1 / 14

Managing and Securing Endpoints Bruce Hotte Chief Information Officer Jeff Swan Network Supervisor

Managing and Securing Endpoints Bruce Hotte Chief Information Officer Jeff Swan Network Supervisor.

minowa
Download Presentation

Managing and Securing Endpoints Bruce Hotte Chief Information Officer Jeff Swan Network Supervisor

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Managing and Securing EndpointsBruce HotteChief Information OfficerJeff SwanNetwork Supervisor The definition of “endpoint” used to be simple: a desktop workstation. But today’s environment is far more complex. Laptops, mobile devices, teleworking, outsourcing – all of these add tremendous complexity to the challenge of keeping systems and data secure. This session looks at the latest strategies and solutions being used in the public sector.

  2. Focus Points • 1– Protecting Data on Desktop and Tracking • - Virus Protection • - Firewalls • - Desktop Protection • - Encryption • 2 – Email Protection • 3 – Why?

  3. Virus Protection • - Enterprise Virus Protection • Why important? • ePolicy Orchestrater • Benefit to Agency and our Local Health Department’s workstations and servers.  • Centralized notification of virus outbreaks, out of date clients, definition files and rogue systems (computers with no anti-virus client). • Update Process • Each day at 6:00 AM to download to Server. • Workstations and servers then connect to the ePO server each day to obtain update, if needed.

  4. Firewall • Importance of firewall. • Many options. • We went with Windows Defender and Windows Firewall for spyware blocking and protection as we moved to Windows Vista.

  5. Desktop Protection • Why protect more? • Remote Staff • Stolen or missing Equipment • Asset Management • Software Management • Cost • Computrace helps combat the security risks associated with computing assets, and the asset management challenges they pose. • Recovery protection • Remote kill

  6. How does it work • Absolute Software’s product line is based on the patented Computrace Technology Platform. • This client/server architecture provides secure, client-initiated IP-based communications between the Computrace Agent and the Monitoring Center. • The Computrace agent resides on the hard drive, or, ideally embedded in the Basic Input Output System (BIOS) or firmware of the host computer.

  7. Tracking of Hardware – CPR: Compliance, Protection and Recovery • - Compliance – Adherence to all applicable mobile data protection regulations, with an easily accessible audit trail • - Protection – Protecting data on mobile computers includes encryption, strong authentication and the ability to remotely delete sensitive data on stolen devices • - Recovery – Recovery of lost or stolen devices returns them to the control of the organization and facilitates prosecution. • By adopting the CPR approach to laptop security, government agencies can minimize the impact of computer theft, while complying with privacy regulations.

  8. Encryption • - Protect data on your pc’s, laptops and external devices. • Mandated by Executive Order • Sensitive data • SafeBoot – How did we do it. • Used SafeBoot AutoBoot\AutoLogin method to get started and protected quickly. • Deployed through Windows Group Policy. • Beginning to move toward SSO and Content Encryption. • Put less data on Laptops. Do more work in the Data Center. Citrix is a possible solution. This is a very important when you discuss DR and teleworking.

  9. Email Protection • Why important? • What is the only application that everybody uses? • GFI MailSecurity is a comprehensive email content checking and anti-virus solution to safeguard your mail server and network. GFI MailSecurity acts as an email firewall and protects you from email viruses, exploits and threats, as well as email attacks targeted at your organization. • GFI MailEssentials is an enterprise level anti-spam solution. GFI MailEssentials offers spam protection at server level and eliminates the need to install and update anti-spam software on each desktop. This tool is and will always be very important to the Agency in protecting us from Spam, which some say may become worse than viruses.

  10. How well does it work • We received a total of 477,288 pieces of mail from 09-11-08 until 09-17-08. Of those, 1,786 were virus and attachment blocks and 335,109 were spam. Legitimate mail delivered to users was 140,393. These numbers indicate that 78% of the email received was blocked due to spam and viruses. • Will you be able to stop all spam? • Can you avoid Spam?

  11. Email Encryption • Why important: • HIPAA • Sensitive Data • - ZIXVPM (Virtual Private Messaging) applies encryption to sensitive outbound email. The ZIXVPM device to examines and automatically encrypts email that meets a predefined set of criteria. • - We are using ZixCorp services to protect our email and ensure all Protected Health Information remains confidential. • - Secured communications easy. ZixCorp services enable us to send encrypted email to anyone, whether they are ZixCorp customers or not. Secure e-messaging is not just a government mandate; it's a practical way to do business.

  12. Lexicon • The content of all outbound messages are scanned and compared against two • lexicons, or dictionaries. • - Identifier Lexicon has a criteria of identifier information • example: Social Security numbers • - HIPAA Lexicon contains HIPAA terminology • example: a health condition/disease • The content of the email message must meet a criteria defined in both lexicons for • encryption to occur. • • Example 1: Message will be encrypted if message or attachments • contain a Social Security number and a name of a disease. • • Example 2: Message will not be encrypted if message or attachments • only include a Social Security number. • • Example 3: Message will not be encrypted if message or attachments • only include a name of a disease.

  13. Keyword Encryption • ODH has also enabled “keyword encryption”. Anyone can send an encrypted email by using the keyword. The keyword must be the first word in the subject line. •  When the user receives the encrypted message and if they are not a ZIX customer, they will need to follow a registration process. The process part of the message they will receive in their inbox. If they are a ZIX customer, the message should go directly to their inbox.

  14. Why? • - Why do we seem in business and in life to wait for bad things to happen to us before we take action? • - Did I get a good backup? • - Where is my laptop? • - Where did that email go? • - Is your power on? Take a look at yourself and your organization.

More Related