Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Slides:



Advertisements
Similar presentations
THE BUSINESS NEED Create affordable alternative/ provide enterprise power/capability for any-sized company Reduce resource-draining burden of meeting.
Advertisements

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
{ Best Practice Why reinvent the wheel?.   Domain controllers   Member servers   Client computers   User accounts   Group accounts   OUs 
Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.
Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.
Confidential FullArmor Corp Platform for SaaS and mobile apps to remotely access, migrate, and sync Active Directory resources with the cloud ADanywhere.
Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.
By Edith Butler Fall Our Security Ways we protect our valuables: Locks Security Alarm Video Surveillance, etc.
A simpler way to manage identities across multiple services Aldo Zanoni, CEO ext. 232
Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
Demi Albuz SENIOR PRODUCT MARKETING MANAGER Samim Erdogan PRINCIPAL ENGINEERING MANAGER Thomas Willingham TECHNICAL PRODUCT MANAGER.
Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.
© Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
Copyright 2011 Trend Micro Inc. Securing your Journey to the Cloud Kamal Sharma Technical Consultant Classification 8/27/
Market Trends Enterprise Web Applications Cloud Computing SaaS Applications BYOD Data Compliance Regulations 30 Second Elevator Pitch Web browsers have.
(2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers Image from this Site Presenters: Aron Eisold, Matt Mickelson, Bryce Nelson,
1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.
Unify and Simplify: Security Management
©2011 Quest Software, Inc. All rights reserved. Patrick Hunter EMEA IDAM Team Lead 7 th February 2012 Creating simple, effective and lasting IDAM solutions.
Dell Connected Security Solutions Simplify & unify.
©2014 Bit9. All Rights Reserved Endpoint Threat Prevention Charles Roussey | Sr. Sales Engineer Detection and Response in Seconds.
Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.
© 2015 ForeScout Technologies, Page 2 Source: Identity Theft Resource Center Annual number of data breaches Breaches reported Average annual cost of security.
Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Secure & Unified Identity for End Users & Privileged Users.
Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.
OCTAVE-S on TradeSolution Inc.. Introduction Phase 1: Critical Assets and threats Phase 2: Critical IT Components Phase 3: Changes Required in current.
Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.
PCIT313. Today’s challenges Deliver applications to mobile platforms (BYOD) Respond to dynamic business requirements for IT: Seasonal/temporary workers.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Alessandro Cardoso Microsoft MVP | Readify National Manager |
Module 11: Designing Security for Network Perimeters.
Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows
IT Security Policy: Case Study March 2008 Copyright , All Rights Reserved.
BUSINESS USER MONITORING OBSERVEIT 5.8. Firewall IDS IAM SIEM Business Users IT Users USERS ARE GATEWAYS OF RISK Contractors Systems AppsData.
Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.
FND2851. Mobile First | Cloud First Sixty-one percent of workers mix personal and work tasks on their devices* >Seventy-five percent of network intrusions.
Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.
Module 10: Implementing Administrative Templates and Audit Policy.
User and Device Management
Module 7: Designing Security for Accounts and Services.
1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.
IDC Says, "Don't Move To The Cloud" Richard Whitehead Director, Intelligent Workload Management August, 2010 Ben Goodman Principal.
DATS Portfolio. PARTNERS & Solutions END TO END DATA CENTER SOLUTIONS Building a robust, resilient IT infrastructure. Lenovo System x combines unbeatable.
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
Protect your Digital Enterprise
Hybrid Management and Security
Journey to Microsoft Secure Cloud
Secure & Unified Identity
BOMGAR REMOTE SUPPORT Karl Lankford
Company Overview & Strategy
Skyhigh Enables Enterprises to Use Productivity Tools of Microsoft Office 365 While Meeting Their Security, Compliance & Governance Requirements Partner.
Securing the Threats of Tomorrow, Today.
Brandon Traffanstedt Systems Engineer - Southeast
Secure once, run anywhere Simplify your security with Sophos
How to Mitigate the Consequences What are the Countermeasures?
BACHELOR’S THESIS DEFENSE
BACHELOR’S THESIS DEFENSE
BACHELOR’S THESIS DEFENSE
4/9/ :42 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
System Center Marketing
PLANNING A SECURE BASELINE INSTALLATION
Information Protection
Microsoft Data Insights Summit
Information Protection
Presentation transcript:

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People From Doing Bad Things”

1 Public, Private and Hybrid Cloud Computing Security For infrastructure, end points, data and applications Across physical, virtual, public, private and hybrid cloud environments Empower IT governance to strengthen security, improve productivity, drive compliance and reduce expense Vision Securing the Perimeter Within Consistent policy-driven, role-based access control, fine grained privilege delegation, logging, monitoring and reporting Server & Desktop Physical & Virtualization Windows, Linux, Unix Network Device Security Network Device Security Data Security & Leak Prevention Data Security & Leak Prevention Governance, Risk & Compliance Governance, Risk & Compliance

2 The Problem is Broad and Deep The threat from attacks is a statistical certainty and businesses of every type and size are vulnerable. Organizations are experiencing multiple breaches: 59 percent had two or more breaches in the past 12 months. Only 11 percent of companies know the source of all network security breaches.

3 Privileges are Misused in Different Ways Insider attacks cost an average $2.7 Million per attack 1 Desktop configuration errors cost companies $120/yr/pc 2 Virtual sprawl and malware are ever-present realities Source: 1 Computer Security Institute and FBI Survey. Source: 2 IDC Report: The Relationship between IT Labor Costs and Best Practices for Identity and Access Management with Active

4 48% of all data breaches were caused by insiders (+26%) 1 48% involved privilege misuse (+26%) 1 98% of all data breaches came from servers 1 Insider vs Outsider Threats “Organizations continue to struggle with excessive user privilege as it remains the primary attack point for data breaches and unauthorized transactions.” ~ Mark Diodati, Burton/Gartner Group External Threat Anti-Virus Firewalls Security Web Security Internal Threat Data Security & Leak Prevention Privileged Identity Management Intrusion Detection & Prevention Source: 1 “2010 Data Breach Investigations Report“ by Verizon with US Secret Service BeyondTrust

5 End Point Vulnerabilities in a SAAS World

6 Requirements:  Anti-Virus  Patch Management  Privilege Elevation  End Point DLP Best Practice For Cloud Security Employ a Full Suite of EndPoint Security Tools

7 Cloud Computing Reality – Public, Hybrid or Private Increasing scale – from thousands to tens of thousands servers Increasing complexity makes configuration and change management challenging – Complex directory structures are a major pain point Reliability is critical to realizing operational improvement Impact of Virtualization and Cloud Computing

8 Requirements:  Account for All Privileged Users  Manage Provisioning/De-Provisioning Privileged Credentials  Implement a “Least Privilege” based Control System  Monitor and Reconcile Privileged Activity  Maintain a High Quality Audit Repository  Automate Compliance Reporting Best Practice For Cloud Security Full Life-Cycle Control of Privileged Users

9 Impact of Virtualization and Cloud Computing Customer Requirements For Enterprise Grade Cloud Security Scalable, enterprise grade fabric Seamless integrations with on-premise and cloud directories Allow admins to manage policies not infrastructure Dynamically react to changes in virtual environment Quantifiable performance metrics of how its performing

10 Policy Files 10 How Least Privilege Works Submit Host (pbrun) Master Host (pbmasterd) Request a Privileged TaskRejected Log Host (pblogd) Event Logs I/O logs Accepted Privileged Task Privileged User Run Host (pblocald) Task Delegation / Privilege Escalation

11 Policy Files 11 Fully Cloud Based Least Privilege Submit Host (pbrun) Master Host (pbmasterd) Request a Privileged TaskRejected Log Host (pblogd) Event Logs I/O logs Accepted Privileged Task Privileged User Run Host (pblocald) On- Premise Hosted

12 Policy Files 12 Cloud Hosted Least Privilege Submit Host (pbrun) Master Host (pbmasterd) Request a Privileged TaskRejected Log Host (pblogd) Event Logs I/O logs Accepted Privileged Task Privileged User Run Host (pblocald) On- Premise Hosted

Thank You Connect with us...

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.