Information Security Community. Kazakhstan

Ken TulegenovCISSPProfile: https://www.linkedin.com/in/tulegenov

Almaty, May 22, 2014

Contents:

√ Why Endpoint Security?√ Security Architecture√ Layers of defense√ About Community

Intersection:

√ Why Endpoint Security?

InfrastructureSecurity

Data Security

Network Security

EndpointSecurity

Endpoint. What is it?

√ Security Architecture. Infrastructure Security

WorkstationNotebookThin Client

Terminal Server (RDS)Virtual Machine (VDI)Zero client

Pad / SmartphoneHome PCUnknown PC

Can be:

Where are installed your apps?

√ Security Architecture. Infrastructure Security

Local (Workstation)

Remote (Apps Server)

SaaS / IaaS (Cloud)

Can be:

Most secured design:

√ Security Architecture. Infrastructure Security

Thin Clients / Tabs.

Apps Portalvia

Browser

Apps Farm

Who has access to your recourses?When, where and how?

√ Security Architecture. Network Security

Stuff

Guests

Unknown

Can be:

?

Take under control

√ Security Architecture. Network Security

+

Who connect? How connect?

How / where your data flows?

√ Security Architecture. Data Security

Mail SystemDocFlowHard Copy (VoIP) Telephony

IM MessengersCloud servicesSocial networks

You do not know

Can be:

Take under control

√ Security Architecture. Data Security

Device (Control) Internet (Access) Rights (IRM) Leakage (DLP)

√ Layers of defense

• DLP (Data Leakage Prevention)

• UAM (User Activity Monitoring)

• Internal Anti-FraudCompliance / Law

• Changes (Patches / Configure / Distribution / Upgrade)

• IAM (Identity Access Management)

• IRM / RMS (Rights Management System) Management

• Network (802.1x + NAP)

• Device Control

• Encryption (Full Disk / Media)Access Control

• Application Control

• User Privilege Control

• Program Privilege Control

Application Security

• Anti-Virus / Anti-malware

• Firewall / HIPS

• Internet AccessBasic Security

√ Layers of defense

Access Control

Basic Security

Management and Compliance

ApplicationSecurity

√ Security Architecture

Endpoint Security Architecture Essentials:

√ Architecture should be openExample. Anti-Virus must be. Which – your choice

√ Protection elements should complement each otherExample. HIPS and Firewall

√ Solution must be scalableExample. No matter how many you have branches

√ Management Console(s) must be excellentExample. If you can not read historical logs how do you understand trends?

√ About Community

The Group "Information Security Community. Kazakhstan" is created for sharing experiences and ideas between professionals specializing in various aspects of Information Security.

For the benefit of our members, "Community" follows a non-spam policy.

Discussions, Promotions and Jobs must all be clearly Security related. Non-Security related discussions will be blocked and/or deleted at the sole discretion of the group managers.

We prefer actual discussions in the "Discussion" forum.

Feel free to promote your company or organization as long as it is clearly "Security" related and posted to "Promotions".

Feel free to post your job opportunities as long as they are clearly "Security" related and posted to "Job Opportunities".