© 2008 mcafee, inc. “endpoint” security defining the endpoints and how to protect them
Post on 18-Dec-2015
223 Views
Preview:
TRANSCRIPT
2
04/18/23
Agenda
• What are “endpoints”?• Securing the “endpoints”• Managing access• Securing the data• Layers of protection
4
04/18/23
What are “endpoints”?
More than just a desktop PC today• Servers (application, web, storage)• Laptops• PDA’s/cellular phones• VPN connected devices• Vendors• Contractors• Virtual clients/services• COOP sites• Emergency communications• Video/surveillance• All IP enabled devices
— Sensors— Meters
5
04/18/23
Securing the endpoints
• Each type of device creates some level of specialized requirement
• Standard Anti-virus• Host Intrusion Prevention• Encryption• Data Loss Prevention• Compliance enforcement• Security policy enforcement• Mobile device controls• Network Access control
7
04/18/23
…against all threats
Last 2 years vulnerabilities exceed
the number of the 10 years before it3
45%2 increase of spam per email message for the
last 6 years
66%1 increase for the last 5 years
Over 685K+1 unique malware today and nearly 1M (est.) by
end of 2008
HIPSAntivirus AntiSpyware AntiSpam
Malware
Spam
Vulnerabilities
Potentially Unwanted Programs
1 Avert Labs2 Message Labs3 National Vulnerability Database http://nvd.nist.gov/statistics.cf
8
04/18/23
Managing access
More than just NAC• Is the person and the device allowed to connect?• Does the device meet all of the defined security policies?• Which policies apply to which types of devices?• How do I remediate a device to comply to policy?• What if the device is outside of my jurisdiction?• Should NAC be based upon network policy or security
policy?
9
04/18/23
Network Access Control (InformationWeek 7-08)
• 23% of all respondents have no NAC plans. Everyone else is in some phase of planning
• #1 reason for NAC: compliance • #2 reason for NAC: access to specific
networked resources
Source: http://www.informationweek.com/news/security/NAC/showArticle.jhtml;jsessionid=WO0KGJJPGVML4QSNDLPCKHSCJUNN2JVN?articleID=208808356
Allowing access from what, to what, by whom and why?
10
04/18/23
Managing access
• Requires a comprehensive network and security based framework
• Must follow specific security policies for the device and the end user
• Must bring value in the way of continuous compliance checks
• Should require no end user involvement
11
04/18/23
Securing the data
So, if the person and the device meet our policies, everything is good, right?
• Now data protection becomes critical…• Just because someone is granted access doesn’t mean
the will use that data according to policy!• Should data be encrypted when at rest?• And how should I protect it at the device level when in
motion?• How do I know when data is not being used properly?
12
04/18/23
Data protection requires various considerations
Data must be protected regardless of:
Easy to Lose Enticing to StealEasy to Transfer
AccessUsage DeviceLocation
Cybercrime “Black Market” Value$98
$490 $147
$147®
13
04/18/23
Securing data may also require encryption…
NETWORK SECURITY DEVICE SECURITY INTERNET SECURITY
File and Folder Encryption
Virtual Container Encryption
Entire Harddisk Encryption
Port & Device Management
Application Management
Secure USB Storage
Email Gateway Encryption
14
04/18/23
In closing
• The definition of endpoint has changed and will continue to do so.
• Protecting the data on each of these endpoints is critical.• Compliance for security is also critical to protecting the
devices holding the data.• No single endpoint strategy will protect various devices.• Endpoint security must be comprised of layers that
support the overall requirements.• Even with strong endpoint security and access controls,
data must still be protected from misuse.
top related