Presentation is loading. Please wait.

Presentation is loading. Please wait.

(n)Code Solutions Presentation on the importance of a Secure Technology Infrastructure.

Published byEarl Lester Modified over 9 years ago

Similar presentations

Presentation on theme: "(n)Code Solutions Presentation on the importance of a Secure Technology Infrastructure."— Presentation transcript:

1 (n)Code Solutions Presentation on the importance of a Secure Technology Infrastructure

2 Internal Threats  Human Error  Dishonest / disgruntled employees  Technical Sabotage External Threats  Virus  Trojans / Worms / Malicious Code  Hackers / Intruders What are Threats ?

3 Protection from Internal protection for  Confidentiality  Integrity  Availability External protection from  Virus  Hackers / Intruders  Malicious Code

4 Countermeasures  Patch Management System  Intrusion Prevention Systems  Intrusion Detection Systems  Anti-Virus  Content Management  Firewalls  VPN  PKI

5 World Statistics on attacks and misuse

6 Business and Financial Losses

7 The need for Security ?  InternetWeek: 50% of Corporations have had 30 or more penetrations, 60% lost up to $200K/intrusion  Federal Computing World: Over 50% of Federal agencies report unauthorized access (some are massive numbers)  FBI/Computer Security Institute: 48% of all attacks originated from within the organization  WarRoom Research Survey: 90% of Fortune 500 companies surveyed admitted to inside security breaches

8 Common IT Security Shortcomings  Enterprise wide patch management system  Intrusion Detection systems on both inside and outside of the perimeter  No firewalls / weak firewalls in place  All / few servers directly open to the internet  Outgoing email server doesn’t require authentication  Partial Content management / prevention solution  Outdated / un-patched mail servers

9 Patch Management : Why reaction time matters…  Reaction time is critical in preventing viruses and worms, which can cost organizations billions.  Forrester says that organizations typically require more than 300 days to fully deploy patches for most of these issues after the fix is available.  The race begins when the technical details of an issue (such as a security bulletin or release of exploit code) are made public. WormNumber of days from release of exploit to worm appearance Scalper (2002, FreeBSD) (*early disclosure) 11 days Blaster (2003, Windows) 16 days Code Red (2001, Windows) 24 days Lion (2001, Linux) 53 days Slapper (2002, Linux) 58 days Melissa (1999, Windows) 64 days Nimda (2001, Windows) 172 days Slammer (2003, Windows) 180 days Ramen (2001, Linux) 208 days

10 The SQL Slammer Worm: What Happened?? -MS SQL Vulnerability and patch released July, 2002 -Worm Released at 5:30 GMT, January 25, 2003 -Saturation point reached within 2 hours of start of infection -250,000 – 300,000 hosts infected -Internet Connectivity affected worldwide -Not easily detected by anti-virus since it did not write itself to disk

11 The SQL Slammer Worm: 30 Minutes After “Release” - Infections doubled every 8.5 seconds - Spread 100X faster than code red - At peak, scanned 55 million hosts per second.

12 The RPC Blaster Worm: What Happened?? -RPC Vulnerability and patch published by Microsoft on July 16 th, 2003. -Vulnerability affects NT 4.0, WinXP, Win2000, and Win2003 Server. -Blaster worm released Monday August 11, 2003 – Main target is only WinXP, Win2000. -+330,000 hosts infected in less than a week -Microsoft had to make network changes to avoid DDOS attack -Worm Variants Appearing Lovsan.B, Lovsan.C

13 Lessons Learned  Applying patches must be done quickly and thoroughly – If vulnerability applies to clients these must be patched – One infected machine can scan and infect 1000s of victims  The network must be configured with QOS and have the intelligence to filter and control traffic when needed  Complements to patches such as Host-Based Security Agents must be considered

14 WindowsUpdate InternetIntranet Running SUS Windows: Critical Security Updates, Security Rollups, Service Packs Configured via web based admin tool. Admin Approves Updates Sync Updates Download and install Updates Download and install Approved Updates Corporate Servers, Desktops and Laptops with the Automatic Updates Client Central Client Config SUS 1.0: How it Works

15 Windows Update Choosing a Patch Management Solution Functionality versus IT Resources Based Selection Choose the solution that provides the best balance of functionality versus IT resource constraints for your specific needs IT Resources & Administration Skill Level Breadth of Functionality SUS SMS LowHigh High

16 Additional Measures  Good and effective Anti-Virus Server and Anti-Spam Server on the gateway  Install Intrusion Detection Software on the internal as well as external networks  Implement firewalls  Good Content Management as well as traffic management system  Network Monitoring and management software.

17 Internet connections have increased as a frequent point of attack (from 59% in 2000 to 79% in 2003.) Of those reporting attacks, we learn : 27% say they don't know if there had been unauthorized access or misuse – no network information! 21% reported from two to five incidents 58% reported ten or more incidents – something isn’t working! Computer Security Institute & FBI Report March, 2003 Network Security Problems are Growing

18 Why Integrated Network Security?  Attackers take advantage of new, complex networks and sophisticated services  In this environment, Everything is a target: – Routers, Switches, Hosts, Networks (local and remote), Applications, Operating Systems, Security Devices, Remote Users, Business Partners, Extranets, etc.  New breed of network attacks have multiple vectors that cannot be blocked by one device  Network security requires an integrated system Layers of security are required Embedded security throughout the network Integrated security in network devices  Network management and reporting must be secure

19 2) Secure 1) Security Policy 3) Monitor and Respond 4) Test/Assess 5) Manage and Improve Security is a business process requiring continuous improvement and automation...

20 The 7 Top Management Errors that Lead to Computer Security Vulnerabilities 1.Assign untrained people to maintain security and provide neither the training nor the time to make it possible to do the job. 2.Fail to understand the relationship of information security to the business problem -- they understand physical security but do not see the consequences of poor information security. 3.Fail to deal with the operational aspects of security: make a few fixes and then not allow the follow through necessary to ensure the problems stay fixed. 4.Reply primarily on a firewall. 5.Fail to realize how much money their information and organizational reputations are worth. 6.Authorize reactive, short-term fixes so problems re-emerge rapidly. 7.Pretend the problem will go away if they ignore it. http://www.sans.org/resources/errors.php

21 Thank you

Download ppt "(n)Code Solutions Presentation on the importance of a Secure Technology Infrastructure."

Similar presentations

ETHICAL HACKING A LICENCE TO HACK

ETHICAL HACKING A LICENCE TO HACK
Incident Response Managing Security at Microsoft Published: April 2004.

Incident Response Managing Security at Microsoft Published: April 2004.
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor

Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor
Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.

Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
UNITS meeting September 30, 2004 Network Security Roger Safian

UNITS meeting September 30, 2004 Network Security Roger Safian
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
1 Secure Your Business PATCH MANAGEMENT STRATEGY.

1 Secure Your Business PATCH MANAGEMENT STRATEGY.
Patching MIT SUS Services IS&T Network Infrastructure Services Team.

Patching MIT SUS Services IS&T Network Infrastructure Services Team.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.

Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.
CYBER CRIME AND SECURITY TRENDS

CYBER CRIME AND SECURITY TRENDS
Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.

Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.

Similar presentations

Ads by Google