Presentation is loading. Please wait.

Presentation is loading. Please wait.

Defending Laptops with MinUWet By Erick Engelke. Laptops and our future? laptops now outsell desktops laptops now outsell desktops we expect continued.

Published byElwin Bell Modified over 8 years ago

Similar presentations

Presentation on theme: "Defending Laptops with MinUWet By Erick Engelke. Laptops and our future? laptops now outsell desktops laptops now outsell desktops we expect continued."— Presentation transcript:

1 Defending Laptops with MinUWet By Erick Engelke

2 Laptops and our future? laptops now outsell desktops laptops now outsell desktops we expect continued growth of laptops we expect continued growth of laptops laptops present new opportunities for learning and budgets, but also new IT staff challenges laptops present new opportunities for learning and budgets, but also new IT staff challenges laptop security issues are time-consuming for staff laptop security issues are time-consuming for staff continued laptop growth needs scalable support continued laptop growth needs scalable support

3 Solution: We need a strategy which encourages responsible client laptop management

4 Continuum of Security none - anarchy available but optional encouraged / accessible heavily enforced

5 Accessible Security? make technology simple to conceptualize though not necessarily understand make technology simple to conceptualize though not necessarily understand it becomes part of the culture it becomes part of the culture examples: examples: privacy of PIN numbers on debit cards privacy of PIN numbers on debit cards security of SSL web sites security of SSL web sites

6 How to Encourage Security Educate Educate Reward Reward

7 How to Encourage Security Educate Educate Reward Reward Remind Nag Embarrass Punish or

8 Possible Education Points 1. secure your computer Antivirus, Workstation Firewall, Updates, … Antivirus, Workstation Firewall, Updates, … 2. secure your applications MyWaterloo, SSH, Secure IMAP, VPN MyWaterloo, SSH, Secure IMAP, VPN 3. secure yourself best practices, (strong secret passwords), avoid probable malware best practices, (strong secret passwords), avoid probable malware users can conceptualize these points, but will they act?

9 MinUWet Setting minimum standards NAA detects OS at login screen NAA detects OS at login screendetects highly vulnerable OS’s must endure a scan using MinUWet (currently only MS Windows) highly vulnerable OS’s must endure a scan using MinUWet (currently only MS Windows)MinUWet Antivirus enabled and up-to-date? Freshen! Antivirus enabled and up-to-date? Freshen! OS getting patches? OS getting patches?

10 MinUWet Setting minimum standards (cont.) NAA detects OS at login screen NAA detects OS at login screendetects highly vulnerable OS’s must endure a scan using MinUWet(currently only MS Windows) highly vulnerable OS’s must endure a scan using MinUWet(currently only MS Windows) MinUWet Antivirus enabled and up-to-date? Freshen! Antivirus enabled and up-to-date? Freshen! OS getting patches? OS getting patches? HTTP always allowed, download patches HTTP always allowed, download patches pass test… get additional or “premium” network access pass test… get additional or “premium” network access

11 MinUWet Setting minimum standards (cont) other OS’s are not affected other OS’s are not affected users who do not wish to participate are granted web-only access users who do not wish to participate are granted web-only access will still do existing security scans and SNORT will still do existing security scans and SNORT complementary solutions add more security complementary solutions add more security

12 Some MinUWet Facts idea is similar to Cisco NAC and MS NAP idea is similar to Cisco NAC and MS NAP MinUWet is compatible with all existing hardware and safe with non-MS OSs. MinUWet is compatible with all existing hardware and safe with non-MS OSs. local expertise, we can adapt it local expertise, we can adapt it Cisco and MS solutions are stronger but more difficult to run and inflexible Cisco and MS solutions are stronger but more difficult to run and inflexible MinUWet doesn’t have to be hack-proof, it just has to be better than today’s mess! MinUWet doesn’t have to be hack-proof, it just has to be better than today’s mess! MinUWet - retired upon better options MinUWet - retired upon better options

13 Statistics from Two Week Engineering Trial 6486 NAA Windows sessions 6486 NAA Windows sessions 3161 or 49% of sessions ran MinUWet 3161 or 49% of sessions ran MinUWet 628 distinct users ran MinUWet 628 distinct users ran MinUWet 168 or 26% of them failed the test initially 168 or 26% of them failed the test initially 75 or 45% of those who failed later passed. 75 or 45% of those who failed later passed. this indicate users upgraded their systems this indicate users upgraded their systems zero security threats observed by IST zero security threats observed by IST

14 Campus-wide Rollout Thursday March 2 nd Thursday March 2 nd “help desks” co-ordinate information sharing “help desks” co-ordinate information sharing Friday March 3 rd – Friday March 3 rd – appears in Daily Bulletin appears in Daily Bulletin brief message appears at each wireless user login brief message appears at each wireless user login both messages point to a web site where users can learn more and test their laptops (http://minuwet.uwaterloo.ca) both messages point to a web site where users can learn more and test their laptops (http://minuwet.uwaterloo.ca)http://minuwet.uwaterloo.ca Thursday March 16 th Thursday March 16 th MinUWet goes live and enforces user security MinUWet goes live and enforces user security

15

16

17

18 Lessons Learned MinUWet has a dramatic effect on security MinUWet has a dramatic effect on security most users content with web-only access most users content with web-only access non-MinUWet clients can still be vulnerable, issued security warnings non-MinUWet clients can still be vulnerable, issued security warnings a few users ignore warnings. They are not inconvenienced enough… yet. a few users ignore warnings. They are not inconvenienced enough… yet.

19 Encouraging Compliance After Security Warnings new feature in Engineering new feature in Engineering network purgatory / “security enlightenment camp” network purgatory / “security enlightenment camp” only for users issued repeat IST security warnings only for users issued repeat IST security warnings those users must successfully complete True/False quiz on network security before wireless restored those users must successfully complete True/False quiz on network security before wireless restored self serve solution self serve solution reduce staff effort, may improve compliance. reduce staff effort, may improve compliance.

20 Future memory (using a cookie) will reduce MinUWet scans to once per week memory (using a cookie) will reduce MinUWet scans to once per week improve result text with more detailed advice improve result text with more detailed advice

21 Thank you

Download ppt "Defending Laptops with MinUWet By Erick Engelke. Laptops and our future? laptops now outsell desktops laptops now outsell desktops we expect continued."

Similar presentations

© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo for Call Center Call Center on a Stick Ceedo for Call Center Presentation.

© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo for Call Center Call Center on a Stick Ceedo for Call Center Presentation.
McAfee One Time Password

McAfee One Time Password
© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo for Citrix Optimal User Experience & Maximum IT Control Ceedo for Call.

© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo for Citrix Optimal User Experience & Maximum IT Control Ceedo for Call.
Supporting The Mobile Client: Expanding Our Borders John Guidone Manager, Desktop Technologies and Dawn E. Colonese Manager, Help Desk & Client Access.

Supporting The Mobile Client: Expanding Our Borders John Guidone Manager, Desktop Technologies and Dawn E. Colonese Manager, Help Desk & Client Access.
Chapter 1  Introduction 1 Chapter 1: Introduction.

Chapter 1  Introduction 1 Chapter 1: Introduction.
Minuwet 2.0 Aruba and More. Minuwet 1.0 Provided sanity check on wireless computers 8,370 distinct users used it in March 2008 Saved lots of IT effort.

Minuwet 2.0 Aruba and More. Minuwet 1.0 Provided sanity check on wireless computers 8,370 distinct users used it in March 2008 Saved lots of IT effort.
Extending ForeFront beyond the limit www.AGATSolutions.com TMGUAG ISAIAG AG Security Suite.

Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
Supporting A Laptop Environment Erick Engelke Faculty of Engineering University of Waterloo

Supporting A Laptop Environment Erick Engelke Faculty of Engineering University of Waterloo
A Secure Network for All Team Excel. Requirements Business Add visitor, customer, and competitor access Use non-company laptops onto corporate network.

A Secure Network for All Team Excel. Requirements Business Add visitor, customer, and competitor access Use non-company laptops onto corporate network.
Wireless.ubc.ca Balancing security and usability on the world’s largest Wi-Fi campus network Jonn Martell Wireless Project Manager, UBC Jonn@martell.ca.

Wireless.ubc.ca Balancing security and usability on the world’s largest Wi-Fi campus network Jonn Martell Wireless Project Manager, UBC
Defending Laptops with MinUWet By Erick Engelke. Laptops and our future? laptops now outsell desktops laptops now outsell desktops we expect continued.

Defending Laptops with MinUWet By Erick Engelke. Laptops and our future? laptops now outsell desktops laptops now outsell desktops we expect continued.
OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program or 415.514-3333 UCSF Campus VPN.

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program or UCSF Campus VPN.
Jonathan Wood Technical Briefing – Spring 2014. Technical Session  Release Information  SIMS Technical Roadmap  SQL 2012 Migration  SOLUS3.

Jonathan Wood Technical Briefing – Spring Technical Session  Release Information  SIMS Technical Roadmap  SQL 2012 Migration  SOLUS3.
PresentPC August 2009 Erick Engelke Engineering Computing.

PresentPC August 2009 Erick Engelke Engineering Computing.
Norman Endpoint Protection Advanced security made easy.

Norman Endpoint Protection Advanced security made easy.
1 Panda Malware Radar Discovering hidden threats Technical Product Presentation Name Date.

1 Panda Malware Radar Discovering hidden threats Technical Product Presentation Name Date.
Penn State University College Of Education Understanding College of Education Resources.

Penn State University College Of Education Understanding College of Education Resources.
Desktop Security: Worms and Viruses Brian Arkills, C&C NDC-Sysmgt.

Desktop Security: Worms and Viruses Brian Arkills, C&C NDC-Sysmgt.
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
Lawson System Foundation 9.0

Lawson System Foundation 9.0

Similar presentations

Ads by Google