protecting and recovering encrypted data in today’s world
TRANSCRIPT
BY
© 2016 ISACA. All Rights Reserved
1
BY
© 2016 ISACA. All Rights Reserved
Protecting and Recovering Encrypted Data in Today’s World
Ted PanTechnical Product Specialist, Intel Security
BY
© 2016 ISACA. All Rights Reserved
2
WELCOME
Use the Attachments button to find the following:
• PDF of today’s presentation
• Link to the Event Home Page where ISACA members can find the CPE Quiz
• MORE information about upcoming CSX events
• Upcoming ISACA Events
• MORE assets from today’s webcast
• Have a question for the speaker? Text it in using the Ask A Question button!
• Audio is streamed over your computer
• Technical issues? Click the ?button
• Use the Feedback button to share your feedback about today’s event
• Questions or suggestions?Visit support.isaca.org
BY
© 2016 ISACA. All Rights Reserved
3
TODAY’S SPEAKER
Ted PanTechnical Product Specialist - Data Protection
Intel Security
BY
© 2016 ISACA. All Rights Reserved
4
� Protect Encrypted Data
� Recover Encrypted Data
� Latest Encryption Technologies
� Q&A
AGENDA
BY
© 2016 ISACA. All Rights Reserved
5
Do you believe that governments should be allowed to force encryption providers to create a backdoor to their encryption solutions for legal investigations?
A. Yes
B. No
POLLING QUESTION 1
BY
© 2016 ISACA. All Rights Reserved
6
THE CONTROVERSY
Balance
BY
© 2016 ISACA. All Rights Reserved
7
ENCRYPTION KEY VS PHYSICAL VAULTS
BY
© 2016 ISACA. All Rights Reserved
8
PROTECT ENCRYPTED DATA
BY
© 2016 ISACA. All Rights Reserved
9
TYPES OF ENCRYPTION
Full Disk Encryption File and Folder Encryption
BY
© 2016 ISACA. All Rights Reserved
10
Encryption Algorithm
HOW FULL DISK ENCRYPTION WORKS
It was the best of times, it was
the worst of times.
Encryption Key
BY
© 2016 ISACA. All Rights Reserved
11
FULL DISK ENCRYPTION PROTECTS
BY
© 2016 ISACA. All Rights Reserved
12
ENCRYPTION BACKDOOR IMPLICATIONS
Trustworthiness Security Customer Impact
BY
© 2016 ISACA. All Rights Reserved
13
POLLING QUESTION 2
Would you trust an encryption solution where you don’t have full control of the keys?
A. Yes
B. No
BY
© 2016 ISACA. All Rights Reserved
14
Clipper Chip
HISTORIC BACKDOORS
BY
© 2016 ISACA. All Rights Reserved
15
Dual Elliptic Curve Deterministic Random Bit Generator (Dual_EC_DRBG)
HISTORIC BACKDOORS (CONT.)
NIST SP 800-90A
BY
© 2016 ISACA. All Rights Reserved
16
Recover Encrypted Data
BY
© 2016 ISACA. All Rights Reserved
17
RECOVER USE CASES
Help Desk SupportLeaves the Company Investigations
BY
© 2016 ISACA. All Rights Reserved
18
BEST PRACTICES
Integrated forensic tools
Centralized console
Protected repository of keys
BY
© 2016 ISACA. All Rights Reserved
19
WORKING WITH OUTSIDE AGENCIES
Prevent unjustified disclosure of sensitive data
BY
© 2016 ISACA. All Rights Reserved
20
PROTECTING A LOST SYSTEM
Show proof of encryption on a lost or stolen system
BY
© 2016 ISACA. All Rights Reserved
21
RECOVERING A CORRUPTED DRIVE
Provide a backup of the key to recover the data
BY
© 2016 ISACA. All Rights Reserved
22
Leverage the Latest Encryption Technologies
BY
© 2016 ISACA. All Rights Reserved
23
SPEED IT UP
AES-NI Instruction set provides much faster encryption
BY
© 2016 ISACA. All Rights Reserved
24
PROTECT THE RAM
Protect against cold boot attack
BY
© 2016 ISACA. All Rights Reserved
25
PRE-BOOT AUTHENTICATION
Provide protection before the Operating System starts up
BY
© 2016 ISACA. All Rights Reserved
26
BOOT OFF THE NETWORK
Provide keys to a system before the Operating System starts up
BY
© 2016 ISACA. All Rights Reserved
27
INCREASED PASSWORD STRENGTH
• Require complex passwords
• Require minimum length of 8
• Disable users when the system doesn’t communicate back with the central server
BY
© 2016 ISACA. All Rights Reserved
28
© 2016 ISACA. All Rights Reserved
QUESTIONS?For more information visit: www.mcafee.com/dataprotection
BY
© 2016 ISACA. All Rights Reserved
29
CYBER SECURITY TRAINING:OUR CSX PORTFOLIO
PERFORMANCE BASED TRAINING – OUR ADVANTAGEInstead of the typical question/answer experience common to other certifications, which merely gauge the memorization of facts, CSX certifications evaluate the hands-on capability and aptitude of an individual desiring to work in the field of Cybersecurity.
BY
© 2016 ISACA. All Rights Reserved
30
BY
© 2016 ISACA. All Rights Reserved
THANK YOU FOR ATTENDING TODAY’S WEBINARFor more information visit www.isaca.org/cyber