Educause Security Discussion mailing list archives
Re: Symantec DLP vs Identity Finder
From: Velislav K Pavlov <VelislavPavlov () FERRIS EDU>
Date: Wed, 29 Mar 2017 18:25:40 +0000
The network component can connect to any SMB share with provided account, discover, classify, and quarantine/remediate information based on specified criteria. For the endpoint, there is a Windows and MacOS agent, but we are not at that stage where we can provide valuable feedback. We decided to start with the ITS managed servers first, setup network discover scans, define policies, rules for scanning, schedules, and make sure we have the foundation. The network discover for servers goes through awareness, notification, then remediation which take time. We figured we can use the time the operational sides work on remediation to focus my team’s time on the agent testing. Vel Pavlov | Coordinator, IT Security M.Sc. ISM, CISSP, C|HFI, C|EH, C)PTE, Security+, CNA, MPCS, ITILv3F, A+ From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Brad Judy Sent: Monday, March 27, 2017 5:41 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Symantec DLP vs Identity Finder This message is from a mail system outside of Office 365 Did they ever release full Mac functionality for their DLP related components? That used to be one of the short-comings, but I haven’t looked at it in a long time. Brad Judy Information Security Officer Office of Information Security University of Colorado 1800 Grant Street, Suite 300 Denver, CO 80203 Office: (303) 860-4293 Fax: (303) 860-4302 www.cu.edu<http://www.cu.edu/> [u-logo_fl] From: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> on behalf of Velislav K Pavlov <VelislavPavlov () FERRIS EDU<mailto:VelislavPavlov () FERRIS EDU>> Reply-To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> Date: Monday, March 27, 2017 at 3:27 PM To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> Subject: Re: [SECURITY] Symantec DLP vs Identity Finder SymEd bundle: endpoint, MDM, email gateway, DLP enforcer (network scan, endpoint), and DLP DataInsight. Based on number of full-time staff. The DLP is content and context based. Can scan anything with Creds and share. It can be used for incident response to determine impact based on affected data for servers and endpoints. DataInsight is a nice compliment to tell who, what, when, where related to files and folders on share it's set up with. Bazooka of a solution but it can do everything we needed it to so far. Vel Pavlov | IT Security Coordinator M.Sc. ISM, CISSP, C|HFI, C|EH, C)PTE, Security+, CNA, MPCS, ITILv3F, Sec+,A+ On Mar 27, 2017, at 4:18 PM, Gramke, Jim <JGramke () CSBSJU EDU<mailto:JGramke () CSBSJU EDU>> wrote: This message is from a mail system outside of Office 365 Hi All, We have been thinking about doing something like Identity Finder to locate and help remediate our sensitive data stored all about. A couple of Educause Security conferences ago, I recall a few people mentioning that Symantec had a product that did similar things, and could be part of some sort of educational bundle offered by Symantec, and thus more reasonably priced. Is anybody using Symantec to do their sensitive data discovery? If so, is it part of a bundle, and if so, what is that bundle called? And finally, how do you like it? Thanks, Jim Gramke College of St. Benedict, St. John’s University csbsju.edu<http://csbsju.edu>
Current thread:
- Symantec DLP vs Identity Finder Gramke, Jim (Mar 27)
- Re: Symantec DLP vs Identity Finder Velislav K Pavlov (Mar 27)
- Re: Symantec DLP vs Identity Finder Brad Judy (Mar 27)
- Re: Symantec DLP vs Identity Finder David D Grisham (Mar 27)
- Re: Symantec DLP vs Identity Finder Velislav K Pavlov (Mar 29)
- Re: Symantec DLP vs Identity Finder Brad Judy (Mar 27)
- Re: Symantec DLP vs Identity Finder Velislav K Pavlov (Mar 27)