Presentation is loading. Please wait.

Presentation is loading. Please wait.

ThinkVantage Technologies

Similar presentations


Presentation on theme: "ThinkVantage Technologies"— Presentation transcript:

1 ThinkVantage Technologies
Client Security: Strong Authentication and Data protection Frank Kardonski Program Manager WW Security Offerings Good morning everyone…first of all I would like to thank ____ and his team for inviting Lenovo and IBM to be a part of this exciting event. I am program manager for ThinkVantage Security Offerings with a focus on regulatory compliance and authentication (biometrics) Today I share with you some of the key security trends and business issues they create and then a few best practice solutions for addressing them. Name of Presentation March 2005

2 The Security Environment
Let me begin by setting the stage for the discussion today. Client security is getting tremendous attention…because very simply there is much to pay attention to. The environment in which we all operate with our very powerful PCs has become a dangerous place to work. Organizations are having a difficult time responding to threats…Client security is very important because the security of the network is only as strong as the weakest link…if your PC is insecure then your entire network is not secure. 9/19/2018 ThinkVantage Fingerprint Solutions Name of Presentation March 2005

3 Market Drivers Leading to Enhanced Security
Market Trends drive Business Issues which it turn drive the adoption of Enhanced Client Security mechanisms Market Trends Growth of Mobility “55% of corporate users will use notebooks by 2006” Meta Growth of Wireless “700 million users by 2007” Pyramid Regulatory Mandates HIPAA, Sarbanes Oxley Growth of Hacking 2004 Worms: Bagle, Sober.P Viruses Grew by 28,327 in ‘04– IBM 2004 Global Business Security Index Report Business Issues Cost and ROI PC Theft CSI: 49% reported Loss or Theft in 2004 Security Breaches Identity Theft Torjan, Deceit, Spyware Viruses and Worms Regulatory Compliance Enhanced Security Single Sign-on Biometrics/Smart Cards Data Encryption Multi-Factor Authentication Data Backup / Recovery Wireless Security Anti-Spam, Spyware Personal Firewall New Bagle Glieder: Spread using the common mass mailing method…downloads a trojan to block antivirus updates and windows update site…disables firewall and antivirus…converts system into botnet (spam and identity theft) Notebooks now make up 45 percent of the PCs sold in the United States, according to IDC. Additionally, in May, laptops outsold desktops for the first time for a full 30-day period in the United States, according to research company Current Analysis. The company said that laptops accounted for 53.3 percent of the total PC retail market in May. We are seeing a variety of Market trends that drive the need for enhanced security solutions. These trends create business issues – Mandates make me need to comply --- the problem is I don’t know what tools can help me? Best practices? Theft of PCs and loss of data (closely related to compliance) because Security breaches come in all forms (theft, loss of data, key logger attacks, internal breaches, attacks on wireless) Costs: associated with managing security – managing passwords, patching mechanisms, productivity Theft: Last year 49% of companies reported PC Theft…sensitive data lies on the PC. Business Plans, Customer Info, Employee Data, Confidential Documens, s…How much would you pay to keep that information protected? Security Breaches of all types…internal or external…how can I control access to my systems and networks? ID Theft: How can I protect my organization from being victimized…How can I protect myself…is authentication a solution? Worms: How can I set up an infrastructure that will be more proactive and reactive to threats. Compliance: What do I need to do to comply? What are the best practices around this? 9/19/2018 ThinkVantage Fingerprint Solutions Name of Presentation March 2005

4 ThinkVantage Fingerprint Solutions
Cost and ROI There is a real business case for strong authentication Passwords cost money and can be a security risk Fact: Average cost for forgotten password per incident: $10-$30 (Gartner) Fact: text-based password could be broken in 16 minutes using a brute force attack – 3-year research by NTA Monitor Passwords subject to Key Logger attacks and Phishing Users don’t manage passwords well (forge them, write them down) Productivity Employee time is lost due to password-related issues Compliance Strong authentication is a basic requirement, could cost $, Jail. Process improvements The focus on ROI really occurs at many levels (network costs, costs of lost productivity, users) but one area which is truly significant is password management. The invention of the password has the benefit that it offers unique authentication, but it’s also costly to maintain. Let me poll the audience, who is dealing with password-related issues? 9/19/2018 ThinkVantage Fingerprint Solutions Name of Presentation March 2005

5 PC Theft and Security Breaches
Two laptops containing Motorola employee information were stolen from a Chicago office of services provider Affiliated Computer Services over the Memorial Day weekend. SAIC recently alerted 45,000 employees that several desktop computers were stolen with details about thousands of individual stockholder accounts Bank of America said it lost computer tapes containing account information on 1.2M federal employee credit cards, exposing them to potential theft Online payroll service provider PayMaxx closed its automated W-2 site after discovery of 2 security holes that exposed data on more than 25,000 people Retail Ventures Inc., announced the theft of credit card and purchase data of customers at 103 of its 175 DSW Shoe Warehouse stores Several chief information security officers at major banks lost their jobs last year when the Federal Reserve sent letters reporting security deficiencies to their boards of directors Theft is much more common than we realize…according to a survey for CSI 49% of companies suffered it…in the past it has not been published, but now it HAS to be…that’s why we are seeing…Motorola, Citigroup…some folks have even lost their jobs. 9/19/2018 ThinkVantage Fingerprint Solutions Name of Presentation March 2005

6 ThinkVantage Fingerprint Solutions
Identity Theft Identity theft cost Americans $52.6B in 2004 (Javelin Strategy & Research) For the 5th straight year identity theft topped the list of consumer concerns - 39%, or more than 246,000 complaints (Federal Trade Commission) George Mason University recently discovered unauthorized access to a database with names, SSNs and photos of 32,000 students and employees A businessman, who’s PC was infected with a Trojan-horse, sued Bank of America claiming $90,000 was diverted from his account to a bank in Latvia 145,000 consumers were put at risk by a recent incident at ChoicePoint, where at least 50 suspicious accounts had been opened by nonexistent companies CitiFinancial disclosed that personal information (Social Security numbers, loan account data and addresses) of 3.9 million of its customers was lost by UPS in transit to a credit bureau After viruses, this is the area of most concern…It really comes in all forms…through worms, key logging, phishing…need to protect your system!! Common sense. Now you can get sued!! 9/19/2018 ThinkVantage Fingerprint Solutions Name of Presentation March 2005

7 ThinkVantage Fingerprint Solutions
Viruses, Worms and other Cyber threats Phishing sites have tripled in the last 6 months Known Viruses Grew by 28,327 to 112K in 2004 IBM 2004 Global Business Security Index Report Spam and spyware growth has been exponential Initially driven by thrill-seeking hackers (still in many cases) Now driven primarily by financial gain Part of worldwide organized crime People are making money out of this…selling ‘zombie’ computers that send spam or offer information…takes you to the wrong website. 9/19/2018 ThinkVantage Fingerprint Solutions Name of Presentation March 2005

8 Attack Sophistication Intruder Sophistication
Attack Sophistication Increases While Intruder Sophistication Decreases HIGH HIGH Attack Sophistication Intruder Sophistication The worst part of it is, attacker sophistication in increasing while intruder sophistication is decreasing… LOW LOW 9/19/2018 ThinkVantage Fingerprint Solutions Name of Presentation March 2005

9 Regulatory Environment
9/19/2018 ThinkVantage Fingerprint Solutions

10 The Regulatory Compliance Jungle
HIPAA-Health Insurance Portability and Accountability Act: California Senate Bill 1386: Patriot Act GLBA- Graham Leech Bliley Act: SEC European Data Protection Directive: FERPA The most secure mechanism to protect sensitive data is to take it out of mobile devices!! Sore it elsewhere! But that is not practical…we need the ability to work while we’re mobile and not necessarily connected. One way to do this is through data encryption… Japan Privacy PIPEDA Basel II: FISMA SOX-Sarbanes-Oxley: 9/19/2018 ThinkVantage Fingerprint Solutions Name of Presentation March 2005

11 Regulatory Environment
Organizations can be subject to multiple regulatory requirements And….. The regulatory picture is constantly evolving. Regulations change and new regulations emerge California Assembly Bill 1950 recently passed Sept. 29, 2004: Data protection requirements for businesses that own or license personal information Europe: EU data privacy, Basel II, UK Data Protection Regulations describe rules, but not means by which to implement them Implementing a compliance process requires change in business processes, human resources as well as information technology. Before… Today… HIPAA Cal 1386 SOX Basel II Healthcare Financial Financial Healthcare SOX SEC GLBA SEC HIPAA GLBA FISMA Patriot This is an example of how ONE COMPANY in the Healthcare industry of Financial Sector is affected by REGULATIONS…SEE HERE Another reason that adds to the complexity is that REGULATIONS ARE EVOLVING – 1950 SEE CHART AGAIN, BUSINESS PROCES, HR AS WELL AS IT --- IF YOU IMPLEMENT PASSWORD BY THAT EMPLOYEE SHARES IT WITH UNAUTHORISED COLLEAGES OR USES NO SECURITY IN HER HOME NETWORK THE YOU ARE AT RISK… This bill would require a business, other than specified entities, that owns or licenses personal information about a California resident to implement and maintain reasonable security procedures and practices to protect personal information from unauthorized access, destruction, use, modification, or disclosure. The bill would also require a business that discloses personal information to a nonaffiliated third party, to require by contract that those entities maintain reasonable security procedures, as specified. The bill would provide that a business that is subject to other laws providing greater protection to personal information in regard to subjects regulated by the bill shall be deemed in compliance with the bill’s requirements, as specified. 9/19/2018 ThinkVantage Fingerprint Solutions Name of Presentation March 2005

12 Regulations are basically all the same
This is an example of how ONE COMPANY in the Healthcare industry of Financial Sector is affected by REGULATIONS…SEE HERE Another reason that adds to the complexity is that REGULATIONS ARE EVOLVING – 1950 SEE CHART AGAIN, BUSINESS PROCES, HR AS WELL AS IT --- IF YOU IMPLEMENT PASSWORD BY THAT EMPLOYEE SHARES IT WITH UNAUTHORISED COLLEAGES OR USES NO SECURITY IN HER HOME NETWORK THE YOU ARE AT RISK… This bill would require a business, other than specified entities, that owns or licenses personal information about a California resident to implement and maintain reasonable security procedures and practices to protect personal information from unauthorized access, destruction, use, modification, or disclosure. The bill would also require a business that discloses personal information to a nonaffiliated third party, to require by contract that those entities maintain reasonable security procedures, as specified. The bill would provide that a business that is subject to other laws providing greater protection to personal information in regard to subjects regulated by the bill shall be deemed in compliance with the bill’s requirements, as specified. 9/19/2018 ThinkVantage Fingerprint Solutions Name of Presentation March 2005

13 ThinkVantage Fingerprint Solutions
Regulatory compliance requirements fall into the following broad categories: Baseline ISO17799 Business Process & Accounting Control Identity Management Privacy/Security Encryption Date Integrity Information sharing Use management Policy based access control Models Analysis Logging Monitoring So AS WE NARROW THE VIEW OF COMPLIANCE WE CAN BEGIN TO SEE HOW IBM SOLUTIONS FIT INTO THE PICTURE. AT the HIGH LEVEL, WE SEE SOME OF THE GENERAL REQUIREMENTS!! Business and Process Controls, Privacy and Security, Storage, ETC… THIS CHART IS NOT MEANT TO INCLUDE ALL THINGS…Before I talk to this, let me just say that Encryption can be implemented at different levels…servers and PCs. This is just one example… Storage and Data Lifecycle Records Retention Audit, Document Preservation Disposal 9/19/2018 ThinkVantage Fingerprint Solutions Name of Presentation March 2005

14 Security is an important subset of compliance categories
Security Pillars Data Protection Encryption Upon disposal Anti-Hacking (Spyware) Access Controls and Authentication Passwords Biometrics User-based / Role-based Identity Management Data Integrity and Availability Data backup Disaster recovery Digital Signing Antivirus Audit and Documentation On the left of this chart we have the top regulations that are making headlines…and on the left SOME of the principal requirements that can be extracted. (SOME NOT INCLUDED) RECORDS RETENTION FOR EXAMPLE!! Data Integrity and Availability!! Data Protection and Encryption Access Controls Authentications Audit and Documentation Basel II – Operational Risk – Includes internal processes and systems – Computer Crime Risk!! Specifically mentions computer security and hacking incidents as operational risks. 9/19/2018 ThinkVantage Fingerprint Solutions Name of Presentation March 2005

15 Enhanced Client Security Solutions
The most secure mechanism to protect sensitive data is to take it out of mobile devices!! Sore it elsewhere! But that is not practical…we need the ability to work while we’re mobile and not necessarily connected. One way to do this is through data encryption… 9/19/2018 ThinkVantage Fingerprint Solutions Name of Presentation March 2005

16 ThinkVantage Fingerprint Solutions
Service Descriptions 9/19/2018 ThinkVantage Fingerprint Solutions

17 ThinkVantage Client Security Solutions
Access and Authentication Data Protection 9/19/2018 ThinkVantage Fingerprint Solutions Name of Presentation March 2005

18 ThinkVantage Fingerprint Solutions
ThinkVantage Client Security Solution Client Security Software What does it do? Strong Authentication Data Encryption Password Management Password recall/resent “Security Chip” So how does ESS help in each of these areas? Protects your data at rest through File and Folder Encryption capabilities. If your system is stolen, then the data cannot be accessed. The system is very secure because the keys that are used to encrypt and decrypt the data are stored in HW and are tamper resistant. Normally these keys would be stored in software somewhere in the registry, so they are easier to access and break. ESS also interacts with your system to encrypt and decrypt the data when it’s being transmitted ESS also offers strong authentication and multifactor. Through our partnerships we interact with fingerprint readers, smart cards, tokens, etc. Finally, we have password manager. How many of you manage more than 10 passwords!! How nice would it be to have one single passphrase to remember (or even use a fingerprint) to replace all those passwords? PM allows you to store all those passwords in a secured repository and then recall those passwords when needed to authenticate to a windows based secure access point. Targus (FP) ST Micro Key IBM Security Partnerships Adobe – Acrobat 6.0 – authenticate / apply digital signatures Checkpoint VPN-1 product - secure credential storage NEW: Cisco VPN uses chip to authenticate user and protect certificate Entrust suite of secure software – authenticate user, store certificates MS Internet Explorer and Netscape Navigator – secure certificate storage RSA SecurID - token replacement with stronger authentication Tivoli Access Manager – security policy management Utimaco Safeguard EZ full drive encryption - uses chip to verify user identity Verisign Personal Trust Agent (PTA) – secure credential storage 3Com hardware firewall NIC – trusted network link TPM 9/19/2018 ThinkVantage Fingerprint Solutions Name of Presentation March 2005

19 Principles of Strong Authentication:
What you KNOW What you HAVE Who you ARE Can be forgotten Can be lost Subject to ID Theft Can’t be forgotten Can be lost Always with you Can’t be forgotten or lost Best Practice is to use at least two! Enabled by ThinkVantage Client Security Solution 9/19/2018 ThinkVantage Fingerprint Solutions

20 ThinkPad Integrated Fingerprint Reader Offering
ThinkPad T42 and X41 With integrated fingerprint reader Slide Finger to Authenticate ThinkPad BIOS IBM Embedded Security Subsystem (ESS) UPEK Fingerprint Reader with “Companion Chip” 9/19/2018 ThinkVantage Fingerprint Solutions Name of Presentation March 2005

21 ThinkVantage Fingerprint Solutions
Why Biometrics? Strong alternative to Tokens and Smartcards Cost effective and simple to use and manage Simpler user provisioning Reduced maintenance costs User friendly - Finger always with you Capable of scaling to large operations BioAPI Capability Enables integration with other applications Integration with SSO and ID Management Integration with physical authentication 9/19/2018 ThinkVantage Fingerprint Solutions

22 Integrated Biometric Authentication Solution
TPM Client Security Software Single Sign-on Enhanced Security Password Management Manage Access to Network Applications BioAPI Biometric Server We could be stuck in the middle between UPEK and 3rd-Party vendors. If UPEK starts charging them for things. We need to establish the “mode of operation” ThinkPad Keyboard Reader USB reader User Roaming Link to AD Replace Passwords Generate Audit Logs BIOS PW replacement Windows Logon 9/19/2018 ThinkVantage Fingerprint Solutions Name of Presentation March 2005

23 ThinkVantage Fingerprint Solutions
Password Management Features: Safe password repository Convenient password Recall Single Pass Phrase Fingerprint Protected by Security Chip Benefits: Reduce Password Reset Costs Enhanced Security Enhanced Productivity User name and Randomly-generated Password Export Function 9/19/2018 ThinkVantage Fingerprint Solutions

24 Cyber Threat Best Practices
For the Enterprise Communicate them to customers Enable validation Stronger authentication at web sites Tokens Biometrics Monitor the Internet for potential phishing web sites Protect the network from spam, viruses, worms, etc. Enhanced patching mechanisms (proactive) For the Client Antivirus, Anti-spam, Anti-spyware, Personal firewall Be suspicious! Use strong authentication (biometrics, Tokens) 9/19/2018 ThinkVantage Fingerprint Solutions

25 Responding to PC Theft, Loss and Hacking
Data Protection Data Protection Responding to PC Theft, Loss and Hacking The most secure mechanism to protect sensitive data is to take it out of mobile devices!! Sore it elsewhere! But that is not practical…we need the ability to work while we’re mobile and not necessarily connected. One way to do this is through data encryption… 9/19/2018 ThinkVantage Fingerprint Solutions Name of Presentation March 2005

26 ThinkVantage Fingerprint Solutions
Data Encryption New! Utimaco Private Disk File and Folder Encryption Encrypts contents of an entire file or folder User drops content into a virtual drive Can use external media or network drives to store data Offers higher level of control over encrypted data New! Utimaco Safeguard Easy Full HD Encryption Automatic encryption of all hard drive Authentication in Pre-boot with little user intervention Integration with security chip for enhanced security Integration with suite of ThinkVantage offerings 9/19/2018 ThinkVantage Fingerprint Solutions

27 Strong Authentication
ThinkVantage Technologies Address Business Needs Best Practices ThinkVantage Technologies Security Offering Portfolio Strong Authentication NEW! - Integrated fingerprint reader Enhanced convenience and security CSS - Multifactor authentication Access Connections Stores and Protects user credentials used for wireless access NEW! Supports new i standard with AES encryption New! Client Security Solutions 6.0 Leverages TPM to protect Windows, passwords and data Secure Data Disposal NEW! Utimaco SafeGuard Easy and Private Disk Protects data through full hard drive and file encryption NEW! Rescue and Recovery with Antidote Delivery Manager: Data backup, remediation and recovery. Protection from viruses, worms NEW! System Information Center Automates collection, assessment and inventory reporting Helps you to measure security compliance Data Protection Integrity Assurance Audit & Documentation 9/19/2018 ThinkVantage Fingerprint Solutions Name of Presentation March 2005

28 Thank You!


Download ppt "ThinkVantage Technologies"

Similar presentations


Ads by Google