BT Secure Networking Quick Start


Published on

If cyber criminals were to focus on your organisation today, how easy would it be for them to access your systems and information? With targeted attacks on the increase, it is vital that you have the right safeguards in place. Our Secure Networking Quick Start examines any potential vulnerabilities and enables you to build the strongest possible defences. More on

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

BT Secure Networking Quick Start

  1. 1. BT Secure Networking Quick Start Service Preserving the integrity, confidentiality and availability of information and computing resources is a leading priority for every organisation. Failure to identify vulnerabilities and validate the effectiveness of security controls could compromise the very future of a business. The BT Secure Networking Quick Start service enables organisations to assess their network security rapidly, identify weaknesses and then take cost-effective remedial and preventative measures. The service is based on a unique set of tools, experience and knowledge, drawing on the expertise of consultants from across the BT Group who have come together to form a Global Centre of Excellence.
  2. 2. About the BT Secure NetworkingQuick Start serviceThe importance of Secure Improving secure networkingNetworking The objective of the Secure Networking QuickNetwork security is changing, with attacks on Start is to assess the client’s current securitybusinesses no longer motivated simply by a level against known vulnerabilities and bestdesire to cause damage and disruption. security practice procedures. It aims to:According to Gartner: “Financially motivated, l Provide valuable recommendations on waystargeted attacks are increasing, and automated to improve or fix any weaknesses foundmalware-generation kits allow simple creation l Give advice and offer solutions to equip yourof thousands of variants quickly.” (Gartner, business to manage network security moreDecember 2006) effectively in the future l Assure and give confidence to yourAlthough currently fewer than 10% of attacks organisation, its customers and shareholdersare against a single company, the financial that the business is secure from externalimpact of a successful attack can be enormous attacks, including the potential financial loss– perhaps as much as 50 to 100 times greater and loss of goodwill that comes with themthan a purely malicious worm or virus. Gartner’sDecember 2006 report included the bleakprediction that 75% of enterprises would soon How do we do this?be affected by financially-motivated, targeted l BT offers independent technical audits andmalware. The threat hasn’t diminished and tests of IT systems and networks by simulatingorganisations in all sectors are under pressure real-life attacks on the technical securityto respond accordingly. of these systems. BT’s security consultants are specialists in IT and communications securityOf course, the damage goes well beyond the and have vast experience. We have peoplepurely financial. Other concerns include who are approved by the UK Government’sdamage to a company’s reputation, legal action CESG CHECK scheme, and are Certifiedstemming from a failure to protect customer Ethical Hackers and NSA certified securityinformation, lost productivity as employees are professionals. Using the tools and techniquesdeluged by spam or held up by a slow network, available to real attackers such as hackers,and compromised assets like wasted bandwidth industrial spies or criminals, and thenand damaged hardware. applying a systematic testing methodology, the BT teams can thoroughly test the effectiveness of existing technical security defences and countermeasures.
  3. 3. The processStatus checklist a) Network Mapping Step three:Clients can begin the Quick Start service by A network mapping exercise is a quick way to Executive Summary Reportcompleting a simple checklist on their current help confirm your internet presence, providing Our security consultants produce an executivenetwork security status. This enables a high a map of which devices from your organisa- summary report outlining the findings andlevel discussion to take place between clients tion’s network are visible online. At a basic priority areas identified for further action.and their BT Account Manager, which helps level, this process identifies known and Additional feedback is delivered and theestablish the most appropriate starting point potentially unknown devices on the network. report’s findings are reviewed with thefor the Quick Start service. It also assesses the network’s segregation to customer. This can be done via a web confer- make sure external boundaries are protecting ence or a face-to-face meeting.The checklist does not require technical input the network as intended.and should be completed by a senior member ofstaff who is aware of the current network b) Vulnerability Assessmentsecurity provisions and status. Using the results from the network mapping in step one, we assess the critical devices to findThere are two levels of Quick Start on offer. the potential vulnerabilities in your system orAlthough both analyse network and existing network, and recommend, they differ in purpose and the level ofdetail. The checklist will help decide which is c) Risk Modellingmost appropriate. This allows you to visualise the network, verify access policy compliance and routing rules andLevel one: Workshop (1 day) & discover root causes of violations. It also helps you to simulate attacks on the network,Technical Risk Assessment (3 days) appreciate the most cost-effective remediationLevel one enables BT to identify the areas of alternatives and understand the businessyour environment that require security impact of threats.assurance. This is achieved through a one dayworkshop session and a technical risk assess- This enables corporations to focus on the typement. The outcome allows BT to create a high of threats that are most destructive to theirlevel security assessment strategy, taking into specific operations.account your business objectives, assetcriticality and long-term security goals.Step one: (1day)Client WorkshopThis is an interactive question and answersession to identify your security objectives forthe short to medium term. A security effective-ness register is used to quantify the potentialrisk posed to your organisation.Step two: (3 days*)Technical Risk AssessmentThis optional assessment utilises state of the arttechnology to create a technical risk model,which enables the risk level to be assessed fromidentified threat sources such as third parties,employees and the internet. The resultingmodel then enables BT to recommenddevelopments to your security strategy. Thisassessment can be broken down into 3 steps:*Duration is subject to size and complexity of network.Modules in Level 2 are offered separately and some aresubject to availability outside of the UK
  4. 4. The processLevel two: Quick Start Secure Module 3) Web Application Testing Module 8) Secure Code ReviewNetworking Assessment This testing identifies and investigates the With extremely large databases of customer prioritisation of vulnerabilities found in thin information to protect, and numerous accessApproximate duration: 2 weeks+*, client (web browser) and thick client (java) points, many companies are prime targetsdependent on the modules selected. applications, including front end and back for organised crime, foreign governments, end systems. Activities include SQL injections, and malicious insiders.The secure codeA Secure Networking Quick Start Assessment cross site scripting, decompiling code, and review, in conjunction with Penetration andwill typically take place over a two to three HTML proxy manipulation. Tests are performed Application testing, ensures web applicationsweek period. This will establish a much greater with an in-depth application scanning tool have a level of assurance required to handleunderstanding of your organisation’s network and thorough manual checks. financial and personal by performing further specialistassessments of your individual devices and Module 4) Penetration Testing Module 9) Database Activity Monitoringsecurity components. Penetration testing is similar to the vulnerability Cyber villains have been attracted by the assessment in level one.However, in this huge amounts of money that can be madeStep one: Planning module our consultants go deeper, exploring from targeting corporate databases and areA brief meeting is held to agree the basic and exploiting the vulnerabilities to gain using sophisticated hacking techniques toengagement structure, the key stakeholders access to the system. This enables us to steal and profit from their data. Through ourrequired and a schedule for further meetings. produce a comprehensive report detailing partnerships we are able to carry out real-timeThis initial meeting will also identify which any vulnerabilities. database activity monitoring.of the modules outlined below are mostappropriate for the engagement. Module 5) Firewall Rulebase Assessment Module 10) Wireless Enterprise Audit A firewall rulebase assessment sees our security After evaluating your existing wireless networkStep two: Initial Situation Analysis and firewall experts using general best security security, we pinpoint potential weaknessesWe establish a general understanding of practices to identify areas of weakness, like via our thorough wireless enterprise audit.your organisation’s network architecture insecure protocols, poor change control and We test wireless intrusion detection systemand known issues and requirements through inefficient rule order. (IDS) alerts and identify weaknesses anda documentation review and by using high vulnerabilities specific to your wirelesslevel review tools. Typically, this will require Module 6) Email Application Assessment infrastructure. We can then offer you a uniquenetwork diagrams, security policy and Through our partnership with MessageLabs, tailored wireless solution for your organisation.procedure documents, and interviews with we provide a time limited assessment of yourkey stakeholders. business’s email traffic. This assesses the levels Module 11) Mobile Worker Assessment of viruses, SPAM, and general content control Evaluating the risks associated with remoteStep three:Option Assessments Modules issues within your email. and home working security, we take aModule 1) Network Mapping risk-based approach in reviewing theA network mapping exercise is a quick way to Module 7) Voice & VOIP Audit security of these potential backdoors intohelp confirm what’s running on an organisation’s A lucrative target for hackers, VoIP is a complex your organisation’s network and where your network perimeters application and inherits the security issues Remote access and VPN testing can beend. The process looks to identify unknown common to other data network applications. undertaken, along with a mobile workerdevices on the network as well as assessing It also has a number of unique security issues, audit. We will attempt to breach a mobilethe network’s segregation to make sure and new VoIP-specific vulnerabilities and worker’s laptop and its access controlsexternal boundaries and internal gateways attack tools are announced each day. We with a host review to see if valuable dataare protecting the network as intended. provide a security assessment and a real-time can be accessed. audit of your enterprise telecom network.Module 2) Intelligence Gathering& Blended AttacksBT recognises that social engineering hasbecome more sophisticated, with criminalsharvesting information about organisationsthat is publicly available. We can attempt toholistically test the physical, technical andsocial elements of your security, combiningreal-world criminal methods and tools inattempt to gain access.*Duration is subject to size and complexity of network.Modules in Level 2 are offered separately and some aresubject to availability outside of the UK
  5. 5. The outcomeA concise report: To help us complete the Quick Start, you willBased on the modules selected, this report: need to provide some information. The exactl Details how your network security compares requirements will vary according to which to best security practice Quick Start option you take, but it may include:l Lists any vulnerabilities found l Up-to-date network diagramsl Provides a test results section l Security policy documents (what services youl Makes recommendations for any remedial want to allow through your firewall and why) actions required l An electronic or paper copy of your current firewall rulebase (an electronic copy in HTMLIt also provides predicted results, reports, format is preferred) and IP address informa-analysis and practical information on imple- tion of firewall(s), connecting infrastructure,mentation and fast-track problem resolution. and servers (so machines in the rulebase can be easily identified)The purpose of the report is to preventattackers gaining access to your network, Please note that if it is not already part of yourdecrease the amount of time spent responding company’s IT security policy, you may wish toto security incidents, identify areas that can be inform your employees that communicationsmanaged with greater efficiency and provide and web usage may be monitored and loggedpeace of mind that your security infrastructure during the Quick protecting the network as intended. We will, of course, coordinate any activities that are tested on the network with you to ensure that false alarms are not generated and end-users are not impacted.
  6. 6. Status checklistThe following questions are geared to indicate 2. Current secure networking 3. Current and planned securethe most effective starting point for a BT effectiveness networking initiativesSecure Networking Quick Start engagement Are you measuring your network security Are the business and functional requirementswith your organisation. Please answer ‘Yes’, standards against industry standards and which drive secure networking initiatives well‘Partially’ or ‘No’. The relevant box should be best practices? understood throughout the organisation?completed and you can then total your answers Yes Partially No Yes Partially Noin the summary section to give an indicationof current status. Are regulatory and internal compliance Are these requirements established on a requirements being fully met? regular basis and managed accordingly?1. Organisational awareness Yes Partially No Yes Partially Noand commitmentIs there a formal owner for IT security within Is user access being efficiently and Is there a business case for network securityyour organisation? effectively provided and removed agreed across the organisation? Yes Partially No according to business needs? Yes Partially No Yes Partially NoIs there recognition across senior management Are secure networking initiatives beingand key stakeholders of the need for, and value Is your network security infrastructure formally prioritised and co-ordinated, toof, secure networking? enabling new applications to be deployed achieve the greatest immediate and long Yes Partially No rapidly to meet new business opportunities? term business benefits? Yes Partially No Yes Partially NoAre the senior management team awareof the impact of any current issues being Is there a clear roadmap agreed across thefaced in the network security area, and the organisation for improving network securityneed to resolve these issues? with measurable milestones in place? Yes Partially No Yes Partially NoIs there a network security strategy andpolicy in place and is it well defined acrossthe organisation? Yes Partially NoIf yes, are the strategy and policiesbeing followed? Yes Partially No 4. Summary Yes Partially No 1. Organisational awareness and commitment 2. Current secure networking effectiveness 3. Current and planned secure networking initiatives
  7. 7. Why BT? About the BT Quick Start SeriesBT Global Services is a market leader in BT’s Quick Starts are concise, service-ledproviding secure networking consultancy and engagements focused on key services andsolutions. In 2006 BT was awarded the Frost & technologies that are of critical importance toSullivan European Market Leadership Award in organisations within the digital networkedthe Customer Premise Equipment (CPE) economy. These services and technologiesManaged Security Services (MSS) market. In combine to form a wider infrastructure model,the following year, BT was awarded leadership each representing significant advances andin the North American Gartner MSSP Magic long-term efficiency for the organisationsQuadrant. In 2008 BT was awarded “Strong deploying them. The Quick Starts can be usedPositive” in Gartner’s Asia and European MSSP as an integral part of an organisation’s roadmapMarket Scopes. along their development journey. BT Quick Starts enable customers to assess,BT’s position in the secure networking market test, plan and establish the validity of eachhas strengthened with the acquisition of service or technology in manageable parts.Infonet in February 2005, followed by the Each Quick Start is formed using defined stagesacquisition of Radianz the following month, with clear outcomes and will provide theand then most recently Counterpane in 2006 necessary information not only for theand INS in 2007. technical aspects of deployment, but also forThis has been rapidly followed by several other the commercial justification of infrastructure oracquisitions in 2008 network changes.l INet with a strong track record in Italian Blue Chips. What next?l FRONTLINE with security capability We can take you through the benefits and throughout the Asia-Pac region. implications that would directly affect yourl Net2S, a technology and security consultancy organisation. In addition, we can help to build specialising in capital markets. tangible examples which are more valuable to your business stakeholders. Contact your BTBT’s Managed Security Service offerings are Account Manager to arrange a meeting andvery comprehensive and include firewall/VPN, discuss collaborative working in more detail.IDS/IPS, anti-virus, anti-spam, URL filtering,strong authentication services (PKI), securityevent monitoring and correlation, vulnerabilityassessment and threat mitigation.Offices worldwideThe telecommunications services described in this publicationare subject to availability and may be modified from time to time.Services and equipment are provided subject to BritishTelecommunications plc’s respective standard conditions ofcontract. Nothing in this publication forms any part of anycontract.© British Telecommunications plc 2008Registered office: 81 Newgate Street, London EC1A 7AJRegistered in England No. 1800000Designed by Loewy: LondonPHME 53150