MID/jpl 5/15/2015 1 © 1999 by James P. Litchko Total BS Security: Business-based Systems Security Jim Litchko (703) 528-0334 ext. 310.

Slides:



Advertisements
Similar presentations
CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.
Advertisements

Network Security Introduction Security technologies protect mission-critical networks from corruption and intrusion. Network security enables new business.
Enterprise Data Solutions A Better Network. A Better ROI. Martin Matthews Technical Sales Engineer.
Fundamentals of Information Systems, Second Edition 1 Telecommunications, the Internet, Intranets, and Extranets Chapter 4.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Chapter 12 Network Security.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Chapter 12 USING TECHNOLOGY TO ENHANCE BUSINESS PROCESSES.
1 Chapter 5 Electronic Commerce, Intranets, and Extranets Information Systems Today Leonard Jessup and Joseph Valacich.
Unit 28- Website Development Assignment 1- THEORY P3
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Public Key Infrastructure Ammar Hasayen ….
Cloud Computing How secure is it? Author: Marziyeh Arabnejad Revised/Edited: James Childress April 2014 Tandy School of Computer Science.
Virtual Private Network prepared by Rachna Agrawal Lixia Hou.
CertifiedMail Secure Messaging “Enterprise Encrypted Messaging… Hosted or In House Flexibility” Confidential – for authorized and internal distribution.
 Sols Group 2002, Corporate Presentation. COMPANY PROFILE.
©2010 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties MORE, BETTER, SIMPLER Security Oded Gonda.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
Outline  Company Profile  Services Provided  Assets  System Schema  Risk Categories  Technical Risks and Mitigation  Summary.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Securing Information Systems
Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam
1 IS 8950 Managing Network Infrastructure and Operations.
Joseph Ferracin Director IT Security Solutions Managing Security.
Internet Security for Small & Medium Business Week 6
Electronic Commerce & Marketing. What is E-Commerce? Business communications and transactions over networks and through computers, specifically –The buying.
Chapter 12 by Lisa Reeves Bertin Securing Information in a Network.
C8- Securing Information Systems
Asif Jinnah Microsoft IT – United Kingdom. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere.
© 2003 Prentice Hall, Inc.5-1 Chapter 5 Electronic Commerce, Intranets, and Extranets Information Systems Today Leonard Jessup and Joseph Valacich.
TECHNOLOGY GUIDE THREE Protecting Your Information Assets.
Fundamentals of Information Systems, Second Edition 1 Telecommunications, the Internet, Intranets, and Extranets.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Data Security Assessment and Prevention AD660 – Databases, Security, and Web Technologies Marcus Goncalves Spring 2013.
Security Considerations for Health Care Organizations Disclaimer This Presentation is provided “as is” without any express or implied warranty. This Presentation.
Data Security Overview. Data Security Periphery –Firewalls –Web Filtering –Intrusion Detection & Prevention Internal –Virus Protection –Anti Spy-ware.
"The majority of users in a typical enterprise simply want frequent, location-independent access to a few key applications, such as , calendar and.
Selling Strategies Microsoft Internet Security and Acceleration (ISA) Server 2004 Powerful Protection for Microsoft Applications.
McLean HIGHER COMPUTER NETWORKING Lesson 8 E-Commerce Explanation of ISP Description of E-commerce Description of E-sales.
CS453: Introduction to Information Security for E-Commerce Prof. Tom Horton.
Principles of Information Systems, Sixth Edition 1 The Internet, Intranets, and Extranets Chapter 7.
19 December 1998EMGnet meeting INRIA Rhône-Alpes1 An Overview of Security Issues in the Web José KAHAN OBLATT W3C/INRIA 19 December 1998.
Information Systems, Security, and e-Commerce* ACCT7320, Controllership C. Bailey *Ch in Controllership : The Work of the Managerial Accountant,
Citrix Secure Gateway v1.1 Customer Presentation Aug 2002 Customer Presentation Aug 2002.
"The majority of users in a typical enterprise simply want frequent, location-independent access to a few key applications, such as , calendar and.
Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
06/02/06 Workshop on knowledge sharing using the new WWW tools May 30 – June 2, 2006 GROUP Presentation Group 5 Group Members Ambrose Ruyooka Emmanuel.
SonicWALL SSL-VPN Series Easy Secure Remote Access Cafferata Cristiano SE Italia.
The Right Access for the Right People to the Right Applications under the Right Circumstances.
Enterprise Data Solutions A Better Network. A Better ROI. Martin Matthews Technical Sales Engineer.
Part V Electronic Commerce Security Online Security Issues Overview Managing Risk Computer Security Classifications. Security.
General Concerns on WWW Security Name: Huaying Chen ID# Instructor: Dr Mort Anvari.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Janis Buikauskis Joe Kubena Kyle Nelson Chris Schrader.
 authenticated transmission  secure tunnel over insecure public channel  host to host transmission is typical  service independent WHAT IS NEEDED?
Online Security Myths & Challenges HIGHER COLLEGES OF TECHNOLOGY Abeer Nijmeh Account Manager April 14, 2002.
Agenda Current Network Limitations New Network Requirements About Enterasys Security Branch Office Routers Overall Enterprise Requirements Proposed Solution.
UNIT 7 SEMINAR Unit 7 Chapter 9, plus Lab 13 Course Name – IT482 Network Design Instructor – David Roberts – Office Hours: Tuesday.
Secure Connected Infrastructure
If your customer has or wants… …and you can cross-sell
TECHNOLOGY GUIDE THREE
Securing the Network Perimeter with ISA 2004
Welcome To : Group 1 VC Presentation
Columbus State University
ISMS Information Security Management System
IS4680 Security Auditing for Compliance
Virtual Private Network
Online Learning.
Presentation transcript:

MID/jpl 5/15/ © 1999 by James P. Litchko Total BS Security: Business-based Systems Security Jim Litchko (703) ext. 310

MID/jpl 5/15/ © 1999 by James P. Litchko Presentation An Approach –Business and Holistic Attitudes –Ours and Theirs Solutions –Case Studies Opinions –Mine Questions –Anytime

MID/jpl 5/15/ © 1999 by James P. Litchko Typical Evolving Network Internet or other Clients Partners Corporate System

MID/jpl 5/15/ © 1999 by James P. Litchko “Secure Brick” Theory OperationsSecurity Manager ProfitLoss DemandSupply

MID/jpl 5/15/ © 1999 by James P. Litchko Approach... talk about their business What is your business? –Services and products How do you operate? –Processes for selling and providing Who does what? –Responsibilities and information flow How do you measure success? –Customer satisfaction, profit, market share, etc. What is your system’s architecture? –Components, connections, capabilities, and cultures

MID/jpl 5/15/ © 1999 by James P. Litchko Promotional Web Server Transaction System Service System Integrity Availability Confidentiality Integrity Authentication Clients Partners Confidentiality Visibility Availability Browser Impatient Security Requirements Internet or other Business/ ? Productivity 82% required no additional security products

MID/jpl 5/15/ © 1999 by James P. Litchko Attitudes and Perceptions: Sailor-on-liberty Philosophy –I want it fast, free and friendly Security only costs money –True, but.... The most secure solution has –best GUI –largest market share –relationship and trust Transparent to the user –Accept when...

MID/jpl 5/15/ © 1999 by James P. Litchko Attitudes and Perceptions: Sailor-Proof –If it is to hard they will find away around it KISS Principle –Education is the best bang for the buck –Increases ownership for solving security problems SNMP is the standard –Not a smoking gun.... a bleeding wound is needed. What is the aspirin for security: –firewalls, VPN, PKI, IDS,......? –Technology will solve all of our problems! – monitoring problem solution was policy.

MID/jpl 5/15/ © 1999 by James P. Litchko Which Authentication is best? Password? Time-based? Challenge and Response? Event-based? Biometrics? Public Key? VPN? IDS?

MID/jpl 5/15/ © 1999 by James P. Litchko Problem Subscription Information Service Provider Web site distribution Computer illiterate users Sharing passwords $40,000 loss per month What is the solution?

MID/jpl 5/15/ © 1999 by James P. Litchko Security and Business Math Profit: Loss: Net: Before $ 50B $ 4.5B $ 46.5B After $ 50B $ 1.0B $ 49.0B Better Idea? $

MID/jpl 5/15/ © 1999 by James P. Litchko Internet or WAN Promotional Web Server Read Only Firewall Firms Clients Firewall Support Operations Transaction System

MID/jpl 5/15/ © 1999 by James P. Litchko Internet or WAN Promotional Web Server Read Only Firewall Firms Clients IP Encryption Support Operations Transaction System

MID/jpl 5/15/ © 1999 by James P. Litchko Internet or WAN Promotional Web Server Read Only Firewall Firms Clients IP Encryption SSL Encryption Support Operations Transaction System

MID/jpl 5/15/ © 1999 by James P. Litchko Internet or WAN Promotional Web Server Read Only Firewall Clients IP Encryption SSL Encryption Intrusion Detection Systems and Assurance Testing “In God we trust. Everyone else we monitor.”

MID/jpl 5/15/ © 1999 by James P. Litchko Internet or WAN Promotional Web Server Read Only Firewall Firms Clients IP Encryption SSL Encryption Backups Surf Web Filter Support Operations Transaction System What business is this?

MID/jpl 5/15/ © 1999 by James P. Litchko Summary Based security on business first Practical solutions, not just technical Security is a business risk

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.