Presentation is loading. Please wait.

Presentation is loading. Please wait.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Published byDale Palmer Modified over 9 years ago

Similar presentations

Presentation on theme: "Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People."— Presentation transcript:

1 Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People From Doing Bad Things”

2 1 Public, Private and Hybrid Cloud Computing Security For infrastructure, end points, data and applications Across physical, virtual, public, private and hybrid cloud environments Empower IT governance to strengthen security, improve productivity, drive compliance and reduce expense Vision Securing the Perimeter Within Consistent policy-driven, role-based access control, fine grained privilege delegation, logging, monitoring and reporting Server & Desktop Physical & Virtualization Windows, Linux, Unix Network Device Security Network Device Security Data Security & Leak Prevention Data Security & Leak Prevention Governance, Risk & Compliance Governance, Risk & Compliance

3 2 The Problem is Broad and Deep The threat from attacks is a statistical certainty and businesses of every type and size are vulnerable. Organizations are experiencing multiple breaches: 59 percent had two or more breaches in the past 12 months. Only 11 percent of companies know the source of all network security breaches.

4 3 Privileges are Misused in Different Ways Insider attacks cost an average $2.7 Million per attack 1 Desktop configuration errors cost companies $120/yr/pc 2 Virtual sprawl and malware are ever-present realities Source: 1 Computer Security Institute and FBI Survey. Source: 2 IDC Report: The Relationship between IT Labor Costs and Best Practices for Identity and Access Management with Active

5 4 48% of all data breaches were caused by insiders (+26%) 1 48% involved privilege misuse (+26%) 1 98% of all data breaches came from servers 1 Insider vs Outsider Threats “Organizations continue to struggle with excessive user privilege as it remains the primary attack point for data breaches and unauthorized transactions.” ~ Mark Diodati, Burton/Gartner Group External Threat Anti-Virus Firewalls E-mail Security Web Security Internal Threat Data Security & Leak Prevention Privileged Identity Management Intrusion Detection & Prevention Source: 1 “2010 Data Breach Investigations Report“ by Verizon with US Secret Service BeyondTrust

6 5 End Point Vulnerabilities in a SAAS World

7 6 Requirements:  Anti-Virus  Patch Management  Privilege Elevation  End Point DLP Best Practice For Cloud Security Employ a Full Suite of EndPoint Security Tools

8 7 Cloud Computing Reality – Public, Hybrid or Private Increasing scale – from thousands to tens of thousands servers Increasing complexity makes configuration and change management challenging – Complex directory structures are a major pain point Reliability is critical to realizing operational improvement Impact of Virtualization and Cloud Computing

9 8 Requirements:  Account for All Privileged Users  Manage Provisioning/De-Provisioning Privileged Credentials  Implement a “Least Privilege” based Control System  Monitor and Reconcile Privileged Activity  Maintain a High Quality Audit Repository  Automate Compliance Reporting Best Practice For Cloud Security Full Life-Cycle Control of Privileged Users

10 9 Impact of Virtualization and Cloud Computing Customer Requirements For Enterprise Grade Cloud Security Scalable, enterprise grade fabric Seamless integrations with on-premise and cloud directories Allow admins to manage policies not infrastructure Dynamically react to changes in virtual environment Quantifiable performance metrics of how its performing

11 10 Policy Files 10 How Least Privilege Works Submit Host (pbrun) Master Host (pbmasterd) Request a Privileged TaskRejected Log Host (pblogd) Event Logs I/O logs Accepted Privileged Task Privileged User Run Host (pblocald) 1 1 2 2 2 2 3 3 4 4 Task Delegation / Privilege Escalation

12 11 Policy Files 11 Fully Cloud Based Least Privilege Submit Host (pbrun) Master Host (pbmasterd) Request a Privileged TaskRejected Log Host (pblogd) Event Logs I/O logs Accepted Privileged Task Privileged User Run Host (pblocald) 1 1 2 2 2 2 3 3 4 4 On- Premise Hosted

13 12 Policy Files 12 Cloud Hosted Least Privilege Submit Host (pbrun) Master Host (pbmasterd) Request a Privileged TaskRejected Log Host (pblogd) Event Logs I/O logs Accepted Privileged Task Privileged User Run Host (pblocald) 1 1 2 2 2 2 3 3 4 4 On- Premise Hosted

14 Thank You 818.575.4000 www.beyondtrust.com. Connect with us...

Download ppt "Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People."

Similar presentations

THE BUSINESS NEED Create affordable alternative/ provide enterprise power/capability for any-sized company Reduce resource-draining burden of meeting.

THE BUSINESS NEED Create affordable alternative/ provide enterprise power/capability for any-sized company Reduce resource-draining burden of meeting.
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
{ Best Practice Why reinvent the wheel?.   Domain controllers   Member servers   Client computers   User accounts   Group accounts   OUs 

{ Best Practice Why reinvent the wheel?.   Domain controllers   Member servers   Client computers   User accounts   Group accounts   OUs 
Current Security Threats WMO CBS ET-CTS Toulouse, France 26-30 May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.

Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.
Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.

Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.
Confidential FullArmor Corp. 2015 Platform for SaaS and mobile apps to remotely access, migrate, and sync Active Directory resources with the cloud ADanywhere.

Confidential FullArmor Corp Platform for SaaS and mobile apps to remotely access, migrate, and sync Active Directory resources with the cloud ADanywhere.
Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.

Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.
By Edith Butler Fall 2008. Our Security Ways we protect our valuables: Locks Security Alarm Video Surveillance, etc.

By Edith Butler Fall Our Security Ways we protect our valuables: Locks Security Alarm Video Surveillance, etc.
A simpler way to manage identities across multiple services Aldo Zanoni, CEO 408.675.5015 ext. 232

A simpler way to manage identities across multiple services Aldo Zanoni, CEO ext. 232
Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.

Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
Demi Albuz SENIOR PRODUCT MARKETING MANAGER Samim Erdogan PRINCIPAL ENGINEERING MANAGER Thomas Willingham TECHNICAL PRODUCT MANAGER.

Demi Albuz SENIOR PRODUCT MARKETING MANAGER Samim Erdogan PRINCIPAL ENGINEERING MANAGER Thomas Willingham TECHNICAL PRODUCT MANAGER.
Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.

Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.
© 2004-2014. Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.

© Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions 631-692-5175 Steve Katz, CISSP Security.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
Copyright 2011 Trend Micro Inc. Securing your Journey to the Cloud Kamal Sharma Technical Consultant Classification 8/27/2015 1.

Copyright 2011 Trend Micro Inc. Securing your Journey to the Cloud Kamal Sharma Technical Consultant Classification 8/27/
Market Trends Enterprise Web Applications Cloud Computing SaaS Applications BYOD Data Compliance Regulations 30 Second Elevator Pitch Web browsers have.

Market Trends Enterprise Web Applications Cloud Computing SaaS Applications BYOD Data Compliance Regulations 30 Second Elevator Pitch Web browsers have.

Similar presentations

Ads by Google