More Related Content Similar to Data Consult - Managed Security Services (20) Data Consult - Managed Security Services2. AGENDA
● Cloud:
○ Own v/s Lease
○ Decentralization of IT
● Security:
○ Threats
○ Impact and Urgency
○ Cost of Breach
○ Log Monitoring
● Solution
○ Overview
○ Architecture
○ Packages
● Backup Slides
4. © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Cloud : Own versus Lease
● Own the asset: you
can modify it as you
please
● You can sell it
whenever you want
● More economical on
the long run
● High Investment -
Depreciation
● Lower down payment
● Lower monthly payments
● Lower maintenance costs
● Ability to modify the
offering at any time
● Ability to change asset
every year or two
● Faster time to install
● No need for in-house
expertise
● No rent space
● Increase or decrease
capacity at will
5. © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Cloud Services
Decrease budget and avoid vendor
lock-in
Save on technology upgrades and
maintenance
Lower footprint on your network
Ensure compliance to regulatory
mandates.
Deploy faster and easier
Gartner defines cloud
computing as “...a style of
computing in which
scalable and elastic IT-
enabled capabilities are
delivered as a service
using Internet
technologies.”
6. © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Cloud: The Decentralization of IT
Hardware
On-Premises
OS
Network
Database
Tools
Application
Data
Users
Hardware
IaaS
OS
Network
Database
Tools
Application
Data
Users
Hardware
PaaS
OS
Network
Database
Tools
Application
Data
Users
Hardware
SaaS
OS
Network
Database
Tools
Application
Data
Users
8. © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Network Security: Malware, Vulnerabilities, Theft
Trojan Horse
File infection
Spam email
zero-day attacks
Software vulnerabilities
OS vulnerabilities
Identify theft
Mobile Loss
Phishing
9. © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Impact and Urgency
112
3 2
4 3 2
1
Business Process
affected.
Workaround
available.
Business Process
stopped. Can bare
minimal delay. Very
hard workaround
Business Process
stopped. No work
around
Urgency
Impact
Any system minor
degradation non-
business critical.
<50% of users
impacted
Any system
degraded or partially
unavailable. >50% of
users impacted
Any system
unavailable.
100% of users
impacted
10. © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Cost of Breach
IBM Data Breach Statistics 2014
11. © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Logs
ODBC
WMI
SDEE
CPMI
SNMP
syslog
netflow
ssh
native FIM
Registry
Monitor
custom XML-
based
log /lôg läg/ - noun
"a record of performance, events, or day-to-day activities"
synonyms: record, register, logbook, journal, diary, chronicle, daybook,
record book, ledger;
RDEP Forensics
Network
Behaviour
Analysis
Performance
Monitoring
Asset Analytics
Configuration
Management
Vulnerability
Scanner
Log Management
One Solution
13. © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Solution Overview
MSS is a Unified Security Management service that
combines multiple security functions in a single console:
● SIEM (security incident and event management)
● Secure Configuration Auditing
● Compliance Automation
● Contextual Forensic Analysis
Network state and event data is collected continuously.
The system deploys alert correlations schemes to identify
suspicious activity that can develop into threats affecting
your business.
Network data collected is compressed and encrypted to
avoid network congestion and ensure maximum security
of your data.
‘... customers need to
examine security event
data in real time for
internal and external
threat management, and
to collect, store, analyze
and report on log data for
incident response,
forensics, and regulatory
compliance…’
14. © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Solution Architecture
15. © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Key Components
● Full SIEM deployment with real-time security monitoring,
historical analysis and event correlation
● 24x7 security and configuration device monitoring:
IPS/Firewall/VPN/Servers/Virtual Environments; up to 160
different node types
● Customized web-portal dashboard to provide real-time
reports and statistics
● Dedicated engineering consultants to support with forensic
investigation and remediation
● Compliance and security risk reviews: PCI DSS, HIPAA,
ISO27001/27002, COBIT, NIST800-53…
● Consulting Services - Security Posture Analysis and
Recommendation
● Full Engineering and Management Services
‘...the technology provides
real-time security
monitoring, historical
analysis, and other
support for incident
investigation and
compliance reporting...’
16. © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Dashboards Online
Demo:
17. © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
MSS Summary
Low monthly subscription fees
Leverage on DataConsult’s expertise in security
Scale very easily
Ensure compliance to regulatory mandates.
Get Security Monitoring installed in minutes
18. © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Packages
MSS
MSS1
(Reporting)
MSS2
(Premium)
MSSe
(Consulting)
MSSe+
(Managed)
Log Collection X X X X
Event Reporting X X X X
Asset and Performance Monitoring X X X X
Daily Security Status Reports X X X X
Forensic Investigations X X X
Configuration and Asset Management X X X
Event Correlation X X X
Network Behaviour Analysis X X X
24x7 Live Alert Monitoring & Notification X X X
Monthly Health Reports X X X
Compliance Automation X X
Security Posture Analysis and Recommendation X X
Remediation and Control X
Full Engineering and Device Management X
21. © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Critical Event per Hour
22. © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Denied Connections per Hour
23. © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Alert Configuration
24. © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Destination Blocking
25. © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Destination Protocol
26. © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
User by Protocol
28. © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
MALicious softWARE
Cisco Annual Security Report 2014
29. © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Vulnerabilities
Kaspersky Security Bulletin 2014
30. © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Mobile Device Theft
Sophos Security Threat Report 2014