Proactive measures to prevent data theft
This presentation is the property of its rightful owner.
Sponsored Links
1 / 15

Proactive Measures to Prevent Data Theft PowerPoint PPT Presentation


  • 49 Views
  • Uploaded on
  • Presentation posted in: General

Proactive Measures to Prevent Data Theft. Securing, Auditing and Controlling remote access to your critical data. Kalle Jääskeläinen, CISSP Director, Solutions Management. Customer and market challenges. 1. Growing pressure and need to secure existing legacy environments.

Download Presentation

Proactive Measures to Prevent Data Theft

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Proactive measures to prevent data theft

Proactive Measures to Prevent Data Theft

Securing, Auditing and Controlling

remote access to your critical data

Kalle Jääskeläinen, CISSP

Director, Solutions Management


Customer and market challenges

Customer and market challenges

1. Growing pressure and need to secure existing legacy environments

2. Growing concern of insider threat and related data leakages

3. Lack of visibility and control in outsourced

and other external operations


1 growing pressure and need to secure existing legacy environments

1. Growing pressure and need tosecure existing legacy environments

  • 79% of victims subject to PCI-DSS had not achieved compliance

  • Weakest level of compliance

    • Encrypt transmission of cardholder data across open public networks (PCI-DSS req. 4)

  • Where Data was Targeted

    • 67% In Transit

  • Methods used to enter target systems

    • 55% Remote Access Applications

  • Cyber-criminality against cardholder’s data. PCI-DSS council meeting, October 2010


How to secure existing legacy environment fast and cost efficiently

How to secure existing legacy environment fast and cost efficiently?

  • Solution: Tectia ConnectSecure

  • The fastest track to securing legacy business applications

    and legacy file transfers

UserID and password sent in cleartext

Legacy client application, e.g. CRM

Legacy File Transfer client, FTP

Legacy Server application

Tectia ConnectSecure

SSHv2 server

SFTP server

UserID, password and application traffic secured through SSH

FTP converted to SFTP


2 growing concern of data leakages and insider threat

2. Growing concern of data leakages and insider threat

  • 48% of the data breaches were caused by insiders (+26% increase compared to last year)

  • The attack pathway of 34% of breaches are related to remote access and control services.

    “Recently, many have hypothesized that insider crime would rise due to financial strain imposed by global economic conditions. Hard times breed hard crimes as they say”

Source: Verizon data breach report 2010


Biggest challenges regarding data leakages and insider threat

Biggest challenges regarding data leakagesand insider threat

  • Administrators have the biggest operational power with the least accountability

  • In general, user activities are not effectively audited

  • 90% of the time logs are available but discovery via log analysis remains under 5%.

”In general, we find that employees are granted more privileges than they need to perform their job duties and the activities of those that do require higher privileges are usually not monitored in any real way.”

Source: Verizon data breach report 2010


Proactive measures to prevent data theft

Tectia Guardian

How to audit and control remote system access, also the encrypted sessions?

  • The fastest track to

    • enforce security controls and auditing

    • meeting security standards

    • ensuring business continuity

  • End-to-end encrypted remote access ,such as SSH and RDP

  • No tools to audit and control the content of the secured connections

AUDIT

DENIED!


Proactive measures to prevent data theft

How to prevent and notice data leakages?

IPS

DLP

Business partner,

Cloud service etc.

Only File

Transfers

Only defined

destinations,

users and times


Proactive measures to prevent data theft

Example customer case:

Space exploration and aeronautics research organizationHow to ensure integrity, security and availability of critical services?

  • Customer Challenge:

  • Security and audit requirement to inspect all the traffic to critical services

  • How to inspect encrypted connections?

  • Solution:

  • Tectia Guardian

  • Deployment: Tectia combined with Intrusion Detection System provides a solution that enables customer to inspect and control all the connections, encrypted or not

  • Customer ROI

  • Fulfilled security requirement and passed audit

  • Minimal impact to existing business processes and daily work

  • Improved integrity and security of critical services and confidential information


3 lack of visibility and control in outsourced and other external operations

3. Lack of visibility and control in outsourcedand other external operations

  • Increasing trend for outsourcing IT management and operations

  • 47% of the breaches within partner agents were conducted by remote IT management

  • Partners that manage systems are by far the most common offenders, whether their role is accidental or deliberate.

Source: Verizon data breach report 2010


Biggest challenges in outsourced operations

Biggest challenges in outsourced operations

Organizations that outsource their IT management and support also outsource a great deal of trust to these partners.

In the end, what we said last year remains true; poor governance, lax security, and too much trust is often the rule of the day.

Outsourcing should not mean ”Out of sight, out of mind”

  • End-to-end encryption of remote connections provides security, but prevents auditing or control

  • No control or guarantees of the security level or processes of the external entity

  • Systems are accessed by internal and external users

    • Who did what, when and how?

Source: Verizon data breach report 2010


Proactive measures to prevent data theft

How to ensure visibility and control for oursourced and other external operations?

Internal IT Security/ Auditing

4-EYES

3rd party remote access to critical internal services


Proactive measures to prevent data theft

System integrators and service providers.

How to ensure visibility and control?

How to manage UserID/password nightmare (n x m)?

User1

User2

User3

Service provider adminstrators

Admin1

Customer 1

Customer 1

Customer 1

AD/ LDAP

RADIUS


Proactive measures to prevent data theft

Tectia Guardian

Your fastest track to...

enforcing security controls

meeting security standards

ensuring business continuity


Proactive measures to prevent data theft

Tectia Guardian Technical Overview

Tectia Guardian

Key Functionalities

Comprehensive protocol support: SSH/SFTP, RDP, VMWare View, VNC, X11, Telnet, and TN3270

Real time IDS and DLP data feed

Extensive security functions such as gateway authentication and 4-eyes authorization

Tamperproof log and audit trails with extensive content search and reports

  • Comes as a pre-tested appliance or virtual appliance

  • Supports multiple operation modes to fit any enterprise environment: router, bridge and bastion Host

  • Transparent operation: minimal changes to existing operations

  • Provides a true 3rd party for auditing: System administrators do not have access to Tectia Guardian or audit logs


  • Login