Copyright Security-Assessment.com 2004
New Technology Enforcement Strategies
by Peter Benson
Copyright Security-Assessment.com 2004
Copyright Security-Assessment.com 2004
The issues• Information Loss• Perimeter Breakdown• Mobile Users• New Technology• Vulnerabilities• Future Directions
Copyright Security-Assessment.com 2004
Perimeter Breakdown• Perimeters slowly disappearing
– VPN– Partner Connections– Home Users– Wireless Insecurities
• Zones of Trust• Testing Security
Copyright Security-Assessment.com 2004
Laptop Users• Current Laptop Loss Rate >4%• Information and hardware costs• Theft Prevention on increase• Minimum controls required for mobile
population– Personal Firewall– AV– Disk Encryption
• Policy and Security Architecture Requirements
• Citrix is your Friend!
Copyright Security-Assessment.com 2004
New Technology and Information Loss• USB Fobs• External Memory Cards• CD / DVD Writers Common• PDA’s• Integration of Cell Phone
Technology• IM• VoIP
Copyright Security-Assessment.com 2004
Copyright Security-Assessment.com 2004
General Strategies• Track New Technology Opportunities• Research and define Policy• Default Deny• Enforce Policy
– Technical Controls– Policy Controls– HR Controls– Approval / Authorisation Controls
Copyright Security-Assessment.com 2004
VoIP• Implement your strategy and policy• Architect!• Default Deny• “Free is not necessarily cost effective”• Research• Be Proactive. Your people are using this now.
Copyright Security-Assessment.com 2004
Instant Messaging• Manage malicious code via A/V or other means• Control at the gateway
– Default Deny– Man in the Middle inspection
• Have approved processes and systems
Copyright Security-Assessment.com 2004
Mobile Storage Devices• Encrypt removable media • USB management of storage devices • Flash memory security • Allow managed access to USB storage devices • Block illegal software installation • Block .exe .com .vbs .mp3 files etc • Printer, modem permissions management• Client side content filtering of removable media
Copyright Security-Assessment.com 2004
Mobile Communications• Discover your Mobile Perimeter
– Asset Database, exposure management– Capture changes to Mobile Perimeter– Vulnerabilities– Connections
• Control Connectivity• Control Mobile Information Security
– Encryption– A/V– Content
Copyright Security-Assessment.com 2004
Emerging Enforcement Technologies• Reflex Magnetics, Reflex Disk Net Pro• Trust Digital, Trust Enterprise Mobile Suite• Asset Discovery and Management• Anti-Spyware for Enterprises• Connection Enforcement• Enterprise Quality Encryption for Laptops / Mobile
Systems• Application Aware Firewalls• MITM Proxys• Fractured Networks (zones of trust)
Copyright Security-Assessment.com 2004
Copyright Security-Assessment.com 2004
Thank You
Questions?