Presentation is loading. Please wait.

Presentation is loading. Please wait.

Workplace Security threats and countermeasures Fujitsu Siemens Computers Yiannis Koukoutsis October 2007.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Workplace Security threats and countermeasures Fujitsu Siemens Computers Yiannis Koukoutsis October 2007."— Presentation transcript:

1 Workplace Security threats and countermeasures Fujitsu Siemens Computers Yiannis Koukoutsis October 2007

2 © Fujitsu Siemens Computers 2007 All rights reserved 2 Agenda Security Risks Security Areas Product Portfolio Security Technologies Manageability Summary

3 © Fujitsu Siemens Computers 2007 All rights reserved 3 Security Risks Security Areas Product Portfolio Security Technologies Manageability Summary

4 © Fujitsu Siemens Computers 2007 All rights reserved 4 Security risks Growing usage of mobile devices requires a higher security level More and more devices get lost, broken or even stolen Malicious software deletes, modifies and accesses your data Unauthorized persons try to eavesdrop your data locally and over the net

5 © Fujitsu Siemens Computers 2007 All rights reserved 5 on the move Hotspot Branch / Home Office IT Scenarios Corporate Network Public Networks (PSTN, Internet, 3G) Application servers Database server Web servers Email servers Campus Users Wi-Fi 3G

6 © Fujitsu Siemens Computers 2007 All rights reserved 6 an average of 81 viruses are discovered per company per year (IDC) 70% of German companies are affected by the misuse of user rights (Meta Group) rising costs through loss of working hours and IT personnel in average a 6-month budget for marketing is needed to repair damages of company image Lead to Downtimes Loss of Data Insolvencies Affect Stock value Customer loyalty Financial strength Weaknesses in information security

7 © Fujitsu Siemens Computers 2007 All rights reserved 7 What is IT Security? Confidentiality (privacy)  No information access without authorization Integrity  No alteration of information without authorization Availability  Ensure access to information for authorized users when required  Prevent Denial of Service Data and services Availability Confidentiality Integrity CIA triangle

8 © Fujitsu Siemens Computers 2007 All rights reserved 8 Security Cycle Risk analysis of business processes Security analysis of application systems Security policy (objectives, responsibility, focal points) Security roadmap (costs, benefits, financing) Residual-risk management (emergency handling) implementation administration monitoring reviews Training Awareness Know-How Transfer

9 © Fujitsu Siemens Computers 2007 All rights reserved 9 Underlying principles going forward Security is not binary Security must support the business Security is an everyday job Security and operations are now tightly integrated Security is multifaceted Policy, response, and measurement are key Enforcement is fast becoming an operational task

10 © Fujitsu Siemens Computers 2007 All rights reserved 10 Security Areas Security Risks Security Areas Product Portfolio Security Technologies Manageability Summary

11 © Fujitsu Siemens Computers 2007 All rights reserved 11 IT Security Components Accountability Authentication Confidentiality Access control Firewall Digital signature Public Key Infrastructure Encryption VPN Trusted Operating System Intrusion Detection System Virus protection S/Mime, http-s IPSec, SSL Single Sign On SmartCards, Token USB

12 © Fujitsu Siemens Computers 2007 All rights reserved 12 Strategic Security Areas Implementation & Operation Network Security WLAN Security Security assessment Patch management PKI Interfaces WEB content filtering Spam filtering Intrusion detection VPN Firewall Security Policy Consulting Services PKI Physical Security Theft protection System Intrusion Detection User Security SmartCard Fingerprint OS Logon Single-Sign-On System Security Anti-Virus BIOS Virus Protection Enable/Disable PnP devices Pre-Boot HDD Password Data Encryption TPM support Anti Spam Personal Firewall Advanced Security Basic Security

13 © Fujitsu Siemens Computers 2007 All rights reserved 13 Theft protection  Kensington MicroSaver  Kensington PocketSaver  Housing Lock and Seal Option for deskbound PC System Intrusion Detection  Intrusion Detection Switch (in combination with DeskView) Physical Security Products Physical Security Theft protection System Intrusion Detection

14 © Fujitsu Siemens Computers 2007 All rights reserved 14 System Security Products BIOS Virus Protection BIOS Pre-Boot Supervisor and User Password BIOS Pre-Boot Systemlock smart card based BIOS and system access BIOS Pre-Boot HDD Password TPM support Data Encryption  TPM based Microsoft Bitlocker  TPM based container encryption (SecureDrive)  Email Encryption with TPM or SmartCard System Security Anti-Virus BIOS Virus Protection Enable/Disable PnP devices Pre-Boot HDD Password Data Encryption TPM support Anti Spam Personal Firewall

15 © Fujitsu Siemens Computers 2007 All rights reserved 15 Is your logon safe?

16 © Fujitsu Siemens Computers 2007 All rights reserved 16 User Security Products User Security SmartCard Fingerprint OS Logon System Access SmartCard  SmartCase TM SmartCard reader/writer built-in  SmartCase TM SmartCard reader/writer external via USB, Cardholder, PC Card or Express Card  SmartCase TM SmartCard SmartCase Token USB  USB smart card reader and smart card as a single device Fingerprint  Biometric fingerprint recognition in dedicated systems  SmartCase Fingerprint USB as external solution SmartCard/Fingerprint based Operating System Logon (SmartCase TM Logon+) Single-Sign-On  Easy-Sign-On to Web application Single-Sign-On

17 © Fujitsu Siemens Computers 2007 All rights reserved 17 Product Portfolio Security Risks Security Areas Product Portfolio Security Technologies Manageability Summary

18 © Fujitsu Siemens Computers 2007 All rights reserved 18 Security Keyboards - more than just a input device FunctionFeatureBenefits USB security Keyboard with integrated SmartCard reader/writer SmartCase ™ KB SCR Pro Secure access control with SmartCase ™ Logon+ security application SystemLock support (BIOS Pre-Boot protection) Secure PIN-Entry (Class 2 Reader) Digital signature compliant according to Common Criteria EAL3+ HBCI compliant MKT 1.0 trusted product certified for German health insurance cards (KBV) Use SmartCards for Data encryption PKI Electronic payment Healthcare solutions Digital signatures Secure network and Operating System Logon

19 © Fujitsu Siemens Computers 2007 All rights reserved 19 SmartCard readers/writers High-Level security functions FunctionFeatureBenefits SmartCase ™ SCR (USB) External SmartCard reader/writer SmartCase ™ SCR (USB int.) Internal SmartCard reader/writer SmartCase Token USB Secure access control with SmartCase™ Logon+ security application Meets all major standards USB 2.0 Reader, class 1 Supports all established SmartCards due to PC/SC and ISO 7816/1-4 compliance Use SmartCards for Data encryption PKI Electronic payment Healthcare solutions Digital signatures Secure network and Operating System Logon

20 © Fujitsu Siemens Computers 2007 All rights reserved 20 SmartCard readers/writers High-Level security functions FunctionFeatureBenefits SmartCase TM Cardholder (PC Card) for systems with integrated SmartCard chipset SmartCase TM SCR (PC Card) SmartCase TM SCR Express Card Secure access control with SmartCase™ Logon+ security application Meets all major standards PC Card, class 1 Supports all established SmartCards due to PC/SC and ISO 7816/1-4 compliance Use SmartCards for Data encryption PKI Electronic payment Healthcare solutions Digital signatures Secure network and Operating System Logon

21 © Fujitsu Siemens Computers 2007 All rights reserved 21 SmartCase™ Logon+ Secure and comfortable authentication FunctionFeatureBenefits SmartCase™ Logon+  Secure operating system Logon  Single-Sign-On / Password Management SmartCard / fingerprint support Operating System Logon Single-Sign-On to Microsoft Windows, web pages, Password management SecureDrive Container encryption No unauthorized access to your system Reduced helpdesk calls in terms of lost password Easy-Sign-On for all business relevant applications and Websites

22 © Fujitsu Siemens Computers 2007 All rights reserved 22 Security Technologies Security Risks Security Areas Product Portfolio Security Technologies Manageability Summary

23 © Fujitsu Siemens Computers 2007 All rights reserved 23 Fingerprint Easy-to-use security functions FunctionFeatureBenefits Integrated fingerprint sensor Powerful access control mechanism with SmartCase™ Logon+ security application Fingerprint template can be stored to smart card No unauthorized access to your system Reduced helpdesk calls in terms of lost password Easy-Sign-On for all business relevant applications and Websites

24 © Fujitsu Siemens Computers 2007 All rights reserved 24 SmartCard FunctionFeatureBenefits SmartCase™ SmartCard compliant with ISO 7816 (parts 3, 4, 5, 8, and 9). Protection against all known security attacks Efficient Crypto Coprocessor for secure cryptographic functions and key generation for strong encryption of data and files Supports PC/SC / PKCS#11 / CSP and CT-API ISO 7816-compatible commands for the applications Safe and secure storage of passwords and logon names Encryption and digital signatures for e-mail programs and web- browsers Easy Operating System logon/logoff

25 © Fujitsu Siemens Computers 2007 All rights reserved 25 Trusted Platform Module FunctionFeatureBenefits Built-in module to enhance the security level on your system and in your network Full 3rd party application support based on industry leading security interfaces (PKCS#11 and MS-CAPI) TPM Cryptographic Service Provider (CSP) Data Encryption with TPM and Microsoft Encrypted File System, Bitlocker Encryption and digital signatures for e-mail programs and web- browsers

26 © Fujitsu Siemens Computers 2007 All rights reserved 26 SmartCase TM Logon+ SmartCase Logon+ OS Logon SmartCase Logon+ Single Sign-On User Authentication Automatic authentication to websites and / or

27 © Fujitsu Siemens Computers 2007 All rights reserved 27 Manageability Security Risks Security Areas Product Portfolio Security Technologies Manageability Summary

28 © Fujitsu Siemens Computers 2007 All rights reserved 28 Manageability and Security link the Business client product portfolio Displays, Keyboards, Software Business Clients SecurityManageability Secure products for business clientsMost efficient client management with DeskView Pocket LOOX LIFEBOOK / CELSIUS notebook AMILO Pro STYLISTIC FUTRO CELSIUS ESPRIMO SCENIC

29 © Fujitsu Siemens Computers 2007 All rights reserved 29 Summary Security Risks Security Areas Product Portfolio Security Technologies Manageability Summary

30 © Fujitsu Siemens Computers 2007 All rights reserved 30 Security threats and countermeasures Services OS Data Device BIOS Network Modify, delete Modify, delete, overload Read, modify, delete Damage, intrusion, theft Read, modify, delete Intrude, eavesdrop, overload, paralyze People Unauthorized use, Social engineering Malicious code Virus, worm, Trojan, logic or time bomb, root kit, backdoor, spy-ware, ad-ware, spam, hoax, phishing Sniffing Man in the middle, key logger Denial of service Physical protection Mechanical features, alerts Access protection for data and applications Authentication, encryption Detection and removal of abnormalities Anti-virus, RKD, firewall, Intrusion detection / prevention, web and content filtering Backup and recovery Patch management Out of scope: Accidental Threats ( Environmental Force, Technical Failure, Human Error) BIOS security functions Client security solutions by

31 © Fujitsu Siemens Computers 2007 All rights reserved 31 Backup and recovery Scheduled and automatic backup Local backup to (hidden) partition or backup medium  Data recovery anywhere and anytime, without being connected  Evade bandwidth bottlenecks (remote and disconnected users) Network backup  Minimize network traffic by efficient and intelligent compression methods  Minimize required network bandwidth  No extra storage media Single keystroke recovery (rollback to a known good state)  Minimize downtime, increase user productivity and satisfaction  Reduce help desk cost and free resources for other tasks Examples  Windows Backup and Restore Center  Altiris Recovery Solution in a DeskView environment

32 © Fujitsu Siemens Computers 2007 All rights reserved 32 Security from Fujitsu Siemens Computers Why? We guarantee the implementation and integration of standard technologies based on the best hardware platform. Our client security products and solutions are easy to integrate in existing IT infrastructures. We provide direct Technical Support by in-house research & development. We offer end-to-end solutions in cooperation with strong strategic partners.

Download ppt "Workplace Security threats and countermeasures Fujitsu Siemens Computers Yiannis Koukoutsis October 2007."

Similar presentations

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.
This document is the intellectual property of Acer Inc. and may not be used, reproduced, modified, or re-utilized in any way without permission by Acer.

This document is the intellectual property of Acer Inc. and may not be used, reproduced, modified, or re-utilized in any way without permission by Acer.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
Mr C Johnston ICT Teacher

Mr C Johnston ICT Teacher
Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.

Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.

Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility. Simplify authentication.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility. Simplify authentication.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Security Controls – What Works

Security Controls – What Works
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.

Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
©2010 FUJITSU TECHNOLOGY SOLUTIONS Product Values Notebooks.

©2010 FUJITSU TECHNOLOGY SOLUTIONS Product Values Notebooks.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
FIT3105 Security and Identity Management Lecture 1.

FIT3105 Security and Identity Management Lecture 1.
Security and Policy Enforcement Mark Gibson Dave Northey

Security and Policy Enforcement Mark Gibson Dave Northey
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Smart Card Deployment David Gautrey IT Manager – Microsoft New Zealaand Microsoft Corporation.

Smart Card Deployment David Gautrey IT Manager – Microsoft New Zealaand Microsoft Corporation.

Similar presentations

Ads by Google