1 / 25

Security – Knowing Who is Doing What

Security – Knowing Who is Doing What. August 2007. Email. Chat. Protect Against Unauthorized Use. Compliance Across Data Lifecycle. Assess Electronic Risks Across Entire Data Lifecycle…. Customers. Suppliers. Source Code Marketing Plans Executive eMail Customer Info Competition

Télécharger la présentation

Security – Knowing Who is Doing What

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Security – Knowing Who is Doing What August 2007

  2. Email Chat Protect Against Unauthorized Use Compliance Across Data Lifecycle Assess Electronic Risks Across Entire Data Lifecycle… Customers Suppliers Source Code Marketing Plans Executive eMail Customer Info Competition Employee Data 10Q Sales Data Passwords Internal Projects Sales Marketing Channel Partners Inbound/OutboundCall Centers Help Desk Consultants Finance Employees ConfidentialCustomer Data Thieves/Fraudsters

  3. Compliance • SOX GLBA • HIPAA SB1386 CriticalInformationSecurity Competitive Advantage • IP theft • Defensibility of Trade Secrets • Competitive Intelligence • Insider Threat - 80% • Closing the Loop • Forensics CorporateGovernance • Appropriate Use of Corporate Resources • Productivity Identity Risk Management C C C C

  4. CustomerRecords AccessDenied Here are the customer records. New Data Security and Compliance Risks Customer Records/Information “Trusted” Insider External Hacker Where Have You Put Your Resources?

  5. Changing Trends in Information Security Risks • “87% of insider attacks involved authorized persons using legitimate commands.” US Secret Service • “Through 2008, insiders will account for the majority of financial losses from computers & networks.” Gartner Group • “In writing the GLBA Data Protection Rules, the ability to monitor the insider threat was a significant gap.” Paul Reymann Co-author GLBA Data Protection Rule

  6. CSI/FBI 2005 Report on Sources of Threats • Attack volumes from both internal and external are similar in nature • The belief that strong authentication is required only from external sources is outdated

  7. CSI/FBI 2005 Report on Unauthorized Use Unauthorized computer system use is still a problem for most companies

  8. Methodology: 7 Steps of Effective Risk Mitigation • Identify Perceived Risks • Planning meetings with corporate organization • Gather Data on Actual Risks • Identity Risk Assessment • Prioritize Severity of Risks • Correlate Information – Look for Trends • Complete Action Plan to Remediate Risk • Risk Profile Analysis • Standardized Risk Management Reporting • Continue Monitoring Risks and Investigating Unusual Trends

  9. Identity is a Critical Security Ingredient • Rapid Adoption & Growth • Authentication market stands between $1B to $3B - Infonetics • 2004 WW IAM market size was $2.33B –IDC • IAM market growing at 11% CAGR between 2004 – 2009 - IDC • Identity Management will grow from 1.2B 2005 to 8.5B 2008 -Radicati Group • Projected growth over 50% year over year till 2009 - Radicati Group “Security information and event management (SIEM), as well as identity and access management (IAM), have required different information security approaches. However, they are integrating at their respective functional layers for auditing. Compliance efforts are the major catalyst driving them together.” Gartner: Security & Identity Management Auditing Coverage, July 2005

  10. Customer Needs Driving Identity Market Need for Simplified Identity & Access Management • Mitigating security risk, compliance to corporate security and usage standard • Government Regulations demanding better security and internal control for authentication, access, and identity management • Sarbanes-Oxley - HIPAA • Supporting strong protocols – 802.1X and EAP • Reducing IT & Help Desk overhead, improving operational efficiency • Tracking network activity through identity

  11. The Problems With Traditional Security • Traditional security tends to be perimeter based with limited identity-based security • Most security comprises of Firewall & IDS at perimeter and OS or application provided authentication and access rights • Internal networks are still largely trusted • Many are still not layering key defenses – network and security • Layering identity management is still a relatively new concept

  12. Identity, Network, Security Convergence Who is doing what and when? • Perimeter only security no longer enough • Mobility and new applications are forcing change • Must implement sophisticated security: • UTM Appliances (FW, AV, IPS, etc) • Content Security • Host Security • Network Access Control • Identity & Access Management • Identity will be critical element as perimeter dissolves The internal network can no longer be trusted…

  13. Ideal Situation – Defense Everywhere • Layer security solutions to apply security everywhere • In addition to perimeter security: • Personal AV, firewalls, IDP, & Spyware • UTM security gateways with AV, IPS, Antispam, and Web filtering • Strong identity management, network authentication, access management, and integrity based access control • And more… • User’s view security as complex and difficult to manage • IT budgets dictate how much security can be deployed How do we manage all of this?

  14. Management Issues: Management overhead to provision & maintain Scattered views offer no correlation Inconsistent password & authentication policies Higher volumes of support calls Requires more hardware, management utilities, and training Higher cost, added complexity, and slower response times Security Issues: Unauthorized entry points without a unified view Identity information theft from insecure servers Security holes from left-over accounts Inconsistent access policies weaken security stance Security issues decrease customer confidence, create negative corporate PR, and can lead to costly lawsuits Identity Resource Management Pain Points User Issues: • Authentication complexity • Too many accounts, passwords, login methods results in: • Increased security risk • Locked accounts • Lost productivity • Higher help desk volumes

  15. Traditional Barriers to Identity Management • Difficulty of integration • Too many solutions, integration between vendor products expensive and difficult • High cost of implementation • Directory Service, Provisioning, Security is expensive to purchase and integrate • Time for implementation • Full scale deployments for large companies can take many months to over a year • Departmental difficulties • Legacy support for outdated systems • Departments giving up control of user and customer information

  16. Internal Firewalls, Switches, Routers, Access Points, etc. Perimeter Firewalls, VPNs Email Servers Local Users, Data Systems, and Applications Remote Users Too Many Ways to Authenticate Complicates Identity Management and Increases Cost Authentication RADIUS, LDAP, AD box Identity Provisioning, Monitoring box Firewall Identity Monitoring box Many Others … Multiple Authentication Servers, Data Stores, and Proxies

  17. Identity & Access Management Benefits • Security & Accountability • Authentication Capabilities • Management of User Roles & Identities • Elimination of Inactive Accounts • Detailed Audit Trail • Quick Account Termination • Identity Reporting and Logging • Simplifying Complexity • User Self-Service, Password Synch • Fast Provisioning of New Employees • Reduction in IT and Help Desk Resources • Compliance with Government & Internal Regulations

  18. A10’s Smart IDentity Management Popular IAM functions unified in one hardened appliance Centralized provisioning & management of accounts and data stores Fast deployment into existing networks Rapid cost reduction & immediate benefits within hours of deployment Enhanced compliance & internal controls PROVISION CORRELATE MANAGE REPORT Rapid Deployment + Easy Use + Low Cost = Fast ROI & High Value

  19. Central Account Management Unified IDentity Manager (UIM) Features Centralized account lifecycle management Virtual Directory model Synchronization of identity information Visibility of all account provisioning and activity IDsentrie 1000 Advantages Simplified user account management Centralized account policy enforcement Account activity with integrated identity Improved accuracy, security, accountability and operational efficiency Automate compliance tasks Manage popular data store types from a central web interface Make the changes from one location to all the data stores Verify that your data stores do not have stale data that could leave your network open to exploits

  20. Manual Identity Forensics vs. IP-to-ID Service

  21. User Self-Help Service User Self Service Features • Account updates, password resets and changes • Web interface for easy access • Password Policy enforces tough passwords • Updates synchronized across data stores • All portal activity is logged for compliance IDsentrie Advantages • Reduces IT & Help Desk burden • Minimizes employee downtime • Agent-less solution for non-intrusive implementation • Fast implementation for immediate benefits Simplify user password management, recover IT resources, and improve user productivity

  22. Intuitive Self-Help Portal Aids Help Desk

  23. EX Series: Secure Bandwidth Manager with Identity Solving Bandwidth Management problems through a unique secure, high-performance, and highly visible platform. Hardened Appliance with High Performance Multi-threaded, Multi-CPU Operating System & Architecture

  24. AX Series – Next-generation Server Load Balancer Advanced Core Operating System (ACOS) Advanced Application Switching SSL Acceleration High Density 10 Gig Protocol Optimization Integrated L2/L3 Line Rate Security Data Center Class Hardware Inline Scripting IPv4/IPv6 ACOS tuned for multiple CPUs

  25. Thank You - Questions? For more information, visit A10 Networks’ web site at: www.a10networks.com

More Related