1 / 15

New Technology Enforcement Strategies

New Technology Enforcement Strategies. by Peter Benson. The issues . Information Loss Perimeter Breakdown Mobile Users New Technology Vulnerabilities Future Directions. Perimeter Breakdown. Perimeters slowly disappearing VPN Partner Connections Home Users Wireless Insecurities

chance
Download Presentation

New Technology Enforcement Strategies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. New Technology Enforcement Strategies by Peter Benson

  2. The issues • Information Loss • Perimeter Breakdown • Mobile Users • New Technology • Vulnerabilities • Future Directions

  3. Perimeter Breakdown • Perimeters slowly disappearing • VPN • Partner Connections • Home Users • Wireless Insecurities • Zones of Trust • Testing Security

  4. Laptop Users • Current Laptop Loss Rate >4% • Information and hardware costs • Theft Prevention on increase • Minimum controls required for mobile population • Personal Firewall • AV • Disk Encryption • Policy and Security Architecture Requirements • Citrix is your Friend!

  5. New Technology and Information Loss • USB Fobs • External Memory Cards • CD / DVD Writers Common • PDA’s • Integration of Cell Phone Technology • IM • VoIP

  6. General Strategies • Track New Technology Opportunities • Research and define Policy • Default Deny • Enforce Policy • Technical Controls • Policy Controls • HR Controls • Approval / Authorisation Controls

  7. VoIP • Implement your strategy and policy • Architect! • Default Deny • “Free is not necessarily cost effective” • Research • Be Proactive. Your people are using this now.

  8. Instant Messaging • Manage malicious code via A/V or other means • Control at the gateway • Default Deny • Man in the Middle inspection • Have approved processes and systems

  9. Mobile Storage Devices • Encrypt removable media • USB management of storage devices • Flash memory security • Allow managed access to USB storage devices • Block illegal software installation • Block .exe .com .vbs .mp3 files etc • Printer, modem permissions management • Client side content filtering of removable media

  10. Mobile Communications • Discover your Mobile Perimeter • Asset Database, exposure management • Capture changes to Mobile Perimeter • Vulnerabilities • Connections • Control Connectivity • Control Mobile Information Security • Encryption • A/V • Content

  11. Emerging Enforcement Technologies • Reflex Magnetics, Reflex Disk Net Pro • Trust Digital, Trust Enterprise Mobile Suite • Asset Discovery and Management • Anti-Spyware for Enterprises • Connection Enforcement • Enterprise Quality Encryption for Laptops / Mobile Systems • Application Aware Firewalls • MITM Proxys • Fractured Networks (zones of trust)

  12. Thank You Questions?

More Related