290 likes | 418 Vues
Securing Remote Devices and Using Good Internet Security. Jay D. Flanagan Manager, Email, IDM & Security University Technology Services Emory University. Agenda. Remote Device Security Blackberry’s Treo’s / Goodlink Laptop’s Internet Security Where am I going? What sites do I access?
E N D
Securing Remote Devices and Using Good Internet Security Jay D. Flanagan Manager, Email, IDM & Security University Technology Services Emory University
Agenda • Remote Device Security • Blackberry’s • Treo’s / Goodlink • Laptop’s • Internet Security • Where am I going? • What sites do I access? • What information do I give out? • Desktop security • Tools
Remote Device Security • Mobility • Working from anywhere • Access to data from anywhere • Types of Data • Confidential / Restricted • Public • Storage of Data • Encrypt / Encrypt / Encrypt
Blackberry BLACKBERRY
Blackberry • Built in wireless security features • End-to-end Wireless encryption • Uses AES or Triple DES • Can use RSA SecureID for two-factor authentication • HTTPS for secure data access • S/MIME Support • PGP Support • Digital Certificates • Certs can be generated • Smart Card reader
Blackberry • Security for Stored Data • IT policy enforcement and management • Mandatory authentication • Admins can remotely send commands • Server permits only trusted connections • Certified Secure • Advanced embedded encryption technology • Meets required government security standards • FIPS 140-2
Blackberry • Security Guidelines • Blackberry devices should be password protected (Can be done as part of the encryption process) • Anti-virus protection – Postini, Relays, Server and desktop • Encryption – Transmission of data is already done. Be sure data is encrypted for content on the device – can easily be set up • Always immediately report a lost, stolen or damaged Blackberry device (Help Desk / Local Support) • Regularly back-up data
Blackberry • Blackberry Security Links • Google Blackberry Security • http://www.sans.org/reading_room/whitepapers/pda/258.php • http://na.blackberry.com/eng/ataglance/security/knowledgebase.jsp#tab_tab_whitepapers • http://iase.disa.mil/stigs/checklist/wireless_stig_blackberry_checklist_v5r2-1.pdf
TREO/GOODLINK TREO/ GOODLINK
Treo/Goodlink • Microsoft’s Messaging and Security Feature Pack (MSFP) • Direct push technology • Access Global Address List (GAL) • Supports protection against violations of HIPAA and Gramm-Leach-Bliley Acts • Remote password policy enforcement and data wipe • Password lengths can be set • Set failed password attempts before wiping of data
Treo/Goodlink • Security Guidelines • Treo devices should be password protected • Password protect documents • Anti-virus protection – Postini, Relays, Server and desktop • Encryption – Transmission of data is already done. Be sure data is encrypted for content on the device • Always immediately report a lost, stolen or damaged Treo device (Help Desk / Local Support) • Regularly back-up data • Goodlink Security Page Link: • http://www.good.com/documentation/GMM_Admin_Exchange/Stoli%20Exchange%20Admin%20HTML-03-3.html
Treo/Goodlink • Treo Security Links • Google Treo Security • http://www.lehigh.edu/~inlts/comp/docs/pda/security/palm/ • http://mytreo.net/archives/2006/04/treo-security-msafe-warden-teallock-comparison-review.html • http://www.good.com/documentation/GMM_Admin_Exchange/Stoli%20Exchange%20Admin%20HTML-03-3.html
Laptops • Security Guidelines • Basic Security Measures • Enable strong passwords • Asset Tag or Engrave the laptop • Register the laptop with the manufacturer
Laptops • Security Guidelines • Physical Security • Get a cable lock and use it • Use a docking station • Lock up your PCMCIA cards • Consider other security devices based on your needs • Use tracking software to have your laptop call home
Laptops • Security Guidelines • Protecting your Sensitive Data • Use the NTFS file system • Disable the Guest Account • Rename the administrator account • Consider creating a dummy administrator account • Prevent the last logged-in user name from being displayed • Use a personal firewall • Consider other security devices based on your needs • Encrypt your data – Full Disk Encryption • Backup your data
Laptops • Security Guidelines • Encrypting the hard drive • http://www.guardianedge.com/products/Encryption_Anywhere/Hard_Disk.html • http://www.dekart.com/howto/encrypt_hard_drive/ • http://www.dekart.com/products/encryption/private_disk/ • http://www.safenet-inc.com/products/data_at_rest_protection/Protectdrive.asp • http://www.truecrypt.org/ • http://www.magic2003.net/scrypt/index.htm
Laptops • Security Guidelines • Preventing Laptop Theft • No place is safe • Use a non descript carry case • Beware of pay phones • Be aware of your laptop at all times • When traveling by air • When traveling by car • While staying in a hotel • When attending conventions and conferences • Make security a habit
Laptops • Security Guideline Links • Google on Laptop Security • http://labmice.techtarget.com/articles/laptopsecurity.htm • http://www.securitydocs.com/library/3399 • http://www.microsoft.com/atwork/stayconnected/laptopsecurity.mspx • http://infosecuritymag.techtarget.com/articles/february01/features_laptop_security.shtml
Safe Internet Security Practices • The Internet is great • for searching • for gathering information • for purchasing products and services • But………………………
Safe Internet Security Practices • Where am I going on the internet and why am I going there? • What information am I going to give out when I go to a web site? • Do you ask yourself these questions when surfing? • You should • More and more sites gather information on you when you surf • Some with your knowledge and some without • Key loggers, trojans, worms and social engineering are just some of the things that reside on web sites waiting for you to come along. • Precautions must be taken • Desktop security tools will help • But so will being security aware
Safe Internet Security Practices • Desktop Security Tools • Virus Scanning • Be sure to have anti-virus software installed, running and DAT files up to date • Update DAT files and software automatically • Schedule regular scans • Spam Scanning • Manage Postini spam filtering • Set up filters on email client – think hard about this • Some anti-virus software will also do some limited spam scanning
Safe Internet Security Practices • Desktop Security Tools • Personal Firewall • Install and set up personal firewall • Windows XP / Vista • Other Vendors • Symantec • Zone Alarm • Keep it up to date • Review logs regularly • Anti-spyware Scanning • Install anti-spyware software • Spybot • Yahoo Anti-Spyware • MS Anti-Spyware • Keep it up to date • Scan regularly
Safe Internet Security Practices • Desktop Security Tools • Other host based security tools • Host based IPS • Host based IDS • URL and Content Filters
Summary • Mobility and access to data • Blackberry’s, Treo/Goodlink, Laptops • Keep these mobile devices secure • Steps that should be taken • Being safe and secure on the Internet • Security Awareness • Security Tools
Contact Information • Jay D. Flanagan, Emory University • Email • Jay.d.flanagan@emory.edu • Phone • 404-727-4962 • Web Page • http://it.emory.edu/security
? Questions QUESTIONS?