three tier approach to security n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Three Tier Approach to Security PowerPoint Presentation
Download Presentation
Three Tier Approach to Security

Loading in 2 Seconds...

play fullscreen
1 / 17

Three Tier Approach to Security - PowerPoint PPT Presentation


  • 75 Views
  • Uploaded on

Three Tier Approach to Security. Chuck Dettlaff Engineer, Salesmen, Scoutmaster  Jan 29, 2009. Why do we care about security?. Jan 2007 - TJ Maxx, wireless breach Sept 2008 – Country Wide employee theft Jan 2009 - Heartland Payment Systems, database hack.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Three Tier Approach to Security' - ash


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
three tier approach to security

Three Tier Approach to Security

Chuck Dettlaff

Engineer, Salesmen, Scoutmaster

 Jan 29, 2009

why do we care about security

Why do we care about security?

Jan 2007 - TJ Maxx, wireless breach

Sept 2008 – Country Wide employee theft

Jan 2009 - Heartland Payment Systems, database hack

a three tiered approach

A Three Tiered Approach

Edge (Network)

Server (Application)

Desktop (User)

what do i gain

What do I gain?

Known (Base-line) behavior

Control and Insight

Ease of trouble shooting

what is the cost of being proactive vs reactive

What is the cost of being Proactive vs. Reactive?

A 36 hour outage results in $1million loss for a $5 million dollar company

Lost Opportunity Costs

Loss Of Reputation

Upset customers & staff

A complete security overhaul costs

less than $150,000

edge network

Edge (Network)

IDS/IPS

Firewall

Access Control List

Radius Server

what am i looking for

What am I looking for?

Equipment - Easy to mange, full application support

Training – SANS, Manufacturer, Cyber Security Class

Forensics – source IP address

large data transfers

black list

slow network

server application

Server (Application)

Access Control List

Default db password

Unload unnecessary modules

Stop unused services

what am i looking for1

What am I looking for?

Equipment - You and OS Maker

Training – Microsoft or Linux, Black Hat

Forensics – foreign service

slow CPU

trusted.org

desktop user

Desktop (User)

Personal Firewall

Antivirus

Backups

what am i looking for2

What am I looking for?

Equipment - McAfee, Symantec, Trend

ANYONE!

Training – Internet news groups

Forensics – slow response

lots of windows open magically

weird services running

Applications will not start

careers in the security

Careers in The Security

Security Analyst

Network Manager

System Admin

Desktop Jockey

Stress & Salary

careers in the security1

Careers in The Security

OSBI, OBN

Larger State Agencies

Equipment Manufacturer

Commercial Enterprises

where do i get training

Where do I get Training?

Computer Forensics, Investigation, and Response

Monday, January 26, 2009 - Saturday, January 31, 2009

NSF awards Oklahoma $3 million cyber security grant

thank you

Thank you!

Let’s Eat Pizza!

Chuck.Dettlaff@peakuptime.com