4 6/2/2015 What are “endpoints”? More than just a desktop PC today Servers (application, web, storage) Laptops PDA’s/cellular phones VPN connected devices Vendors Contractors Virtual clients/services COOP sites Emergency communications Video/surveillance All IP enabled devices — Sensors — Meters
5 6/2/2015 Securing the endpoints Each type of device creates some level of specialized requirement Standard Anti-virus Host Intrusion Prevention Encryption Data Loss Prevention Compliance enforcement Security policy enforcement Mobile device controls Network Access control
6 6/2/2015 Securing the endpoints And why do we secure the endpoints? To protect the data!
7 6/2/2015 …against all threats Last 2 years vulnerabilities exceed the number of the 10 years before it 3 45% 2 increase of spam per email message for the last 6 years 66% 1 increase for the last 5 years Over 685K+ 1 unique malware today and nearly 1M (est.) by end of 2008 HIPS Antivirus AntiSpyware AntiSpam Malware Spam Vulnerabilities Potentially Unwanted Programs 1 Avert Labs 2 Message Labs 3 National Vulnerability Database http://nvd.nist.gov/statistics.cf
8 6/2/2015 Managing access More than just NAC Is the person and the device allowed to connect? Does the device meet all of the defined security policies? Which policies apply to which types of devices? How do I remediate a device to comply to policy? What if the device is outside of my jurisdiction? Should NAC be based upon network policy or security policy?
9 6/2/2015 Network Access Control (InformationWeek 7-08) 23% of all respondents have no NAC plans. Everyone else is in some phase of planning #1 reason for NAC: compliance #2 reason for NAC: access to specific networked resources Source: http://www.informationweek.com/news/security/NAC/showArticle.jhtml;jsessionid=WO0KGJJPGVML4QSNDLPCKHSCJU NN2JVN?articleID=208808356 http://www.informationweek.com/news/security/NAC/showArticle.jhtml;jsessionid=WO0KGJJPGVML4QSNDLPCKHSCJU NN2JVN?articleID=208808356 Allowing access from what, to what, by whom and why?
10 6/2/2015 Managing access Requires a comprehensive network and security based framework Must follow specific security policies for the device and the end user Must bring value in the way of continuous compliance checks Should require no end user involvement
11 6/2/2015 Securing the data So, if the person and the device meet our policies, everything is good, right? Now data protection becomes critical… Just because someone is granted access doesn’t mean the will use that data according to policy! Should data be encrypted when at rest? And how should I protect it at the device level when in motion? How do I know when data is not being used properly?
12 6/2/2015 Data protection requires various considerations Data must be protected regardless of: Easy to LoseEnticing to StealEasy to Transfer Access Usage DeviceLocation Cybercrime “Black Market” Value $ 98 $490$147 ®
13 6/2/2015 Securing data may also require encryption… NETWORK SECURITY DEVICE SECURITY INTERNET SECURITY File and Folder Encryption Virtual Container Encryption Entire Harddisk Encryption Port & Device Management Application Management Secure USB Storage Email Gateway Encryption
14 6/2/2015 In closing The definition of endpoint has changed and will continue to do so. Protecting the data on each of these endpoints is critical. Compliance for security is also critical to protecting the devices holding the data. No single endpoint strategy will protect various devices. Endpoint security must be comprised of layers that support the overall requirements. Even with strong endpoint security and access controls, data must still be protected from misuse.
15 6/2/2015 Endpoint Security Thank you for your time and attention! John Bordwine McAfee, Inc. John_bordwine@mcafee.com