how much security is enough? · intrusion detection system intrusion prevention system desktop...
TRANSCRIPT
![Page 1: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/1.jpg)
How much Security is Enough?
![Page 2: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/2.jpg)
Security & Solution
![Page 3: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/3.jpg)
Security & Solution
![Page 4: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/4.jpg)
Security & Solution
![Page 5: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/5.jpg)
What is adequate Security to your Organization?
• What need to be protected?• Why does it need to be protected?• What happened if it is not protected?• What will it cost you?
![Page 6: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/6.jpg)
How to get started?
Audit & Assessment• Identify your business processes• Identify assets that are supporting your business
processes• Identify threats to those assets• Assess your current security measures (Security
assessment)
Output• A risk treatment plan tailored to your
organization need and priority
![Page 7: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/7.jpg)
Example
Company ABC - Distributed workforce- IT Infrastructure
- Messaging- Web- Database- Remote Access
![Page 8: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/8.jpg)
Audit & Assessment of Company ABC
Business process is- Placing of order by Sales personnel- Enquiry by Online customer
![Page 9: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/9.jpg)
Assets that are required by those processes
Placing of order by Sales personnel• Dial-up Server• Web server• Database server• Messaging server• PC / Notebook used by sales personnel
Enquiry by customer• Web server• Internet connection• Database server• Messaging server
![Page 10: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/10.jpg)
Threats identified to those assets
Dial-up server – power, lightning, hackerWeb server – power, worm, hacker,
phishingDatabase server – power, worm, hacker,
disgruntled employeeMessaging server – power, worm, hackerPC – power, worm, virus, hacker, SPAMInternet Access – Power, DDOS
![Page 11: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/11.jpg)
Security assessment
• Security assessment aim is to find vulnerabilities
• Not just on IT infrastructure but also processes
![Page 12: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/12.jpg)
Risk Treatment Plan
• Reduce the risk • Accept the risk• Outsource the risk
![Page 13: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/13.jpg)
Reducing Risk
• Security Policy• Educating your users• Implement Security Products to mitigate risks
![Page 14: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/14.jpg)
SecuritySecurityAwareAware
Network Infra Network Infra
Evolution of Security Tools
FirewallFirewall
Intrusion Intrusion DetectionDetectionSystemSystem
Intrusion Intrusion PreventionPrevention
SystemSystem
DesktopDesktopAntivirusAntivirus
Gateway Gateway AntivirusAntivirus
SPAM SPAM FilteringFiltering
AntivirusAntivirusSuiteSuite
ContentContentFilteringFiltering
BandwidthBandwidthShapingShaping
Deep PacketDeep PacketInspectionInspection
FirewallFirewall
ConsolidatedConsolidatedPerimeter Perimeter
DeviceDevice
Integrated Integrated SecuritySecurity
ApplianceAppliance
![Page 15: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/15.jpg)
Power
• UPS
• Generator
![Page 16: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/16.jpg)
Lightning
• Lightning arrestor
![Page 17: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/17.jpg)
Worm
• Email worm– Anti-virus suite
• Network worm– OS Patching suite
![Page 18: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/18.jpg)
Hacker
• Network based IPS / Host based IPS
• Multi-tier Firewall• VPN• Two factor
Authentication• Wireless Security
![Page 19: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/19.jpg)
Disgruntled Employee
• Authentication• Authorization• Accounting / Tracking• Access control
– Physical– Logical
![Page 20: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/20.jpg)
Virus / SPAM
• Anti-virus suite• Anti-spam suite• Educating users
Customer Internet Mail Statistics
• Total emails received through our gateway = 3,444,992
• SPAM emails = 1,252,243(36.35%)
• Emails with Virus = 177,858(5.16%)
![Page 21: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/21.jpg)
![Page 22: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/22.jpg)
DDOS
• Intrusion prevention systems
• Prevent your network from being flooded
![Page 23: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/23.jpg)
Phising
Protect own staff• Anti-virus suite• IPS• Education
Protect users• Outsourcing
service
![Page 24: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/24.jpg)
Accepting Risk
• Power– Generator
• Phising– Protecting users
![Page 25: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/25.jpg)
Outsourcing risk
• Outsource to insurance company - fire• Outsource to MSP – phishing, spam
![Page 26: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/26.jpg)
Common Security Misconceptions1. My network is not interesting enough to be
attacked.– Worms attack your network and systems not to
steal information from you. But to create havoc and make your computer as a launching pad to attack other network and systems.
2. If the system is working fine, we have not been cracked yet– Are you sure? Security Assessment is the often a
best way to find out whether that’s true.
3. Installing Firewall (or Antivirus or IDS ..) will solve all our problems– “Security is not a product but a process.”– Do you have a clearly define process?
![Page 27: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/27.jpg)
Common Security Misconceptions4. We can't afford the investments to properly secure
our systems.– Security does not necessary means huge
investment, sometimes it only require changes in user mindset and behaviour to secure systems.
– Security assessment help you to identify where you should spend based on your organization priority
5. This website uses SSL, so it must be secured.– Heard of “Phishing”? Maybank2u.com user details
update
![Page 28: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/28.jpg)
Where do I start?• Totally clueless?
– Speak to a reputable Security Solution provider• (example - KKIPCOM)
• Some Idea.. For DYI1. Identify your processes & assets & threats to them2. Do a security assessment & come up with risk treatment plan3. Implement those plan4. Train up your security team & Educate your users5. Monitor your security baseline (from security assessment)6. Sign up for vulnerability email lists7. Monitor patches and patch them religiously8. Do periodic security assessment
� Alternatively� Consider outsourcing
![Page 29: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/29.jpg)
Resources for DYIRead Up! Subscribe to security mailing lists or RSS logs
�SANS Institute: Articles, resources, and vulnerability listings. http://www.sans.org
�Security Focus: Vulnerability listings and home of the Bugtraq mailing list. http://www.securityfocus.com
�CERT: Vulnerability advisories and security articles. http://www.cert.org
�MyCERT: http://www.mycert.mimos.my
�National ICT Security & Emergency Response Centre: http://www.niser.org.my
![Page 30: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/30.jpg)
KKIP Communications Sdn BhdServices
IT and Security Consultancy
ManagedSecurityServices
SecurityMonitoringServices
Professional Services
![Page 31: How much Security is Enough? · Intrusion Detection System Intrusion Prevention System Desktop Antivirus Gateway Antivirus SPAM Filtering Antivirus Suite Content Filtering Bandwidth](https://reader033.vdocuments.us/reader033/viewer/2022042208/5eab797892e70017f26781b2/html5/thumbnails/31.jpg)
Thank you
Everyone is welcome to our boothTo see some of the security appliances