating shared datasets, the easier your task will be.  We will talk a little more about this in a future episode on Application Lifecycle Management and how it applies (and doesn't apply) to BI projects.Beyond the technological measures, we also need to think about the cultural and "soft" elements of making the architecture stick.  Key to this is creating suitably tailored training to the different audiences in an organisation, and providing the appropriate documentation.One of the critical challenges thrown up by modern BI tools is an increased expectation that everything can be done quickly - bypassing the normal controls.  At the same time, you don't want to just kill everybody's enthusiasm.In the wider Azure context, tools such as Data Loss Prevention policies and Azure Information Protection can help, but be wary of being too reliant on technology over policy and organisational culture. Finally, the Centre of Excellence tool kit can provide a valuable accelerator to governance on the Power Platform more generally.Reza's website Radacad is a treasure trove of information across all things Power BI, and also the place to go to download Power BI Helper.  Reza can also be found on Twitter and LinkedIn In addition, Tabular Editor and DAX Studio are fantastic tools to help manage development.The Power BI Summit takes place on line this April and tickets are available now.You can download Power BI Desktop from here.If you already use Power BI, or are considering it, we strongly recommend you join your local Power BI user group here.To find out more about our services and the help we can offer, contact us at one of the websites below:UK and Europe: https://www.clearlycloudy.co.uk/North America: https://www.clearlysolutions.net/

Real CyberSecurity
Episode 24 - Guest: Brian Reed Talks Data Loss Prevention (DLP), and Working at Gartner

Real CyberSecurity

Play Episode Listen Later Jan 15, 2021 52:25


Brian Reed is proof that you can be smart, nice, a great father, and successful in security. Brian is a long time Atlantan (the city in Georgia, not the underwater one) and has been doing security IBM, ISS, Gartner and Proofpoint. Brian talks about:- 2021 and the nexus between the upsides of DLP and the risks to privacy and surveillance if not done right.- Remote working and security.- Bill's dislike of open offices.- His experience at Gartner, overlapping with Bill and Greg. We each name the smartest non-security analyst at Gartner we worked with, and the security analyst we'd each want on an advisory day with us.- Cities we've been stuck in.Greg repeats his clown factory analogy. He repeats himself a lot. Bill and Brian talk about American football as an attempt to confuse Greg.He's on LinkedIn at https://www.linkedin.com/in/brianreed/

Task Force 7 Cyber Security Radio
Ep: 159: Why Are We Still Talking About Email Security?

Task Force 7 Cyber Security Radio

Play Episode Listen Later Nov 23, 2020 57:50


The Chief Technology Officer for InQuest, Pedram Amini breaks down why email security is still a huge issue for most businesses, what types of email attacks are prevalent in the market today, and how corporations can defend themselves against these resilient attacks. Amini also unpacks the email technologies provided by Microsoft and Google, which one of them have more effective email security, and the projects and technologies he has developed to fight the good fight against one of the biggest attack vectors used by Cyber Organized Criminals today.

Task Force 7 Cyber Security Radio
Ep: 159: Why Are We Still Talking About Email Security?

Task Force 7 Cyber Security Radio

Play Episode Listen Later Nov 23, 2020 57:50


The Chief Technology Officer for InQuest, Pedram Amini breaks down why email security is still a huge issue for most businesses, what types of email attacks are prevalent in the market today, and how corporations can defend themselves against these resilient attacks. Amini also unpacks the email technologies provided by Microsoft and Google, which one of them have more effective email security, and the projects and technologies he has developed to fight the good fight against one of the biggest attack vectors used by Cyber Organized Criminals today.

Microsoft Mechanics Podcast
Endpoint Data Loss Prevention (DLP) | What it is and how to set it up in Microsoft 365

Microsoft Mechanics Podcast

Play Episode Listen Later Nov 17, 2020 7:58


Extend information protection controls beyond apps and services to device endpoints with Microsoft Endpoint Data Loss Prevention (or DLP). As more and more users work outside the traditional corporate walls, natively for managing Windows 10 devices and the new Edge browser, they can discover and protect sensitive data as it's being shared or transferred. If a user inadvertently mislabels a file, DLP will detect sensitive information and apply corresponding restrictions to prevent data loss. Think of DLP as an extra layer of security and a defense in-depth approach before content ends up in the wrong hands, whether that data has been proactively labeled or not. Join host Jeremy Chapman, as he gives an overview of Microsoft Endpoint Data Loss Prevention, shows you the user experience, and shares how easy it is to set it all up. ► QUICK LINKS: 00:00 - Introduction 01:06 - User experience: apply endpoint DLP policies at the file system level 02:18 - How it works: doesn't slow your PC, fully cloud managed, and always up to date 03:05 - Admin experience: how to restrict printing, set up alerts, and set context 06:11 - See how to prevent specific apps from accessing protected files 06:48 - Closing notes ► Link References: Find a script-based configuration package that you can deploy with your existing tools at https://aka.ms/EndpointDLPGuide Learn more about EndpointDLP, and try it out for yourself at https://aka.ms/EndpointDLP Unfamiliar with Microsoft Mechanics? We are Microsoft’s official video series for IT. You can watch and share valuable content and demos of current and upcoming tech from the people who build it at #Microsoft. Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries?sub_confirmation=1 Follow us on Twitter: https://twitter.com/MSFTMechanics Follow us on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ Follow us on Facebook: https://facebook.com/microsoftmechanics/ 

BSI Group
Episode 4: Data Loss Prevention - BSI/McAfee Insights Series

BSI Group

Play Episode Listen Later Nov 16, 2020 36:08


Check out the fourth installment of our brand-new six part insights series hosted by BSI in partnership with McAfee. In this episode, Stephen Bowes, Global Practice Director, at BSI Consulting is joined by Nigel Hawthorn, Cloud & Privacy Spokesperson for McAfee to discuss Data Loss Prevention (DLP) and the cloud, what are DLPs and their causes, the value of data, and some real-life examples. Subscribe here: https://www.bsigroup.com/en-IE/our-services/cybersecurity-information-resilience/Resources/Webinars/insights-series/notification/ to receive notifications on the upcoming episodes.

Futurum Tech Podcast
Trends in UC&C, Essential Differentiators Between Platforms, and the Critical Role of Security

Futurum Tech Podcast

Play Episode Listen Later Oct 26, 2020 33:24


This week's episode of the Futurum Tech Webcast – Interview Series, featured an interview with Cisco's Niraj Gopal. Niraj is the Director of Project Management for Webex Enterprise Security and Compliance and “owns” the 360 degree approach to Webex security, which spans so many things. In our conversation today we explored trends in online collaboration and communications platforms, some key differentiators between platforms, how COVID-19 has changed the way we work (and live), and what's going on in the enterprise leaders' minds as it relates to the security afforded by these platforms. Niraj is responsible for all things related to enterprise security and compliance at Webex, including identity management, end-to-end encryption of customer content, Data Loss Prevention, the DPL/CASB partner ecosystem, mobile device security, third party platform certifications, and security policy controls in Control Hub. With more than 20 years of experience in enterprise security management, the creator of a number of innovative products, and the holder of 7 patents (and counting), he's a self-described fanatic when it comes to solving customer problems. That's probably why we get along so well — I'm a bit of a fanatic about that myself. Our conversation revolved around some primary research our team at Futurum recently published, in partnership with Cisco: Unified Communications & Collaboration, the Essential Differentiators for 2020 and Beyond and Unified Communications & Collaboration, the Primacy of Security, Privacy and Trust. We discussed: Trends in online collaboration since COVID-19 changed the way we work, including security issues. In spite of a lot of news about security breaches of online meeting platforms, we don't hear about that much as it relates to Webex. What is Cisco doing differently? Besides what users can do to protect their own data, thoughts on what IT and security admins can do to make sure that data doesn't get breached, especially in persistent messaging. What vendors can do to help prevent and protect against data breaches. How work from home has changed the workload for IT admins, and what they can do to ensure the safety of devices being used by remote employees. How visibility and control when users collaborate outside of their company is a critical part of data protection initiatives. How E2E encryption safeguards meetings and why that's more important today than ever before. The evolving role of collaboration platforms in healthcare and what's involved in delivering telehealth services remotely. We wrapped up our conversation with a discussion about what's next on the roadmap for collaboration security. Niraj brought a wealth of knowledge to the conversation around not only trends in UC&C, how vendors and platforms differ and why understanding those differentiators are important for enterprise leaders charged with making decisions around UC&C platforms and, last but never least, the role that security plays in all of this today and what to know and look for. And if you're interested in a deeper dive on either UC&C trends and differentiators you need to know about and/or security as it relates to UC&C platforms, you can download our research reports here: Unified Communications & Collaboration, the Essential Differentiators for 2020 and Beyond Unified Communications & Collaboration, the Primacy of Security, Privacy and Trust

The Azure Security Podcast
Azure Security Podcast - Security News from Microsoft Ignite 2020

The Azure Security Podcast

Play Episode Listen Later Oct 7, 2020 36:33


In this special episode Michael Howard and Mark Simos sit down with guest Cyril Voisin to cover the Azure security, compliance and governance news that came out of Microsoft Ignite 2020.The topics covered include updated news on the Microsoft Defender suite, Key Vault, SQL Server, Kubernetes, Data Loss Prevention, Azure Security Center, Zero Trust, Microsoft Information Governance and much more.

Google Cloud Platform Podcast
Sanity.io with Simen Svale Skogsrud and Knut Melvær

Google Cloud Platform Podcast

Play Episode Listen Later Aug 19, 2020 37:53


This week on the podcast, Mark and Max Saltonstall talk with Simen Svale Skogsrud and Knut Melvær of Sanity.io. Sanity.io started as a consulting company but organically morphed into a software company when they realized their content management solutions worked across many industries. By providing a managed system that includes search indexing and data hosting, Sanity.io allows customers to analyze and deliver content all over the world with ease. They also offer an open source kit that facilitates complete customization of the program to each client’s particular needs. Simen explains headless CMS as compared to the conventional systems and how it benefits Sanity.io clients. Data is separate and much more flexible, allowing it to be used in any way on any platform. Knut tells us about the developer experience using Sanity, describing the dashboard of useful APIs and other features that make using the program a breeze. We talk about how real clients have influenced and built on the product and why customer service is so important to Sanity. Later in the show, our guests go in-depth about specific features of Sanity, including how the system handles different types of data and data relationships. We get technical, talking about the importance of scaling and how Sanity is accomplishing this with Google Cloud and Kubernetes. Simen and Knut offer our listeners some valuable advice on product launching, time management, and more. Knut Melvær Knut Melvær is the Head of Developer Relations and Support at Sanity.io. Simen Svale Skogsrud Simen Svale Skogsrud is Co-founder and CTO of Sanity.io. Cool things of the week The Anywhere School: 50+ Google for Education updates blog It’s Week 6 of Next site Google Cloud and Spotify Demo at Next site Bare Metal Solution talk from GG site Interview Sanity.io site Get Started with Sanity.io site Get Started with Sanity CLI site Sanity.io Careers site Sanity.io Docs site OMA site Bengler site Kubernetes site Tip of the week Roger gives us a tip about Google Cloud’s Data Loss Prevention. Check out the demo here! What’s something cool you’re working on? Max is blogging about identity and security and access control. Here’s his latest post with Jen Person, Zero Trust for Enterprise : Cooking up some access controls. Mark and Max have been working on turning their popular YouTube Series, Stack Chat, into a new addition to the podcast! Join us next week to hear the first installment!

ManageEngine’s Weekly IT Security  Podcast series.
How to defend against ransomware attacks

ManageEngine’s Weekly IT Security Podcast series.

Play Episode Listen Later Jul 20, 2020 14:53


In this episode, Sid, cybersecurity expert at ManageEngine, explains how ransomware attacks are becoming increasingly common and the measures which you need to have in place to avert potential attacks. Sid recommends measures such as regular backup of your data, enforcing least privilege, deployment of endpoint protection solutions, etc., to elevate the security of your network and nullify the threat posed by ransomware attacks.

Anything and everything about Cybersecurity, Information security and much more by Luv Johar
Learn everything about data classification and data loss prevention DLP

Anything and everything about Cybersecurity, Information security and much more by Luv Johar

Play Episode Listen Later Jun 21, 2020 82:21


Learn everything about data classification and data loss prevention DLP Why Data Loss Prevention (DLP) Matters to Your Security Strategy What is DLP? And how to implement DLP in your organization? What is data classification? Guidelines for data classification and process for data classification explained. Data Classification Defined. Reasons for data classification explained. Data classification process. Data classification tips. Data classification faq. What comes after data classification? Restricted Data, Private Data, Public Data. Purpose of data classification. Importance of data classification. Common Steps of data classification. Types of data classification. Benefits of data classification. Examples of data classification. What is Data Loss Prevention DLP? Data loss prevention explained. Definition of data loss prevention. WHAT IS DATA LOSS PREVENTION (DLP)? DO I NEED DATA LOSS PREVENTION? MAIN USES CASES FOR DLP WHAT TYPE OF DATA LOSS PREVENTION IS RIGHT FOR YOUR ORGANIZATION? DATA LOSS PREVENTION BEST PRACTICES How does DLP work? Why do organizations need DLP solutions? Types of DLP technologies What is DLP and how does it work? What is DLP? How Does DLP Work? Causes of Data Leaks Data Leakage Prevention Components of a Data Loss Solution Copyright Disclaimer Under Section 107 of the Copyright Act 1976, allowance is made for "fair use" for purposes such as criticism, commenting, news reporting, teaching, scholarship, and research. Fair use is a use permitted by copyright statute that might otherwise be infringing. Non-profit, educational, or personal use tips the balance in favor of fair use. All these podcasts are only created for teaching purposes. © 2020 Luv Johar

ManageEngine’s Weekly IT Security  Podcast series.
Getting started with file security

ManageEngine’s Weekly IT Security Podcast series.

Play Episode Listen Later May 18, 2020 15:15


In this episode, Sid, IT security expert at ManageEngine, explains why file analysis, file integrity monitoring and data leak prevention are must-have capabilities in a data security and monitoring tool. Listen to discover how they help in enhancing the security posture of your environment.

Avanet
#011 - Sophos News 10-2019

Avanet

Play Episode Listen Later Oct 2, 2019 40:15


Dies ist die elfte Folge unseres Avanet Podcasts rund ums Thema Sophos. In dieser Episode sprechen wir unter anderem über die Veröffentlichung der UTM 9.7 Firmware, stellen neue Funktionen im Central Firewall Manager vor und berichten über zwei Neuerungen in Central Device Encryption 2.0. ## XG Firewall In dieser Folge sprechen wir zu Beginn noch einmal über die vermehrten RED Probleme, die seit der UTM 9.6 Version aufgetreten sind. Unterdessen ist nun auch die UTM 9.7 Version veröffentlicht worden, die unter anderem den bereits angesprochenen APX Support beinhaltet. Von einem Bugfix für die RED Probleme ist allerdings nirgends die Rede. Um diese Podcastfolge nicht zu UTM-lastig zu machen, gibt es noch erfreuliche Neuerungen beim Central Firewall Manager (CFM). Es ist nun möglich, Updates für die Firewall direkt über Central einzuspielen. Ein Update-Management, um auch wieder auf frühere Versionen zu wechseln, wird allerdings noch vermisst. Schon länger auf der Roadmap, aber nun tatsächlich umgesetzt, wurde das Zero Touch Deployment. Wie genau diese Funktion zukünftig das Einrichten einer entfernten Firewall noch viel einfacher machen wird, erfahrt ihr in dieser Folge. Wer noch etwas mehr über die kommende v18 des SFOS erfahren möchte, kann sich das neuste PDF dazu in unserem Informationsverzeichnis anschauen. ## Sophos Central Das EAP für die "Data Loss Prevention" des Central Email Moduls ist offiziell beendet und die Funktionen stehen nun jedem zur Verfügung, der eine gültige "Central Email Advanced" Lizenz besitzt. Eine wichtige Meldung erreichte uns noch bezüglich "Central Server Protection". Sophos hat ein wichtiges Update für den Agent auf Windows-Server veröffentlicht, welches allerdings nur durch einen Neustart installiert werden kann. Damit eure Server auf dem neusten Core Agent 2.2.6 laufen, müsst ihr beim nächsten Wartungsfenster unbedingt einen Neustart einplanen. Zum Schluss sprechen wir noch über "Central Device Encryption 2.0", womit man nun auch einzelne Dateien per HTML5 Container verschlüsseln kann.

Avanet
#010 - Sophos News 09-2019

Avanet

Play Episode Listen Later Sep 4, 2019 46:56


Dies ist die zehnte Folge unseres Avanet Podcasts rund ums Thema Sophos. In dieser Episode sprechen wir unter anderem über den kommenden APX Support in UTM 9.7, die SFOS MR5 und MR6 Releases, informieren über neue Funktionen in Sophos Central Email und berichten über "benutzerdefinierte Rollen" in Sophos Central Enterprise. ## XG Firewall In dieser Folge erfahrt ihr 7 Gründe, warum die XG Firewall (SFOS) besser ist als die UTM . Passend zu diesem Thema sprechen wir auch gleich über den überraschenden APX Support in der kommenden UTM 9.7 Version und die RED 50 Probleme, die in der letzten Zeit vermehrt bei unseren Kunden aufgetreten sind. Den Fokus lenken wir aber schnell wieder auf die XG Firewall, denn dort wurden seit der letzten Podcastfolge die Versionen 17.5 MR7 und MR8 veröffentlicht. Zum Schluss geben wir euch einen Ausblick auf das neue SFOS v18, welches im Q1 2020 der Öffentlichkeit zur Verfügung gestellt werden soll. ## Sophos Central Sophos ist erneut Leader im Gartner Magic Quadrant für Endpoint Protection. Dies ist zuletzt sicher auch den verbesserten EDR-Funktionalitäten zuzuschreiben. Wer bisher nicht wusste, wo er bei EDR überhaupt anfangen soll, kann die neue Funktion "Bedrohungsindikatoren" ausprobieren, die sich im Moment aber noch in der Betaphase befindet. Bei Sophos Central Email kann man nun die "Smart Banners" individuell anpassen. Wer sich Sorgen macht, dass sensible Firmendaten per E-Mail verschickt werden, sollte zudem unbedingt am EAP für "Data Loss Prevention" teilnehmen. Nicht nur die Module von Central werden stetig weiterentwickelt, auch das Management in Sophos Central Enterprise wurde durch "benutzerdefinierte Rollen" vereinfacht.

The History of Computing
The History of Symantec

The History of Computing

Play Episode Listen Later Aug 11, 2019 12:09


Welcome to the History of Computing Podcast, where we explore the history of information technology. Because understanding the past prepares us for the innovations of the future! Todays episode is on the History of Symantec. This is really more part one of a part two series. Broadcom announced they were acquiring Symantec in August of 2019, the day before we recorded this episode. Who is this Symantec and what do they do - and why does Broadcom want to buy them for 10.7 Billion dollars? For starters, by themselves Symantec is a Fortune 500 company with over $4 billion dollars in annual revenues so $10.7 Billion is a steal for an enterprise software company. Except they're just selling the Enterprise software division and keeping Norton in the family. With just shy of 12,000 employees, Symantec has twisted and turned and bought and sold companies for a long time. But how did they become a Fortune 500 company? It all started with Eisenhower. ARPA or the Advanced Research Projects Agency, which would later add the word Defense to their name, become DARPA and build a series of tubes call the interweb. While originally commissioned so Ike could counter Sputnik, ARPA continued working to fund projects in computers and in the 1970s, this kid out of the University of Texas named Gary Hendrix saw that they were funding natural language understanding projects. This went back to Turing and DARPA wanted to give some AI-complete a leap forward, trying to make computers as intelligent as people. This was obviously before Terminator told us that was a bad idea (pro-tip, it's a good idea). Our intrepid hero Gary saw that sweet, sweet grant money and got his PhD from the UT Austin Computational Linguistics Lab. He wrote some papers on robotics and the Stanford Research Institute, or SRI for short. Yes, that's the same SRI that invented the hosts.txt file and is responsible for keeping DNS for the first decade or so of the internet. So our pal Hendrix joins SRI and chases that grant money, leaving SRI in 1980 with about 15 other Stanford researchers to start a company they called Machine Intelligence Corporation. That went bust and so he started Symantec Corporation in 1982 got a grant from the National Science foundation to build natural language processing software; it turns out syntax and semantics make for a pretty good mashup. So the new company Symantec built out a database and some advanced natural language code, but by 1984 the PC revolution was on and that code had been built for a DEC PDP so could not be run on the emerging PCs in the industry. Symantec was then acquired by C&E Software short for the names of its founders, Dennis Coleman and Gordon Eubanks. The Symantec name stayed and Eubanks became the chairman of the board for the new company. C&E had been working on PC software called Q&A, which the new team finished and then added natural language processing to make using the tools easier to use. They called that “The Intelligent Assistant” and they now had a tool that would take them through the 80s. People swapped rolls, and due to a sharp focus on sales they did well. During the early days of the PC, dealers - or small computer stores that were popping up all over the country, were critical to selling hardware and software. Every Symantec employee would go on the road for six days a week, visiting 6 dealers a day. It was grueling but kept them growing and building. They became what we now call a “portfolio” company in 1985 when they introduced NoteIt, a natural language processing tool used to annotate docs in Lotus 1-2-3. Lotus was in the midst of eating the lunch of previous tools. They added another devision and made SQZ a Lotus 1-2-3 spreadsheet tool. This is important, they were a 3 product company with divisions when in 1987 they got even more aggressive and purchased Breakthrough Software who made an early project management tool called TimeLine. And this is when they did something unique for a PC software company: they split each product into groups that leveraged a shared pool of resources. Each product had a GM that was responsible for the P&L. The GM ran the development, Quality Assurance, Tech Support, and Product Market - those teams reported directly to the GM, who reported to then CEO Eubanks. But there was a shared sales, finance, and operations team. This laid the framework for massive growth, increased sales, and took Symantec to their IPO in 1989. Symantec purchased what was at the time the most popular CRM app called ACT! In 1993 Meanwhile, Peter Norton had a great suite of tools for working with DOS. Things that, well, maybe should have been built into operating systems (and mostly now are). Norton could compress files, do file recovery, etc. The cash Symantec raised allowed them to acquire The Peter Norton Company in 1999 which would completely change the face of the company. This gave them development tools for PC and Mac as Norton had been building those. This lead to the introduction of Symantec Antivirus for the Macintosh and called the anti-virus for PC Norton Antivirus because people already trusted that name. Within two years, with the added sales and marketing air cover that the Symantec sales machine provided, the Norton group was responsible for 82% of Symantecs total revenues. So much so that Symantec dropped building Q&A because Microsoft was winning in their market. I remember this moment pretty poignantly. Sure, there were other apps for the Mac like Virex, and other apps for Windows, like McAfee. But the Norton tools were the gold standard. At least until they later got bloated. The next decade was fast, from the outside looking in, except when Symantec acquired Veritas in 2004. This made sense as Symantec had become a solid player in the security space and before the cloud, backup seemed somewhat related. I'd used Backup Exec for a long time and watched Veritas products go from awesome to, well, not as awesome. John Thompson was the CEO through that decade and Symantec grew rapidly - purchasing systems management solution Altiris in 2007 and got a Data Loss Prevention solution that year in Vontu. Application Performance Management, or APM wasn't very security focused so that business until was picked up by Vector Capital in 2008. They also picked up MessageLabs and AppStream in 2008. Enrique Salem replaced Thompson and Symantec bought Versign's CA business in 2010. If you remember from our encryption episode, that was already spun off of RSA. Certificates are security-focused. Email encryption tool PGP and GuardianEdge were also picked up in 2010 providing key management tools for all those, um, keys the CA was issuing. These tools were never integrated properly though. They also picked up Rulespace in 2010 to get what's now their content filtering solution. Symantec acquired LiveOffice in 2012 to get enterprise vault and instant messaging security - continuing to solidify the line of security products. They also acquired Odyssey Software for SCCM plugins to get better at managing embedded, mobile, and rugged devices. Then came Nukona to get a MAM product, also in 2012. During this time, Steve Bennett was hired as CEO and fired in 2014. Then Michael Brown, although in the interim Veritas was demerged in 2014 and as their products started getting better they were sold to The Carlyle Group in 2016 for $8B. Then Greg Clark became CEO in 2016, when Symantec purchased Blue Coat. Greg Clark then orchestrated the LifeLock acquisition for $2.3B of that $8B. Thoma Bravo then bought CA business to merge with DigiCert in 2017. Then in 2019 Rick Hill became CEO. Does this seem like a lot of buying and selling? It is. But it also isn't. If you look at what Symantec has done, they have a lot of things they can sell customers for various needs in the information security space. At times, they've felt like a holding company. But ever since the Norton acquisition, they've had very specific moves that continue to solidify them as one of the top security vendors in the space. Their sales teams don't spend six days a week on the road and go to six customers a day, but they have a sales machine. And the've managed to leverage that to get inside what we call the buying tornado of many emergent technologies and then sell the company before the tornado ends. They still have Norton, of course. Even though practically every other product in the portfolio has come and gone over the years. What does all of this mean? The Broadcom acquisition of the enterprise security division maybe tells us that Symantec is about to leverage that $10+ billion dollars to buy more software companies. And sell more companies after a little integration and incubation, then getting out of it before the ocean gets too red, the tech too stale, or before Microsoft sherlocks them. Because that's what they do. And they do it profitably every single time. We often think of how an acquiring company gets a new product - but next time you see a company buying another one, think about this: that company probably had multiple offers. What did the team at the company being acquired get out of this deal? And we'll work on that in the next episode, when we explore the history of Broadcom. Thank you for sticking with us through this episode of the History of Computing Podcast and have a great day!

Dark Rhino Security Podcast
Ep. 5 - Data Loss Prevention

Dark Rhino Security Podcast

Play Episode Listen Later Apr 2, 2019 36:57


In this episode, members of the Dark Rhino Security team discuss data loss prevention and how it can affect an organization taking it on.

Google Cloud Platform Podcast
Sourcegraph with Quinn Slack

Google Cloud Platform Podcast

Play Episode Listen Later Sep 20, 2017 32:56


Sourcegraph provides navigation tools for source code, and it's powered by Go and Google Cloud Platform. Quinn Slack, CEO and co-founder, joins your co-hosts Francesc and Mark to discuss how they built their features on top of our infrastructure. About Quinn Slack Quinn Slack is CEO and co-founder of Sourcegraph, code intelligence software that lets software teams ship better and faster. Prior to Sourcegraph, Quinn co-founded Blend, an enterprise technology company with over 150 employees dedicated to improving home lending. His long-term goal is to build the products and infrastructure to support the future world where billions of people have coding fluency (just as billions of people today can read and write). Cool things of the week Introducing managed SSL for Google App Engine announcement With Forseti, Spotify and Google release GCP security tools to open source community announcement Global Kubernetes in 3 Steps on GCP medium by Christopher Grant Interview Sourcegraph Sourcegraph source code GitHub Google Container Engine Helm GitHub GCPPodcast #50 Helm with Michelle Noorali and Matthew Butcher sourcegraph.com Question of the week How can I automatically redact Personally Identifiable Information (PII) or other sensitive information? Data Loss Prevention API docs Demo of Data Loss Prevention at Cloud Summit Sydney YouTube Where can you find us next? Francesc will be presenting at Google Cloud Summit in Chicago next week. In October, he'll be presenting at Velocity London, Google Cloud Summit Paris and Devfest Nantes Mark is attending Strangeloop in September. He is also heading to Australia in October for GDG Devfest Melbourne and Game Connect Asia Pacific and will be hanging out at Unite Melbourne and PAX Australia.

Office 365 Update Series (HD) - Channel 9
Office 365 Update: February 2017

Office 365 Update Series (HD) - Channel 9

Play Episode Listen Later Feb 2, 2017 10:10


Jim Naroski covers recent enhancements to Office 365, Microsoft's cloud-based productivity solution for the modern workplace. The course transcript, complete with all links mentioned, is available at https://aka.ms/o365update-transcripts.Here are the topics covered in the February Update:iTunes & RSS Availability [00:59]Viewer Feedback [01:33]OneDrive Updates [02:07]LinkedIn Learning Courses [03:11]Microsoft StaffHub [03:57]Free Stock Photos [05:41]Office.com Homepage [07:18]Data Loss Prevention [08:31]gsq3nzvc

Office 365 Update Series (Audio) - Channel 9
Office 365 Update: February 2017

Office 365 Update Series (Audio) - Channel 9

Play Episode Listen Later Feb 2, 2017 10:10


Jim Naroski covers recent enhancements to Office 365, Microsoft's cloud-based productivity solution for the modern workplace. The course transcript, complete with all links mentioned, is available at https://aka.ms/o365update-transcripts.Here are the topics covered in the February Update:iTunes & RSS Availability [00:59]Viewer Feedback [01:33]OneDrive Updates [02:07]LinkedIn Learning Courses [03:11]Microsoft StaffHub [03:57]Free Stock Photos [05:41]Office.com Homepage [07:18]Data Loss Prevention [08:31]gsq3nzvc

ITS Partner's Video Podcast
Symantec Data Loss Prevention 14.5 Form Recognition

ITS Partner's Video Podcast

Play Episode Listen Later Sep 16, 2016 14:02


In this quick demo, Pat McPherson of ITS Partners, shows how Data Loss Prevention Form Recognition allows organizations to detect sensitive information that is contained on forms in a variety of image formats. Learn more at: https://www.itsdelivers.com/solutions/it-risk-management/

ITS Partner's Video Podcast
Using Symantec Data Loss Prevention To Block A Specific Email Address or Domain.

ITS Partner's Video Podcast

Play Episode Listen Later Jun 2, 2015 10:36


"Is it possible to block content to a specific email address or a domain with Symantec DLP?" was a question recently asked of us by a customer and this video demonstrates how to accomplish this task. In this video we will create a policy to track emails to a specific external user and then create an Email Prevent Response Rule to block email to our external user.

Security Current podcast - for IT security, networking, risk, compliance and privacy professionals

Data Loss Prevention (DLP) solutions help keep private data private. Using various rules based on certain policies, sensitive information can be prevented from being exfiltrated. But CISOs are walking a fine line. They must be careful not to inhibit user and business processes lest there be dire business consequences. securitycurrent's Vic Wheatman speaks with ex-Gartner analyst Eric Ouellet, who is now Vice President of Strategy at Bay Dynamics, about how DLP actually works and where it can be used.

ITS Partner's Video Podcast
Who Really Owns Your Organization's Data? Symantec Insight and DLP.

ITS Partner's Video Podcast

Play Episode Listen Later Sep 10, 2014 39:53


The explosion of data since 2008 has produced a new challenge for IT personnel who understand the value of data and the importance of empowering the team with the right information about that data in order to determine how to govern it. Let us bring “insight” as to who is really the owner of critical data in your organization. ITS would like to work with you to understand Symantec's Data Insight, a product that integrates with Symantec's Data Loss Prevention, discovering and collecting activity and permissions information about your data. Data Insight solves the problem of identifying data owners through usage patterns and behavioral tracking. Join us as we delve into the Data Insight console and demonstrate some of the capabilities of this solution, including: ~ Track any file reads, writes, or deletes by Active Directory user name~ Track any usage on a per-file basis on any File ShareIdentify which user is a Data Owner, as opposed to simply a data creator.~ Assign custodians to clean up or archive unused stale data that is simply taking up valuable space~ Integrate with Data Loss Prevention to identify data owners on files violating DLP policies~ Identify openly-accessible File Shares which are not properly protecting potentially critical data Join us in discovering what you might not even know you needed to know about your data! learn more at itsdelivers.com

ITS Partner's Video Podcast
Symantec Data Loss Prevention- Triggering Endpoint Response Rules

ITS Partner's Video Podcast

Play Episode Listen Later May 22, 2014 15:39


There's many ways for confidential data to be lost on your endpoints. Whether a malicious user gains access to a database of social security numbers, or your employees simply want to take their work home for the long holiday weekend, it's relatively easy for users to leak confidential data. Check out this demonstration on  Symantec Data Loss Prevention to discover how DLP can monitor and even block data loss on your endpoints.

Banking Information Security Podcast
Data Loss Prevention Case Study: The Challenges Facing Financial Institutions

Banking Information Security Podcast

Play Episode Listen Later Mar 24, 2010


Symantec: A Connected Social Media Showcase
Symantec Data Loss Prevention 9.0

Symantec: A Connected Social Media Showcase

Play Episode Listen Later Oct 7, 2008


In this podcast, Vice President for Data Loss Prevention solutions, Michael Wolfe, provides an update on why companies are concerned with data loss and how Symantec Data Loss Prevention 9.0 addresses their concerns. For more information, visit: www.symantec.com

Banking Information Security Podcast
Data Loss Prevention Strategies for Institutions of All Sizes

Banking Information Security Podcast

Play Episode Listen Later Apr 30, 2008


Verizon Business – Connected Social Media
Verizon Business Discusses its Industry-Leading Approach to Data Protection and Data Loss Prevention

Verizon Business – Connected Social Media

Play Episode Listen Later Apr 8, 2008


In this podcast, we hear from Bart Vansevenant, director of strategy for Verizon Business Security Solutions. Mr. Vansevenant highlights Verizon Business’s announcement of a new suite of services that help large businesses and government agencies protect data and prevent data loss within the extended enterprise. He talks about why data loss is such a hot […]