Protecting data-at-rest, data-in-transit and data-in-use in large information intensive enterprises is a daunting challenge from technological as well as financial perspectives.
In this presentation, Eric Leighninger, chief security architect for Allstate Insurance Company, shows how his company is attacking this problem in general and in particular with regard to data-at-rest on mobile devices and removable media. In this role he is responsible for creating and articulating the information security architectural vision, communicating that vision to the enterprise, creating security architecture models and roadmaps, recommending security technology options and validating information security architectures against enterprise requirements.
Attacking the data-at-rest protection problem requires a combination of encryption and compensating control mechanisms such as data obfuscation, filtering and masking. Allstate, like many comparable companies, has developed a data encryption strategy that takes into account the sensitivity and value of the data itself, the context in which it is used and the associated risk of compromise. In the context of mobile devices such as laptop computers and USB storage media, local data encryption is an effective tool for protecting corporate data on mobile media that is inadvertently lost or intentionally stolen or maliciously attacked. Download this presentation for a solid understanding of Allstate's Local Data Protection Project that dealt with laptop and media encryption with an emphasis on:
- A description of the problem to be solved and its relationship to the larger set of enterprise data protection considerations
- Technical and procedural challenges and issues that arose
- An overview of the project, implementation and support issues that arose during test and deployment of the encryption solution
- Lessons learned
This was first published in July 2008