Copyright Security-Assessment.com 2004 New Technology Enforcement Strategies by Peter Benson

Copyright Security-Assessment.com 2004

The issues Information Loss Perimeter Breakdown Mobile Users New Technology Vulnerabilities Future Directions

Copyright Security-Assessment.com 2004 Perimeter Breakdown Perimeters slowly disappearing – VPN – Partner Connections – Home Users – Wireless Insecurities Zones of Trust Testing Security

Copyright Security-Assessment.com 2004 Laptop Users Current Laptop Loss Rate >4% Information and hardware costs Theft Prevention on increase Minimum controls required for mobile population – Personal Firewall – AV – Disk Encryption Policy and Security Architecture Requirements Citrix is your Friend!

Copyright Security-Assessment.com 2004 New Technology and Information Loss USB Fobs External Memory Cards CD / DVD Writers Common PDA’s Integration of Cell Phone Technology IM VoIP

Copyright Security-Assessment.com 2004

General Strategies Track New Technology Opportunities Research and define Policy Default Deny Enforce Policy – Technical Controls – Policy Controls – HR Controls – Approval / Authorisation Controls

Copyright Security-Assessment.com 2004 VoIP Implement your strategy and policy Architect! Default Deny “Free is not necessarily cost effective” Research Be Proactive. Your people are using this now.

Copyright Security-Assessment.com 2004 Instant Messaging Manage malicious code via A/V or other means Control at the gateway – Default Deny – Man in the Middle inspection Have approved processes and systems

Copyright Security-Assessment.com 2004 Mobile Storage Devices Encrypt removable media USB management of storage devices Flash memory security Allow managed access to USB storage devices Block illegal software installation Block.exe.com.vbs.mp3 files etc Printer, modem permissions management Client side content filtering of removable media

Copyright Security-Assessment.com 2004 Mobile Communications Discover your Mobile Perimeter – Asset Database, exposure management – Capture changes to Mobile Perimeter – Vulnerabilities – Connections Control Connectivity Control Mobile Information Security – Encryption – A/V – Content

Copyright Security-Assessment.com 2004 Emerging Enforcement Technologies Reflex Magnetics, Reflex Disk Net Pro Trust Digital, Trust Enterprise Mobile Suite Asset Discovery and Management Anti-Spyware for Enterprises Connection Enforcement Enterprise Quality Encryption for Laptops / Mobile Systems Application Aware Firewalls MITM Proxys Fractured Networks (zones of trust)

Copyright Security-Assessment.com 2004

Thank You Questions?