La sécurité de l'emploi : protégez votre SI
Upcoming SlideShare
Loading in...5
×
 

La sécurité de l'emploi : protégez votre SI

on

  • 713 views

La sécurité n’est plus un add-on au système d’information, mais doit s’intégrer à tous les niveaux, depuis son architecture jusqu’à la résolution d’incidents, en passant par ...

La sécurité n’est plus un add-on au système d’information, mais doit s’intégrer à tous les niveaux, depuis son architecture jusqu’à la résolution d’incidents, en passant par l’exploitation au quotidien des centres de données. Dans un contexte de mobilité accrue et en considérant l’émergence d’un modèle d’informatique à la demande, la sécurité repose autant sur la prévention technique que sur l’éducation comportementale des utilisateurs et sur la capacité des systèmes à résister aux attaques Session présentée par le partenaire : DELL.

Speakers : Florian Malecki (DELL)

Statistics

Views

Total Views
713
Views on SlideShare
700
Embed Views
13

Actions

Likes
0
Downloads
16
Comments
0

1 Embed 13

http://www.microsoft.com 13

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • So before we dive into our security strategy, let’s first talk about how we got here… where we are as an industry… the IT journey.In the mainframe and mini computer/AS400 era, data, device access to the data and applications were all safe and in one place. Even as the datacenter got distributed it was still easy to secure it was all in one place, inside a firewall and glass house.But with the advent of x86 servers and internetworking, data and applications became distributed and the dawn of client server computing and multi-tier architecture emerged….users, applications and data started spreading out and number of security products started to grow, but data still relatively safe inside a network firewall. As the web emerged, and applications were becoming accessed by the web, much of the data was still hosted on a back end system and still fairly safe, security risk increased in terms of access to data and new tools emerged to fix the new vulnerabilities such a virus’ that crept in, denial of service attacks, etc., however the data was fairly resident inside the enterprise firewalls.  Today, data and applications can be anywhere, and users can access these applications from anywhere, and security tools are everywhere like a patch work of utilities trying to plug the old vulnerabilities and they new types of vulnerabilities. The complexity of data anywhere and users everywhere as well as a patchwork of siloed security is now so extreme, that legacy security methods and managing in SILO’s is dangerous and long past its time.
  • As we were thinking about our security strategy, we wanted to do what we do best… talk to customers. We surveyed our customers and learned the key things driving them today. The top 3 themes we heard from our customers is that they want to leverage the enormous opportunities presented by Cloud, Big Data and Mobility; however the opportunity is locked up due to the 4th trend: Security and Risk challenges.
  • Many organizations have adapted to their security challenges by applying layers of security, effectively managing security in silos. BYOD, the cloud, and APTs and other threats all dealt with inconsistently and separately with disparate solutions, leaving IT always reacting. But Dell believes that managing security in silos creates risk to the business. These risks exacerbate the existing security challenges of: compliance, new technologies, limited security resources, growing threats. Dell believes there is a better way.
  • EXEC QUESTION: As an example, how many programs have you delayed because of security? Which ones and what were the challenges? Or have you pushed through while accepting risk (known and/ or unknown)? How often have you continued with known/ or unknown risk (accepted risk)?Or do you give in and throw security caution to the wind? … can’t do that because of compliance requirements… more often stall projects.Question… What is your security profile: ostrich (claim ignorance), vigilant (get all data) and not invented here… what do you want to be… ideal profile, aware of risks, don’t slow down and be careful. Mega Security Threats: Security threats – Greater frequency and caliber New technologies that have security challenges (big data, BYOD, cloud computing, other) Resources are limited (people, money) Security can no longer be a disjointed effort Encourage innovation while protecting business
  • Increased mobile worker demand to access mc apps, not just email and calendar any more.IT has done a great job of enabling fast, easy mobile access to calendar and email, specifically, deploying activsync has made it pretty easy to enable secure access with minimal security risks.Mobile workers have enjoyed great productivity gains from this and are now demanding access to more than just email and calendar.As you can see from a Yankee Group survey last year, mobile workers want to further increase productivity and get access to more apps and data, including corporate data bases, financials, CRM….The challenge to IT is to enable this in a way that delivers a simple mobile user experience for a wide variety of business workloads while keeping management complexity and security threats to a minimum.
  • Of course, this is no surprise to IT, because mobile workers have increasingly been demanding access to mission-critical data and apps from personal smart phones, tablets and laptops. But, this personal and business, mixed -usage model, often results in co-mingling of personal and business data and apps on mobile devices .  The typical scenario is a mobile user accessing email, calendar, the internet, social media and other apps for personal use, and also accessing business mail, calendar, intranet file share and intranet business apps for business use.The challenge for IT here, is that this comingling of apps and data increases the risk of business data loss and the risk of malware threats. So let let’s look more closely at the mobile threats, the impact co-mingling presents and the technologies available now and on the horizon to enable worker productivity while protecting from mobile threats 
  • Many organizations have adapted to their security challenges by applying layers of security, effectively managing security in silos. BYOD, the cloud, and APTs and other threats all dealt with inconsistently and separately with disparate solutions, leaving IT always reacting. But Dell believes that managing security in silos creates risk to the business. What if a single solution could help you: Respond quickly to security threats and problems before they negatively impact the business.Protect every part of the infrastructure – inside and outside the network –reducing the number of vendors and disparate solutions and gaining efficiencies by reducing costs.Provide common-sense reporting that spans across areas of the network and infrastructure, helping to reduce the risk of errors from missed problems or threats, and saving time.Unify the patchwork of processes, reducing the complexity of meeting security and compliance objectives?. … and Dell provides that solution. It’s called Connected Security.
  • Dell Connected Security gives organizations the power to solve their biggest security and compliance challenges today, while helping them better prepare for tomorrow. From the endpoint to the data center to the cloud Dell helps mitigate risks to enable the business. Connected Security is security that: Shares and applies intelligenceWorks with the business, end-to-endMaintains flexibility and open architectureEnables broad contextual awareness with dynamic controlIt all means:Greater efficiency with solutions that are easy to deploy and manageGreater effectiveness, improving your security visibility, threat prevention and response 24x7Greater productivity, ensuring security without performance trade-offsWhat it’s NotFully converged security such that layers and pieces are irrelevantNon Dell technology still fits inCompletely centralizedstill going to have security with specific jobsMonolithic and heavyLocked in approachOpen architecture still the way to gomation everywhere (and maintain business operations)
  • Our lifecycle approach to security ha solutions that cover the entire spectrum of IT… … from the endpoint where we encrypt data at rest and secure devices… to the network where our award-winning capabilities in next-generation firewalls, secure remote access and email security protect the boundary without sacrificing user productivity or network performance … to the user where we ensure that the business has control over who has access to what information, that it can be governed, audited and managed for greater efficiency… to managed security services that provide counter-threat protection, incident response and risk consulting from some of the world’s largest dedicated team of security researchers.Here are the broad solutions we provide in our Connected Security approach… We’ll focus on three areas in particular in this presentation: Identity and access management, network security and endpoint security.
  • The best security is the security you just get wherever you are “end to end”Building it into the infrastructure so it is just there is the best way to get it (embedded in the hardware, infrastructure)
  • How are we doing this… Connected Security is all about providing customers with a balanced approach to security. It should be simpler, more unified and connected to the business. It should be an enabler to the business and not get in the way. Being too lax on security means too much risk, but applying too much security and end users can’t do their jobs. We Embed security natively at the time of manufacture into every piece of infrastructure, every device. This connects security to information (or data) wherever it resides. We Detect, Protect and enable you to Respond to threats before they have negative consequences on the business, or Predict them based on patterns of behavior or through shared intelligence. Our solutions collectively gather, analyze, report and enable you to act, connecting security to the infrastructure and applications critical to your business. We eliminate the silos of security information, connecting security across solutions – data, user, network, applications and services.
  • Is Dell Connected Security real? How exactly are we proving this out? Today… we already have solutions that we embed within hardware (connecting to infrastructure). We also have traditional security solutions that leverage all of the information on a network, in the wild to proactively protect (this is what security solutions do… no differentiation… but it is connecting to information).But our real differentiation is in how we can connnect disparate secruity solutions to other security solutions. We have two examples we want to review with you.
  • NOTE: the demo will be run live, or will be a video. If we go with the latter, the live demo will be run in the expo area at predetermined hours on THUR and FRI.
  • Is Dell Connected Security real? How exactly are we proving this out? Today… we already have solutions that we embed within hardware (connecting to infrastructure). We also have traditional security solutions that leverage all of the information on a network, in the wild to proactively protect (this is what security solutions do… no differentiation… but it is connecting to information).But our real differentiation is in how we can connnect disparate secruity solutions to other security solutions. We have two examples we want to review with you.
  • NOTE: the demo will be run live, or will be a video. If we go with the latter, the live demo will be run in the expo area at predetermined hours on THUR and FRI.
  • NOTE: the demo will be run live, or will be a video. If we go with the latter, the live demo will be run in the expo area at predetermined hours on THUR and FRI.
  • NOTE: the demo will be run live, or will be a video. If we go with the latter, the live demo will be run in the expo area at predetermined hours on THUR and FRI.
  • In 2012-2013, Dell security and business solutions are recognized in 19 Gartner MQ reports and Dell is positioned as a Leader in 8 of the reportsSources:See Appendix Security AR Contact: Ashley Vandiver/Security AR activities for Dell across bu’s, avandiver@secureworks.com)
  • More than 9,000 employees $4 billion in revenueEighth largest service provider in the U.S., serving about 5.8 million customers in 126 markets in 26 states.  CHALLENGE: U.S. Cellular needed to secure a 4G LTE network by 2012. The company needed to protect its network traffic from outside attacks and a multitude of ever-evolving threats. U.S. Cellular needed a solution that could handle tremendous volumes of traffic and could support 40GB throughput per second. RESULTS:Dell SonicWALL SuperMassive Next-Gen Firewall provides extreme scalability and performance. The SuperMassive solution was specifically chosen because of its extensible multi-core architecture and ability to manage bandwidth for heavy loads of network traffic.US Cellular was able to expand remote access for employees to access corporate resources remotely by implementing Dell SonicWALL’s Aventail SSL VPN platform

La sécurité de l'emploi : protégez votre SI La sécurité de l'emploi : protégez votre SI Presentation Transcript

  • La sécurité de l'emploi : protégez votre SI Florian Malecki EMEA Product & Marketing Solution Director Dell Florian_Malecki@dell.com, www.dell.com/security Sécurité
  • Donnez votre avis ! Depuis votre smartphone sur : http://notes.mstechdays.fr De nombreux lots à gagner toute les heures !!! Claviers, souris et jeux Microsoft… Merci de nous aider à améliorer les Techdays ! #mstechdays Sécurité
  • Underlying foundation of threats: Basic nature of threats is constant change Expanding complexity and reach of threats Global infrastructure • Cyber-terrorism, morphing and complex threats Regional networks • AI (learn) hacking Multiple networks • Internet • Worms • Modem Individual computers 1980 • DOS/ DDOS • Firewall 101 • Individual computers • Trojans • Security Individual networks • Physical again (Portable media) • TSRs • XSS, SQL Injection attacks • Espionage • Financial gain • Homeland security threats • Delivery via Web 2.0 and social networking sites • Viruses 1990 2000 2014
  • Threats are constantly evolving Risk of confidential data leakage is ever increasing
  • 2014 Security Trends 1. Increased Usage of SSL Encryption 2. 3. 4. 5. 6.
  • Increased Usage of SSL Encryption http://www.networkcomputing.com/next-generation-data-center/news/networking/nsa-surveillance-revives-calls-for-an-al/240165556 http://www.thewhir.com/web-hosting-news/ssl-use-among-million-busiest-sites-48-year-year-netcraft-survey
  • Increased Usage of SSL Encryption http://www.webpronews.com/yahoo-search-is-now-encrypted-by-default-2014-01 http://www.zdnet.com/twitter-enforces-ssl-encryption-for-apps-connecting-to-its-api-7000025138/ http://searchenginewatch.com/article/2309689/As-Microsoft-Moves-to-Encrypted-Search-Webmasters-Could-Lose-More-Keyword-Data http://online.wsj.com/news/articles/SB10001424052702303448204579339432277705894
  • Security Trends, 2014 1. Increased Usage of SSL Encryption 2. Ransomware Continues
  • http://www.legitreviews.com/cryptolocker-ransomware-affected-estimated-250000-computers_131647 http://www.tomsguide.com/us/cryptolocker-evolves-worm,news-18066.html
  • http://arstechnica.com/security/2014/01/researchers-warn-of-new-meaner-ransomware-with-unbreakable-crypto/ http://www.therecord.com/news-story/4334442-ransomware-attacks-are-increasing/
  • Security Trends, 2014 1. Increased Usage of SSL Encryption 2. Ransomware Continues 3. Increase in Win 7 & Win 8 Attacks
  • Increase in Win7 & Win8 Attacks http://www.independent.ie/business/technology/deadline-looms-for-xp-users-as-microsoft-shuts-system-support-29941733.html http://www.zdnet.com/at-years-end-xp-usage-plunges-as-windows-7-and-8-take-over-7000024699/
  • Increase in Win7 & Win8 Attacks http://www.independent.ie/business/technology/deadline-looms-for-xp-users-as-microsoft-shuts-system-support-29941733.html http://www.zdnet.com/at-years-end-xp-usage-plunges-as-windows-7-and-8-take-over-7000024699/
  • Security Trends, 2014 1. Increased Usage of SSL Encryption 2. Ransomware Continues 3. Increase in Win 7 & Win 8 Attacks 4. New Exploit Kits in the Wild
  • New Exploit Kits in the Wild http://threatpost.com/blackhole-and-cool-exploit-kits-nearly-extinct/103034 http://news.softpedia.com/news/BlackHole-Exploit-Kit-Author-Reportedly-Arrested-in-Russia-388949.shtml
  • New Exploit Kits in the Wild http://contagiodump.blogspot.com/2010/06/overview-of-exploit-packs-update.html http://www.scmagazineuk.com/exploit-kits-for-sale-on-a-website-near-you/article/301851/
  • Security Trends, 2014 1. Increased Usage of SSL Encryption 2. Ransomware Continues 3. Increase in Win 7 & Win 8 Attacks 4. New Exploit Kits in the Wild 5. Sophisticated Smartphone Attacks
  • Sophisticated Smartphone Attacks
  • Sophisticated Smartphone Attacks Vulnerabilities Malware Families http://gcn.com/articles/2013/04/19/iphone-vulnerabilities-android-most-attacked.aspx
  • Security Trends, 2014 1. Increased Usage of SSL Encryption 2. Ransomware Continues 3. Increase in Win 7 & Win 8 Attacks 4. New Exploit Kits in the Wild 5. Sophisticated Smartphone Attacks 6. System Hopping Malware
  • System Hopping Malware http://www.computerworld.com/s/article/9229596/Windows_malware_hides_in_iOS_app http://consumerist.com/2013/02/04/great-now-theres-android-malware-that-can-infect-your-pc-turn-it-into-a-listening-device/
  • System Hopping Malware http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/ http://www.pcworld.com/article/2090940/new-windows-malware-tries-to-infect-android-devices-connected-to-pcs.html
  • The IT journey… From mainframe to client server to distributed to risk everywhere
  • Powerful disrupters… the world is more connected than ever. Cloud Big Data Mobility Security and risk 85% of businesses said their organizations will use cloud tools moderately to extensively in the next 3 years. 35 By 2020 volume of data stored will reach 35 Zettabytes 5X Mobility source shifts from 62%/38% corporate/personal owned to 37% corporate owned and 63% personal owned 79% of surveyed companies experienced some type of significant security incident within the past year that resulted in financial and/or reputational impact
  • Unfortunately, the bad guys are more connected too. They have many names Spear-Phishers, BOTnets, DDoS, Zero-Day Threats, Insider threats & former employees They’re determined to exploit “disconnected security” Security tools, processes, user profiles and information, separated in siloes that leave dangerous gaps inbetween
  • Business can’t stop to wait for security Cloud SaaS Data growth BYOD Desire: secure How is your To embrace environment business trends with all these new initiatives Challenge: coming into Security often play? gets in the way Web 2.0 Virtualization Compliance
  • Users are Increasingly Out of Your Control More… Day Extenders Home Office Users Kiosks/Public Machine Users    Traveling Executives   Devices Saas/Hosted Apps Social Media Network environments Mobility Business Partners/ Extranet Users Saas, Web 2.0 Real-Time Apps Wireless LAN Users VOIP Users Tablets & Smart Phone Users Internal Users External Users
  • Mobile business use cases It’s not just email and calendar any more… SOURCE: Yankee Group, June 2012
  • Why mobile devices can be risky? 30
  • Every 56’’ a laptop is stolen $49,246 Average value of lost laptop1 46% Of lost laptops contained confidential data1 Data is the most important asset companies own: + Intellectual Property + Customer and employee data + Competitive information IT managers are looking for ways to: Were not protected with mobile security features1 $5.5M Average organizational cost of a data breach2 Source: 1. Poneman Institute Study Source: 2 Symantec & Poneman Institute Study: US cost of a Data Breach, 2011 Fully protect data wherever it goes without disrupting end users + Save time deploying and managing security + Ensure they remain in compliance + 57% + Flexible scale to ensure they meet the requirements of different users
  • Mobile usage – blurred lines Personal Business Email Email Calendar Calendar Internet access Intranet file share Social media Intranet business apps Increased risk of business data loss and introduction of malware
  • Today, layers and silos get the security job done but often have gaps = business risk Individual job done well in silos • Solutions often don’t work together • Solutions don’t work across the business Silos and layers add stress to your resources • Difficult to get to work together • Limited security resources Dell belief: there is a better way
  • Dell’s vision: Connected Security for a connected world Effective Security to enable business while also meeting the needs of security Connected Security is security that… • • • • Shares and applies intelligence Works with the business, end-to-end Maintains flexibility and open architecture Enables broad contextual awareness with dynamic control Protect information everywhere Efficient Work with the business
  • Securing & Monitoring Data and Access DDP| E KACE Applications SonicWALL SecureWorks Data
  • The Dell Approach is Simple and Modular with Outside in and inside out protection, from device to cloud. Data cloud Data Security Configuration & Patch Management Identity Identity & Access Management Data center Network End points Next Gen Firewall Secure Remote Access Email Security Security Services Incident Response Managed Security Services Security & Risk Consulting
  • Dell Security Service s Let good guys in Keep bad guys out Enstratius (Multi-Cloud Manager) IAM Dell Threat Intelligence Dell Incident Response Application Security Network Security Data & Endpoint Security Dell KACE Dell SonicWALL Dell SonicWALL Secure Remote Access (SRA) Mobile Connect Dell One Identity IAM Dell Security & Risk Consulting Configuration & Patch Management Dell Data Protection Encryption Dell KACE Dell SonicWALL Embedded in Dell Infrastructure & Devices Email Security Dell SonicWALL K3000 MDM Next-Gen Firewall Dell Wyse Cloud Client Manager Scalable and Mid-Market design point: endpoint to data center to cloud Endpoint Network Server Storage Cloud Did you know DELL does Security? *formerly Quest One Dell Managed Security Services
  • Better connected means better protected Connect security to infrastructure Embed: Security embedded natively into infrastructure Connect security to information Protect, Predict: Security solutions that gather, analyze, report and enable action Connect security to other security solutions Embed, Protect, Predict, Respond: Security that is no longer siloed…Data, User, Network,, Services
  • Making Dell Connected Security tangible • Encryption enforcement for Cloud Services
  • Demo: Encryption Enforcement for Cloud Services Data protection assurance… • Dell Data Protection | Encryption + • If encryption isn’t present, document cannot be posted until device is compliant with policy • Dell NextGeneration Firewall Ensures encryption is applied prior to the document being posted to a cloud service Applies company access policies to cloud service, if desired Better connected means better protected
  • Making Dell Connected Security tangible • Secure Mobile Access
  • Demo: Secure Mobile Access Dell Kace + Dell Secure Mobile Access Better connected means better protected
  • Demo: Secure Mobile Access • Quarantine systems not running the KACE agent • Redirect users to KACE User Portal • Allow KACE agent to bring endpoint to compliance Better connected means better protected
  • Demo: Secure Mobile Access Secure Mobile Access… Dell Defender + Dell Secure Mobile Access • Increased security using SSL VPN and 2 Factor Authentication solutions Better connected means better protected
  • Mobile Connect for Windows 8.1 • Microsoft ships Mobile Connect VPN plugin ‘Inbox’ in Windows 8.1 • Supports all versions of Windows 8.1 including Windows RT and (Window Phone Future) • Integrated Windows user experience with management via Windows UI, MDM solutions and PowerShell.
  • Dell security and business solutions are recognized in the Gartner Magic Quadrants 2011 to 2013 Challengers Leaders • Identity and Access Governance • Managed Security Service Providers • Unified Threat Management • User Administration and Provisioning Security Solutions Niche Players • Enterprise Network Firewalls • Secure Email Gateways • Enterprise Backup/Recovery Software Visionaries • E-Class SRA SSL VPN • Mobile Data Protection
  • Snapshot Patagonia grew out of a small company that made tools for climbers. Alpinism remains at the heart of a worldwide business that still makes clothes for climbing – as well as for skiing, snowboarding, surfing, fly fishing, paddling and trail running, and employs over 1600 employees worldwide. Challenge The company needed to update its legacy firewalls and implement a centralised management tool to make it easy to deploy and manage. Application Intelligence and Control firewall functionalities and QoS were also key requirements. Results • Fast implementation of the Dell SonicWALL E-Class NSA 5500, TZ series and Wireless Access Points at the EMEA HQs and remote locations • Better bandwidth usage and management • Efficient and cost-effective distributed network implementation • Better work-life balance thanks to secure remote access • Dell SecureWorks for 24/7 security monitoring/auditing • Dell Eco System: servers, storage, laptops/PCs Software
  • Out Connect The Threats with
  • Dell Connected Security
  • Digital is business