Presentation is loading. Please wait.

Presentation is loading. Please wait.

Data on the Edge: Protecting Your Vital Information Raivis Kalnins Technical headTechnology Baltics Ltd Value Added Distributor Stallion Autumn.

Published byMaria Zoe Dean Modified over 9 years ago

Similar presentations

Presentation on theme: "Data on the Edge: Protecting Your Vital Information Raivis Kalnins Technical headTechnology Baltics Ltd Value Added Distributor Stallion Autumn."— Presentation transcript:

1 Data on the Edge: Protecting Your Vital Information Raivis Kalnins Technical consultant @ headTechnology Baltics Ltd Value Added Distributor Stallion Autumn Seminar, 11th November 2009 in Tallinn

2 Lumension Business card

3 Awards & Certifications Leading global security management company, providing unified protection and control of all enterprise endpoints.  Ranked #14 on Inc. 500 list of fast growing companies  Ranked #1 for Patch and Remediation for 4 consecutive years  Ranked #1 Application and Device Control  Over 5,100 customers and 15 million nodes deployed worldwide Award-Winning, Industry Recognized and Certified

4 Industries and sectors Miscellaneous Charities Legal Services Manufacturing Dolphin Drilling Health Care Transportation/Utilities Media Education Bishop’s Stortford College Financial Government/ Military

5 Global partners

6 Data Theft - A complex task?

7 Data Theft – A complex task?

8 Incident sources Inside - Accidental Stolen Documents Inside -Unknown Lost Tape

9 Data Theft by Company Insider for Financial Gain Boeing Employee Charged With Stealing 320,000 Sensitive Files July 11, 2007 A disgruntled Boeing employee was charged Tuesday with 16 counts of computer trespass for allegedly stealing more than 320,000 company files over the course of more than two years and leaking them to The Seattle Times. Boeing estimated that if only a portion of the stolen documents were given to competitors, it could cost the company between $5-$15 billion. The employee used his "unfettered access to Boeing systems" to download large amounts of data from information stores he had no legitimate reason for accessing. He allegedly transferred the information to a thumb drive and then removed it from company property.

10 Data Theft – A complex task? 1. None of the incidents required special knowledge 2. All of the incidents related to endpoints

11 Incident sources (source: datalossdb.org) Stolen / lost records in 2007Stolen / lost records in 2008

12 Lost / stolen devices in the last 4 years (Source: datalossdb.org) N. of Records on Lost / Stolen Devices Lost / Stolen Devices

13 Social Engineering the USB way Security Audit at a credit union (Source: http://www.darkreading.com ) Step 1 Prepare 20 USB drives with a trojan horse that gathers critical data (such as user account information) from the PC it is connected to and sends it by email Step 2 Drop these USB drives within the accomodations of the company Step 3 Wait 3 days... Result 15 out of 20 drives have been used by employees, critical data from their PC‘s has been exposed

14 Lumension Brands AntiVirus

15 Lumension Device Control

16 Product Operation – Device Control Directory Service Users User Groups Identify Devices Identify Devices Specific Brand / Type Predefined Classes Unique Device Devices CD / DVD ROMS MODEMS REMOVABLE MEDIA USB PRINTERS etc... Assign Access Attributes Assign Access Attributes Create Whitelist Create Whitelist

17 How Device Control works UserKernel DriverDevice White List Known Device Check Device Policies Device Access Request Known Device? Users, Groups, Machines, Device Classes and Access Attributes Users, Groups, Machines, Device Classes and Access Attributes Authorization? Device Access

18 How Device Control works UserKernel DriverDevice White List Known Device Check Device Policies Device Access Request Known Device? Users, Groups, Machines, Device Classes and Access Attributes Users, Groups, Machines, Device Classes and Access Attributes Authorization? No Access

19 How Device Control works UserKernel DriverDevice White List Known Device Check Device Policies Device Access Request Known Device? Users, Groups, Machines, Device Classes and Access Attributes Users, Groups, Machines, Device Classes and Access Attributes No Access

20 Implementing Device Control Requirement Gathering Security Requirements Operational Implications Sales Use Memory KeysOnly with encryption Audit of copied data Standard rule for sales to use memory keys with decentralized encryption and shadowing Wireless NetworkOnly outside corporate network Offline rule for notebooks with wireless cards Marketing Usage of digital cameras Only during business hours No misuse as data storage Time-based rule for digital camera usage, with filter on image data (JPG, GIF, BMP) Usage of CD‘s / DVD‘s Only specific mediaExplicit assignment of specific media

21 Implementing Device Control Requirement Gathering Security Requirements Operational Implications Front Desk Badge printingDeny usage of any other device Machine-based „Lockdown“, standard rule for local printer Support Dept. Usage of customer devices Prevent data loss (custromer data / internal data) Standard rule for Read Only-access to customer devices Production server Maximum stabilityDeny any device usage Machine-based „Lockdown“

22 1) Administrator creates encryption rule 2) User plugs in memory key Encryption with Device Control 3) Transparent encryption on corporate computers 4) Volume Browser tool on stick for 3rd party computers

23 Patented Shadowing with Device Control Configured with a few clicks… Detailed central reporting Direct file access

24 Access Attributes Read and / or Write Scheduled Access From 08:00h to 18:00h Monday to Friday Temporary Access For the next 15 minutes Starting next Monday, for 2 days Online / Offline Assign permissions when no network connection is present, all device classes supported Quota Management Limit copied data to 100 MB / day Encryption enforcement Access is granted only if medium has been encrypted (decentralized encryption) with password recovery option File Type Filtering Limit the access to specific file types

25 Attributes can be allocated to... A complete device class All USB Printers A device sub class USB printer HP 7575, CD/DVD Nec 3520A A unique device based on Encryption serial number Specific CD‘s / DVD‘s Specific Bus (USB, IrDa, Firewire...) Groups of devices

26 Security Features Kernel Driver Invisible (no task manager process) Fast (no performance loss) Compatible (no conflict with other software) Encryption of devices with AES AES 256 = market standard Fast and transparent within the network Strong password enforcement for usage outside the corporate network Client / Server Traffic Private/Public key mechanism Impossible to tamper with Easily generated and deployed

27 Security Features Client Hardening Even a local administrator cannot uninstall the client Prevention from Keyloggers Removable Media Encryption Assign any removable media to any user and then encrypt the media. Encrypted device is accessible only by the user who owns the access rights on the removable media Offline Protection Local copy of the latest devices access permission list stored on the disconnected workstation or laptop

28 Auditing & Logging User Actions Logging Read Denied / Write denied Device entered / Medium inserted Open API for 3rd party reporting tools Shadowing of all copied data Level 1: shows File Name and attributes of copied data Level 2: Captures and retains full copy of data written to extenal device or read from such a device Administrator Auditing Keeps track of all policy changes made by SDC admins

29 Lumension Device Control  Enables only authorized removable (peripheral) devices to connect to network, laptop, thin client, laptop and desktop  Reduces risk of data theft, data leakage and malware introduction via unauthorized removable media  Assures and proves compliance with the landslide of regulations governing privacy and accountability

30 DEMO

31 Thank You

Download ppt "Data on the Edge: Protecting Your Vital Information Raivis Kalnins Technical headTechnology Baltics Ltd Value Added Distributor Stallion Autumn."

Similar presentations

Computer and Mobile Device Equipment Security Brief May 29, 2008 Presented by: Kevin G. Sutton, Chief, Information Technology Unit.

Computer and Mobile Device Equipment Security Brief May 29, 2008 Presented by: Kevin G. Sutton, Chief, Information Technology Unit.
COMPREHENSIVE APPROACH TO INFORMATION SECURITY IN ADVANCED COMPANIES.

COMPREHENSIVE APPROACH TO INFORMATION SECURITY IN ADVANCED COMPANIES.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
Managed Infrastructure. 2 ©2015 EarthLink. All rights reserved. IT resources are under pressure… is it time to rethink the IT staffing model? Sources:

Managed Infrastructure. 2 ©2015 EarthLink. All rights reserved. IT resources are under pressure… is it time to rethink the IT staffing model? Sources:
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.

Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.
Building on the Foundation of Windows Vista: Introduction to Windows 7: Security and Management Dan Stolts IT Pro Evangelist Microsoft

Building on the Foundation of Windows Vista: Introduction to Windows 7: Security and Management Dan Stolts IT Pro Evangelist Microsoft
PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”

PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
DICOM INTERNATIONAL DICOM INTERNATIONAL CONFERENCE & SEMINAR April 8-10, 2008 Chengdu, China DICOM Security Eric Pan Agfa HealthCare.

DICOM INTERNATIONAL DICOM INTERNATIONAL CONFERENCE & SEMINAR April 8-10, 2008 Chengdu, China DICOM Security Eric Pan Agfa HealthCare.
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.

Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Policies.

CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Policies.
Sophos / Utimaco Data Loss Prevention Peter Szendröi, SOPHOS Nordics Jan 20, 2010.

Sophos / Utimaco Data Loss Prevention Peter Szendröi, SOPHOS Nordics Jan 20, 2010.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.

1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.

Similar presentations

Ads by Google