Date post: | 12-Jan-2017 |
Category: |
Technology |
Upload: | accel |
View: | 62 times |
Download: | 0 times |
© VASCO Data Security, Inc. - CONFIDENTIAL
Kurt Berghs – Area Sales Belgium
VASCO
Securing IDentities
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL
It’s a world war out there
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL3
Also in Belgium:
And we’re in the middle of it
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL4
Why? I hate my boss!
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL5
Jonathan James
Gary McKinnon
Kevin Mitnick
Why? Glory!
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL6
Why? Security…
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL7
Why? Money!!!
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL8
De oplossing van de overheid
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL9
• In België: CBPL (Privacy commissie) https://www.privacycommission.be• Waakhond over de data gegevens van Belgen en van data bewaard in België• Data: van Overheden, Medische gegevens, Klantengegevens, …• Strafrechtelijke bevoegdheden• Verschillende ISO normen worden aanbevolen (ISO 27001:2013)• Data bewaren zoals een goede huisvader • Meldingsplicht!!!
De oplossing van de overheid
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL10
Boetes:
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL11
How to hack?
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL12
Hacking for dummies 1. GUESS a password
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL13
Hacking for dummies 1. GUESS a password
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL14
Hacking for dummies 2. browse or buy
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL15
Hacking for dummies 3. Just ask nicely
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL16
You’re not alone
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL17
You’re not alone
+500.000.000 accounts
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL18
You’re not alone
+1.000.000.000 accounts
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL
What can you do?
19
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL
What can you do?
20
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL
What can you do?
21
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL
Moeten wij ons zorgen maken? The Target Breach
What happend to Target?• One of the largest retail chains in US• 40M personal customer records stolen by hackers
Concequences• 200M $ estimated CC re-issuing cost• 100M $ cost for security upgrade• 46% drop in profit• 10% drop in stockprice• CEO resigned
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL
Moeten wij ons zorgen maken?
23
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL24
Hoe lossen we dit op?
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL25
Hoe lossen we dit op?
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL26
Hoe lossen we dit op?
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL27
Hoe lossen we dit op?
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL28
Hoe lossen we dit op?
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL29
Hoe lossen we dit op?
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL30
Hoe lossen we dit op?
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL31
Hoe lossen eind gebruikers dit op?
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL32
Hoe lossen eind gebruikers dit op?
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL33
Hoe lossen eind gebruikers dit op?
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL
Hoe lost VASCO dit op? Oorsprong
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL
Referenties in de financiele wereld
© VASCO Data Security, Inc. - CONFIDENTIAL
Tevredenheid met kwaliteit van digitaal aanbod per sector
64%60%
48% 48% 45% 45%39%
Financial Services Retail Media Utilities Local Government Central Government Transport
n = 2500Source: Fujitsu Digital Inside Out research
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL
Hoe lost VASCO dit op? Enterprise security
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL
Referenties in de enterprise markt
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL
Hoe lost Vasco dit op? Online Application Security
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL
Referenties in de online wereld
40
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL
Hoe lost Vasco dit op: 5 Solution Pillars
Multi-Factor Authentication
Risk Management
Mobile Application Security
Identity Proofing
ElectronicSignature
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL42
Multifactor Authentication
Hardware Token
Software Token
Wearable
© Gartner, 2014
KnowledgeSomething known to
only the user
TokenSomething held by only
the user
Biometric TraitSomething inherent to
only the user
A password, a passphrase, a PIN
An OTP token, a smart card with X. 509 public-key infrastructure credentials
A biological or behavioral trait, such as face typography, fingerprint or voice
Examples
Biometrics BehavioralAnalysis
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL43
Multifactor authentication before
DIGIPASS Go Range
DIGIPASS for Web
DIGIPASS E-signature
Virtual DIGIPASS
DIGIPASS for WindowsDIGIPASS for Mobile
Software
Appliance
Service
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL
Multifactor authentication today
44
UsernameOTP
Cloud office
Myemployees
CRM
Webmail
Appli & Desktop
Virtualizatie
SSO
Employees
1200
External People/Partners
50000
UsernameUsernameOTP
ERP
RemoteDesktop
mngt
File sharing
Risk mngt
… portal
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL
VASCO Solution: DIGIPASS for Apps
© VASCO Data Security, Inc. - CONFIDENTIAL
9367893678
© VASCO Data Security, Inc. - CONFIDENTIAL© VASCO Data Security, Inc. - CONFIDENTIAL46
ROAM: Register Once. Authenticate Many.
VASCO Trusted Digital ID Platform
Identity Proofing Providers- Government ID Card- Experian- AYIN- IdenTrust
VASCO Certified Digital ID
Verified Identities
47