idc security 2014, endpoint security in depth
DESCRIPTION
IDC Security 2014, Almaty Endpoint Security in DepthTRANSCRIPT
Information Security Community. Kazakhstan
Ken TulegenovCISSPProfile: https://www.linkedin.com/in/tulegenov
Almaty, May 22, 2014
Contents:
√ Why Endpoint Security?√ Security Architecture√ Layers of defense√ About Community
Intersection:
√ Why Endpoint Security?
InfrastructureSecurity
Data Security
Network Security
EndpointSecurity
Endpoint. What is it?
√ Security Architecture. Infrastructure Security
WorkstationNotebookThin Client
Terminal Server (RDS)Virtual Machine (VDI)Zero client
Pad / SmartphoneHome PCUnknown PC
Can be:
Where are installed your apps?
√ Security Architecture. Infrastructure Security
Local (Workstation)
Remote (Apps Server)
SaaS / IaaS (Cloud)
Can be:
Most secured design:
√ Security Architecture. Infrastructure Security
Thin Clients / Tabs.
Apps Portalvia
Browser
Apps Farm
Who has access to your recourses?When, where and how?
√ Security Architecture. Network Security
Stuff
Guests
Unknown
Can be:
?
Take under control
√ Security Architecture. Network Security
+
Who connect? How connect?
How / where your data flows?
√ Security Architecture. Data Security
Mail SystemDocFlowHard Copy (VoIP) Telephony
IM MessengersCloud servicesSocial networks
You do not know
Can be:
Take under control
√ Security Architecture. Data Security
Device (Control) Internet (Access) Rights (IRM) Leakage (DLP)
√ Layers of defense
• DLP (Data Leakage Prevention)
• UAM (User Activity Monitoring)
• Internal Anti-FraudCompliance / Law
• Changes (Patches / Configure / Distribution / Upgrade)
• IAM (Identity Access Management)
• IRM / RMS (Rights Management System) Management
• Network (802.1x + NAP)
• Device Control
• Encryption (Full Disk / Media)Access Control
• Application Control
• User Privilege Control
• Program Privilege Control
Application Security
• Anti-Virus / Anti-malware
• Firewall / HIPS
• Internet AccessBasic Security
√ Layers of defense
Access Control
Basic Security
Management and Compliance
ApplicationSecurity
√ Security Architecture
Endpoint Security Architecture Essentials:
√ Architecture should be openExample. Anti-Virus must be. Which – your choice
√ Protection elements should complement each otherExample. HIPS and Firewall
√ Solution must be scalableExample. No matter how many you have branches
√ Management Console(s) must be excellentExample. If you can not read historical logs how do you understand trends?
√ About Community
The Group "Information Security Community. Kazakhstan" is created for sharing experiences and ideas between professionals specializing in various aspects of Information Security.
For the benefit of our members, "Community" follows a non-spam policy.
Discussions, Promotions and Jobs must all be clearly Security related. Non-Security related discussions will be blocked and/or deleted at the sole discretion of the group managers.
We prefer actual discussions in the "Discussion" forum.
Feel free to promote your company or organization as long as it is clearly "Security" related and posted to "Promotions".
Feel free to post your job opportunities as long as they are clearly "Security" related and posted to "Job Opportunities".