new technology enforcement strategies
DESCRIPTION
New Technology Enforcement Strategies. by Peter Benson. The issues. Information Loss Perimeter Breakdown Mobile Users New Technology Vulnerabilities Future Directions. Perimeter Breakdown. Perimeters slowly disappearing VPN Partner Connections Home Users Wireless Insecurities - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: New Technology Enforcement Strategies](https://reader036.vdocuments.us/reader036/viewer/2022062814/568167ab550346895ddcfa61/html5/thumbnails/1.jpg)
Copyright Security-Assessment.com 2004
New Technology Enforcement Strategies
by Peter Benson
![Page 2: New Technology Enforcement Strategies](https://reader036.vdocuments.us/reader036/viewer/2022062814/568167ab550346895ddcfa61/html5/thumbnails/2.jpg)
Copyright Security-Assessment.com 2004
![Page 3: New Technology Enforcement Strategies](https://reader036.vdocuments.us/reader036/viewer/2022062814/568167ab550346895ddcfa61/html5/thumbnails/3.jpg)
Copyright Security-Assessment.com 2004
The issues• Information Loss• Perimeter Breakdown• Mobile Users• New Technology• Vulnerabilities• Future Directions
![Page 4: New Technology Enforcement Strategies](https://reader036.vdocuments.us/reader036/viewer/2022062814/568167ab550346895ddcfa61/html5/thumbnails/4.jpg)
Copyright Security-Assessment.com 2004
Perimeter Breakdown• Perimeters slowly disappearing
– VPN– Partner Connections– Home Users– Wireless Insecurities
• Zones of Trust• Testing Security
![Page 5: New Technology Enforcement Strategies](https://reader036.vdocuments.us/reader036/viewer/2022062814/568167ab550346895ddcfa61/html5/thumbnails/5.jpg)
Copyright Security-Assessment.com 2004
Laptop Users• Current Laptop Loss Rate >4%• Information and hardware costs• Theft Prevention on increase• Minimum controls required for mobile
population– Personal Firewall– AV– Disk Encryption
• Policy and Security Architecture Requirements
• Citrix is your Friend!
![Page 6: New Technology Enforcement Strategies](https://reader036.vdocuments.us/reader036/viewer/2022062814/568167ab550346895ddcfa61/html5/thumbnails/6.jpg)
Copyright Security-Assessment.com 2004
New Technology and Information Loss• USB Fobs• External Memory Cards• CD / DVD Writers Common• PDA’s• Integration of Cell Phone
Technology• IM• VoIP
![Page 7: New Technology Enforcement Strategies](https://reader036.vdocuments.us/reader036/viewer/2022062814/568167ab550346895ddcfa61/html5/thumbnails/7.jpg)
Copyright Security-Assessment.com 2004
![Page 8: New Technology Enforcement Strategies](https://reader036.vdocuments.us/reader036/viewer/2022062814/568167ab550346895ddcfa61/html5/thumbnails/8.jpg)
Copyright Security-Assessment.com 2004
General Strategies• Track New Technology Opportunities• Research and define Policy• Default Deny• Enforce Policy
– Technical Controls– Policy Controls– HR Controls– Approval / Authorisation Controls
![Page 9: New Technology Enforcement Strategies](https://reader036.vdocuments.us/reader036/viewer/2022062814/568167ab550346895ddcfa61/html5/thumbnails/9.jpg)
Copyright Security-Assessment.com 2004
VoIP• Implement your strategy and policy• Architect!• Default Deny• “Free is not necessarily cost effective”• Research• Be Proactive. Your people are using this now.
![Page 10: New Technology Enforcement Strategies](https://reader036.vdocuments.us/reader036/viewer/2022062814/568167ab550346895ddcfa61/html5/thumbnails/10.jpg)
Copyright Security-Assessment.com 2004
Instant Messaging• Manage malicious code via A/V or other means• Control at the gateway
– Default Deny– Man in the Middle inspection
• Have approved processes and systems
![Page 11: New Technology Enforcement Strategies](https://reader036.vdocuments.us/reader036/viewer/2022062814/568167ab550346895ddcfa61/html5/thumbnails/11.jpg)
Copyright Security-Assessment.com 2004
Mobile Storage Devices• Encrypt removable media • USB management of storage devices • Flash memory security • Allow managed access to USB storage devices • Block illegal software installation • Block .exe .com .vbs .mp3 files etc • Printer, modem permissions management• Client side content filtering of removable media
![Page 12: New Technology Enforcement Strategies](https://reader036.vdocuments.us/reader036/viewer/2022062814/568167ab550346895ddcfa61/html5/thumbnails/12.jpg)
Copyright Security-Assessment.com 2004
Mobile Communications• Discover your Mobile Perimeter
– Asset Database, exposure management– Capture changes to Mobile Perimeter– Vulnerabilities– Connections
• Control Connectivity• Control Mobile Information Security
– Encryption– A/V– Content
![Page 13: New Technology Enforcement Strategies](https://reader036.vdocuments.us/reader036/viewer/2022062814/568167ab550346895ddcfa61/html5/thumbnails/13.jpg)
Copyright Security-Assessment.com 2004
Emerging Enforcement Technologies• Reflex Magnetics, Reflex Disk Net Pro• Trust Digital, Trust Enterprise Mobile Suite• Asset Discovery and Management• Anti-Spyware for Enterprises• Connection Enforcement• Enterprise Quality Encryption for Laptops / Mobile
Systems• Application Aware Firewalls• MITM Proxys• Fractured Networks (zones of trust)
![Page 14: New Technology Enforcement Strategies](https://reader036.vdocuments.us/reader036/viewer/2022062814/568167ab550346895ddcfa61/html5/thumbnails/14.jpg)
Copyright Security-Assessment.com 2004
![Page 15: New Technology Enforcement Strategies](https://reader036.vdocuments.us/reader036/viewer/2022062814/568167ab550346895ddcfa61/html5/thumbnails/15.jpg)
Copyright Security-Assessment.com 2004
Thank You
Questions?