Defending Laptops with MinUWet By Erick Engelke. Laptops and our future? laptops now outsell desktops laptops now outsell desktops we expect continued.

Slides:

Advertisements

Similar presentations

© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo for Call Center Call Center on a Stick Ceedo for Call Center Presentation.

Advertisements

Network Access Protection & Network Admission Control March 10, 2005 Teerapol Tuanpusa Network Consultant Cisco Systems Thailand Jirat Boomuang Technology.

© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo for Citrix Optimal User Experience & Maximum IT Control Ceedo for Call.

Supporting The Mobile Client: Expanding Our Borders John Guidone Manager, Desktop Technologies and Dawn E. Colonese Manager, Help Desk & Client Access.

Minuwet 2.0 Aruba and More. Minuwet 1.0 Provided sanity check on wireless computers 8,370 distinct users used it in March 2008 Saved lots of IT effort.

Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.

For further information computersecurity.wlu.ca

Supporting A Laptop Environment Erick Engelke Faculty of Engineering University of Waterloo

Johnson Logistics Solutions Office of Systems and Information Technology.

Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.

A Secure Network for All Team Excel. Requirements Business Add visitor, customer, and competitor access Use non-company laptops onto corporate network.

Wireless.ubc.ca Balancing security and usability on the world’s largest Wi-Fi campus network Jonn Martell Wireless Project Manager, UBC

Defending Laptops with MinUWet By Erick Engelke. Laptops and our future? laptops now outsell desktops laptops now outsell desktops we expect continued.

© 2008 McAfee, Inc. “Endpoint” Security Defining the endpoints and how to protect them.

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program or UCSF Campus VPN.

Data Security Issues in IR Eileen Driscoll Institutional Planning and Research Cornell University

Information Security in Real Business

SIRT Contact Orientation Security Incident Response Team Departmental Security Contacts April 16, 2004.

Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S

Spring Definitions  Virus  A virus is a piece of computer code that attaches itself to a program or file so it can spread.

PresentPC August 2009 Erick Engelke Engineering Computing.

1 Panda Malware Radar Discovering hidden threats Technical Product Presentation Name Date.

Securing Your Home Computer Presenter: Donnie Green Date: February 11, 2009 National Aeronautics and Space Administration

Information Security Information Technology and Computing Services Information Technology and Computing Services

Course 201 – Administration, Content Inspection and SSL VPN

Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.

CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.

1 Network Admission Control to WLAN at WIT Presented by: Aidan McGrath B.Sc. M.A.

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

Security Awareness ITS SECURITY TRAINING. Why am I here ? Isn’t security an IT problem ?  Technology can address only a small fraction of security risks.

Managing and Securing Endpoints Bruce Hotte Chief Information Officer Jeff Swan Network Supervisor  The definition of “endpoint” used to be simple: a.

CERN’s Computer Security Challenge

DECS Community IT DIVISION OF ENGINEERING COMPUTING SERVICES Michigan State University College of Engineering.

70-411: Administering Windows Server 2012

C OMPUTER C ONCEPTS Unit 1 Concept 3 – Solving Technological Problems.

The Microsoft Baseline Security Analyzer A practical look….

Safeguarding OECD Information Assets Frédéric CHALLAL Head, Systems Engineering Team OECD.

TECHNOLOGY GUIDE THREE Protecting Your Information Assets.

Information Security Awareness Training. Why Information Security? Information is a valuable asset for all kinds of business More and more information.

Simplifying the Configuration of Student Laptops — StirlingVPNSetup Simon Booth University of Stirling Laptop Forum 27th June 2006.

Specialist communication channel. Sarah-Jane king.

SmartAccess example Príloha k dokumentu TCX s.r.o.

How can IT help you today?. Agenda Why Do You Care? What Are The Risks? What Can You Do? Questions? How can IT help you today? 2.

I-Hack’08 International Hacking Competition “Details”

Living Next to the Anarchists By Erick Engelke. Anarchists? Anarchy is (various definitions) - lawlessness or disorder when there is a lack of governance.

Malware Spyware & Viruses Overview  What does it look like?  What is it?  How can you prevent it?  What can you do about it when you get it?

Introduction to Systems Security (January 12, 2015) © Abdou Illia – Spring 2015.

Frontline Enterprise Security

© 2008 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED,

Proposed UW Minimum Computer Security Standards From C&C 28 Jan 2005 Draft.

Defending Laptops with MinUWet By Erick Engelke. Laptops and our future? laptops now outsell desktops laptops now outsell desktops we expect continued.

LM/NTLMv1 Retirement Hosted by LSP Services.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

ONLINE SECURITY Tips 1 Online Security Online Security Tips.

TECHDOTCOMP SUPPORT TECHDOTCOMP nd Ave, Seattle, WA 98122, USA Phone:

E-Commerce & Bank Security By: Mark Reed COSC 480.

Cyber Security: Today’s Threats and Mitigations Jonathan Homer, Cyber Security Analyst Idaho National Laboratory.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

By the end of this lesson you will be able to: 1. Determine the preventive support measures that are in place at your school.

Tuque Automated Software Distribution System By Erick Engelke.

Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training What’s New in Fireware v

Barracuda SSL VPN 2012.

Maintaining a Secure and Usable Wireless Network

TECHNOLOGY GUIDE THREE

How to Patch Norton Antivirus?

NFX Q-Port on-boarding guide

Cybersecurity and Cyberhygiene

Presentation transcript:

Defending Laptops with MinUWet By Erick Engelke

Laptops and our future? laptops now outsell desktops laptops now outsell desktops we expect continued growth of laptops we expect continued growth of laptops laptops present new opportunities for learning and budgets, but also new IT staff challenges laptops present new opportunities for learning and budgets, but also new IT staff challenges laptop security issues are time-consuming for staff laptop security issues are time-consuming for staff

Solution: We need a strategy which encourages responsible client laptop management

Continuum of Security none - anarchy available but optional encouraged / accessible heavily enforced

Accessible Security? make technology simple to conceptualize though not necessarily understand make technology simple to conceptualize though not necessarily understand it becomes part of the culture it becomes part of the culture examples: examples: privacy of PIN numbers on debit cards privacy of PIN numbers on debit cards security of SSL web sites security of SSL web sites

How to Encourage Security Educate Educate Reward Reward Remind Nag Embarrass Punish or

Possible Education Points 1. secure your computer Antivirus, Workstation Firewall, Updates, … Antivirus, Workstation Firewall, Updates, … 2. secure your applications MyWaterloo, SSH, Secure IMAP, VPN MyWaterloo, SSH, Secure IMAP, VPN 3. secure yourself best practices, (strong secret passwords), avoid probable malware best practices, (strong secret passwords), avoid probable malware users can conceptualize these points, but will they act?

MinUWet Setting minimum standards NAA detects OS at login screen NAA detects OS at login screendetects highly vulnerable OS’s must endure a scan using MinUWet (currently only MS Windows) highly vulnerable OS’s must endure a scan using MinUWet (currently only MS Windows)MinUWet Antivirus enabled and up-to-date? Freshen! Antivirus enabled and up-to-date? Freshen! OS getting patches? OS getting patches?

MinUWet Setting minimum standards (cont.) NAA detects OS at login screen NAA detects OS at login screendetects highly vulnerable OS’s must endure a scan using MinUWet(currently only MS Windows) highly vulnerable OS’s must endure a scan using MinUWet(currently only MS Windows) MinUWet Antivirus enabled and up-to-date? Freshen! Antivirus enabled and up-to-date? Freshen! OS getting patches? OS getting patches? HTTP always allowed, download patches HTTP always allowed, download patches pass test… get additional or “premium” network access pass test… get additional or “premium” network access

MinUWet Setting minimum standards (cont) other OS’s are not affected other OS’s are not affected users who do not wish to participate are granted web-only access users who do not wish to participate are granted web-only access will still do existing security scans and SNORT will still do existing security scans and SNORT complementary solutions add more security complementary solutions add more security

Some MinUWet Facts idea is similar to Cisco NAC and MS NAP idea is similar to Cisco NAC and MS NAP MinUWet is compatible with all existing hardware and safe with non-MS OSs. MinUWet is compatible with all existing hardware and safe with non-MS OSs. local expertise, we can adapt it local expertise, we can adapt it Cisco and MS solutions are stronger but more difficult to run and inflexible Cisco and MS solutions are stronger but more difficult to run and inflexible MinUWet doesn’t have to be hack-proof, it just has to be better than today’s mess! MinUWet doesn’t have to be hack-proof, it just has to be better than today’s mess! MinUWet - retired upon better options MinUWet - retired upon better options

Statistics from Two Week Engineering Trial 6486 NAA Windows sessions 6486 NAA Windows sessions 3161 or 49% of sessions ran MinUWet 3161 or 49% of sessions ran MinUWet 628 distinct users ran MinUWet 628 distinct users ran MinUWet 168 or 26% of them failed the test initially 168 or 26% of them failed the test initially 75 or 45% of those who failed later passed. 75 or 45% of those who failed later passed. this indicate users upgraded their systems this indicate users upgraded their systems zero security threats observed by IST zero security threats observed by IST

Campus-wide Rollout Thursday March 2 nd Thursday March 2 nd “help desks” co-ordinate information sharing “help desks” co-ordinate information sharing Friday March 3 rd – Friday March 3 rd – appears in Daily Bulletin appears in Daily Bulletin brief message appears at each wireless user login brief message appears at each wireless user login both messages point to a web site where users can learn more and test their laptops ( both messages point to a web site where users can learn more and test their laptops ( Thursday March 16 th Thursday March 16 th MinUWet goes live and enforces user security MinUWet goes live and enforces user security

Thank you