The Southern California DLP User Group met on Wednesday, October 13 at the Symantec office in Culver City. We had an excellent meeting with good participation and interaction from all attendees.
Ben Rohrs, Symantec Product Manager, discussed Roadmap, Data Insight, and product integration. The slides that Ben is able to share with the Group (not able to share roadmap slides) are included with this post.
We also formally organized our Advisory Board Leadership as follows:
Our next User Group meeting will be on Wednesday, February 2 so mark your calendar now! If you have any suggestions or requests for topics to discuss, please post your comments below or contact a member of the Advisory Board.
If you have any questions about the Symantec User Group program, read this document or contact the User Group Program Manager.
Special thanks to Ben Rohrs, Ted Bubnack, Bruce Lennon and all the attendees especially those who volunteered to serve on the Advisory Board. See everyone in February!
Hi all,
I think we all understand that there are issues with sharing information outside the organization, especially related to information protection. But I do believe that sharing this information would help us understand each others issues and probably assist us in resolving some of these issues. We can probably come to a middle ground where we share only limited information so as to not compromise security.
I also like Jon's idea on having a non-disclosure agreement even though I am not sure if my organization would allow me to sign and share information. But I think we should try it. If Symantec has something we can use, we should send it out to everyone ahead of time as we will have to run it by our legal team.
Regards,
Sridhar
Of course we cannot but respect that position regarding share your DLP setup and process. Obviously there are different levels of concern that we each if us work with depending on our Industry and internal requirements.
I was wondering about that just generally during the meeting. Perhaps we could execute a non-disclosure agreement for participants. We have a Healthcare Security Roundtable where such a statement is signed in turn by everyone at the meeting, each meeting.
Maybe Symantec has a pro forma statement we can send ahead to everyone coming. I can see about the one we use and share it here also. Maybe that will address the concern.
I was also asked to provide a high-level of our VONTU implementation. I have not put it together for a "blessing" yet, but I may run into a similar management response. Hopefully there is some middle ground.
As to a pre-meeting list of questions ... I could see a list of topics as being that list. You could come prepared to provide what comment you could on each subject, in whatever detail you are allowed.
Jon
On the home page of the website, under "About this Group" it shows we currently have 29 members. If you click on that link, it will show you the list and you can then click on individual profiles and see the information they have included in their profile. Also, if there is someone you want to contact, you can send them an email or private message on their profile page.
Team,
Unfortunately, our management declined our request to share our DLP (Vontu) infrastructure setup and process.
Any documented material to be shared outside UB ITG (Information Technology Group) is prohibited.
I believe we can verbally share with the team our process - if someone - or collectively the team provides a list of questions we can answer in Feb 2nd 2010 meeting, (verbally and without any details.) .
Greetings All,
The meeting has been awhile ago now but my enthusiasm for a Symantec DLP, aka: VONTU, User Group still takes me away.
We just started talking about our use-case experiences. As we start diving deeper, I know that we will share valuable solutions and perspectives that will influence Corporate Policy issues as well as VONTU Policy writing and everything inbetween.
At a recent ISACA meeting here in San Diego, I spoke with others who also have VONTU deployed. I warned them that I would be after them to join us on the trek north on February 2nd, 2011. They will find out soon enough that I am Very serious.
I will have some slides to model the eDiscovery that was done recently with the help of VONTU. The way it was done seemed to make sense, but maybe there are some fresh eyes that can see a different solution.
I look forward to working with all of you in growing this user group. I can already see the value in the time we have to take from everything else. That time is an investment in DLP and needs to be planned as essential support activity.
Best Regards,
Jonathan Stewart, MS/CIS MCSE SSCP Information Security Auditor Scripps Health - Audit & Compliance Services 858.678.6003 Stewart.Jonathan@ScrippsHealth.org
Thanks for posting. Is there a membership roster available?