SlideShare a Scribd company logo

Security 2 Q 07[1]

Sharpe Smith
Sharpe Smith
Technology
1 of 6
Download to read offline
Rogue Access Not Only CIO Security Headache BY J. SHARPE SMITH Security threats in the wireless space are so plentiful In fact, according to research done by J. Gold it is no wonder that some companies throw up their Associates, fewer than 10 percent of companies deploy hands and cut back on wireless access to their mobile security software suites. In its White Paper, computers. When we think of security risks, we usually “10 Steps to Mobile Security,” J. Gold suggests several think of someone stealing credit card information, actions that are key to mobile security. These 10 Steps but there is so much more to be wary of in today’s to Mobile Security include: enterprise in terms of threats, including rogue wireless access to company networks, denial of service • End users attacks on web sites and the introduction of crippling – Set policies, document, and get user buy-in viruses into the wireless space. – Enforce policies on mobile devices for all users • Devices But it doesn’t have to be that way. Companies today are – Make sure password protection is always set to finding plenty of ways of strengthening their security “ON” with a growing array of defenses to protect both – Include updated personal anti-virus (AV) and customer data and company data. For today’s telecom firewall on devices director or IT manager, if sensitive information is being – Encrypt sensitive files on all devices transmitted or can be accessed over the air, security is – Enable device lockdown and kill just as important as connectivity. • Infrastructure – Determine what file types can be Many corporate executives, however, are not aware downloaded/synced by which users, when, how of the risk and consequences of unsecured wireless, and to which devices according Kevin Beaver, an independent information – Log device usage for compliance where security advisor with Principle Logic, LLC. Working with appropriate today’s enterprises, Beaver sees many people – Enforce connection security/virtual private overlooking the task of testing for wireless security network (VPN) standards vulnerabilities during standard security assessments • Organization and audits. – Review and update policies regularly, as things change often VOL. 3, ISSUE 2, 2007 EWM 18
Over the Air Encryption Too VPN must be deployed that includes data encryption, authentication and data encapsulation.” Often Overlooked Authentication of the mobile user can be achieved Beaver sees several quot;security frontsquot; or points of through the use of a user/password, biometrics, such vulnerability. The first one is people who carelessly use as a fingerprint, and the use of a token key or wireless networks at work, at home and when smartcard, which is inserted into the computer’s USB traveling. He finds many major corporations with port. It creates an additional layer to confirm the user. laptops, PDAs and other mobile devices that have no security protection such as device-specific firewalls, power-on passwords or VPNs. Even 802.11 communications with Wired Equivalent Privacy (WEP) or the Wi-Fi Alliance specification, Wi-Fi Protected Access (WPA) are vulnerable, according to Beaver. “These encryption keys can be hacked using a number of free tools such as Aircrack,” he says, “which can lead to the capture of confidential information, denial of service attacks, and more.” Mobile VPNs One security measure is to make a wireless laptop’s transmissions more secure through the use of a virtual Authentication of the mobile user can be achieved private network. While most VPNs are created for the through the use of biometrics, such as a fingerprint. wired networks, it is critical for a wireless user to use a mobile VPN, which is designed particularly for wireless networks. A mobile VPN allows for data encryption, “Authentication tokens are an essential component in encapsulation and authentication for each individual PC and data security solutions for they provide strong mobile user. user authentication, ensuring that individuals accessing data are who they claim to be,” according to a White “There is increased Paper by Aladdin, makers of Etoken authentication and market demand for password management. “Furthermore, certain kinds of security in mobile VPNs. authentication tokens – such as USB smart-card-based Users are expressing the tokens – can provide significant extended support for need for security in their strong PC and data security by offering secure data transmissions,” generation and storage of encryption keys.” says David Torres, director of business Not only must the user be authenticated, but the development, Radio IP wireless laptop must be guaranteed that it too is the Software, Inc., which correct mobile device for accessing the corporate offers mobile VPN as a network. To do this, the corporate server gateway has feature of its Radio IP David Torres, a certificate and the laptop receives a certificate. MTG software suite. Radio IP Software Together they can mutually authenticate. “Certificate authentication further validates your devices and “Government agencies, utilities and others are protects your system from intrusions,” says Torres. becoming more careful about transmitting sensitive information over the air.” The problem, according to User authentication attempts can only be made if Radio Torres, is that most VPN solutions are created for the IP MTG has validated the device and opened an wired networks. To protect a wireless laptop, a Mobile encrypted tunnel. This process protects the username, VOL. 3, ISSUE 2, 2007 EWM 19
domain and password information from being intercepted. The data is then compressed to protect it from being intercepted and encrypted. Today’s encryption has been enhanced, making it increasingly difficult to break. There are several levels of encryption possible, from the 56 bit Data Encryption Standard (DES), which many feel is too easy to hack, to the Advanced Encryption Standard, which comes in 128, 192, and 256-bit key sizes. “To ensure your data is transmitted securely with high-level encryption,” says Torres, “your data should be encrypted with either AES (256-bit) or Triple DES (168-bit) methodologies, using FIPS [Federal Information Processing Standard] 140-2 certified technology.” The username, domain and password information in over the air transmissions are targets for interception. Mobile VPN Helps Northeastern Utility Secure Communications acceptance of wireless LAN technology comes ample possibility for leakage of corporate information or the Security plays a critical role in the wireless system of introduction of malware, malicious software designed EnergyEast, a diversified energy provider that serves 3 to damage a computer system. As a result, analysts million people in the Northeast, which deployed Radio suggest that more than half of the security breaches IP’s Mobile VPN early in 2006. come from within the walls of company headquarters through rogue wireless access to the network. Highly encrypted, secure transmissions to and from mobile devices in the field through the use of a Mobile “Guarding against denial of service attacks plays a big VPN are essential to protect the customer information, role in our security plan,” says EnergyEast’s Nistane. employee confidential information and details “It’s our most stringent criteria in combating wireless concerning the utility’s overall electrical infrastructure, security issues.” The utility is using Radio IP’s Access according to Shrikant Nistane, project lead for mobile Defender, which scrutinizes and quarantines all data at Energy East. In additional to the Mobile VPN, he incoming communication attempts, allowing the LAN to adds additional passwords to ensure user give access to the mobiles rather than the mobiles authentication. initiating the access to the LAN. “When there are mobile devices out in the field, there Access Defender is an example of central management is always the possibility that some one will gain access software that protects the host network from outside to the device. We are here to minimize and contain the attacks such as the DOS attacks and buffer overrun risk,” says Nistane. “It is a constant battle. At the same attacks. Rogue access must be detected and shut down time, we have to do everything that is absolutely before sensitive information is lost or an attack on the necessary to serve the customer.” network ensues. Vulnerable access points can occur for many reasons: Rogue Access to IT Systems Can a wireless system set up by an employee, a mis- Cause Security Breeches configured access point or one that is running default configurations. Additionally, a breech can be as More than just over-the-air security was needed at malicious as a hacker setting up an access point or it EnergyEast. The utility also required a way to guard can be as innocent as a neighboring WLAN accessing against denial of service (DOS) attacks in the form of the strongest signal through a poorly configured access rogue access to its data system. With the increasing point. And there’s more. A hacker can also gain access VOL. 3, ISSUE 2, 2007 EWM 20
using hybrid network bridging through WiFi, AirMagnet. Mobile Manager detects rogue APs by Bluetooth, Modems or infrared links to a PC while it is comparing data from the APs and wireless laptops connected to the wired corporate LAN. reporting on the wireless side of a network with what Mobile Manager detects on the wired side. The key to network management is visibility of port access, knowing who is connecting what devices to Safend’s hybrid network bridging prevention feature is every single endpoint in the network –– from USB to designed to block access to WiFi, Bluetooth, modems WiFi and Bluetooth –– enterprise-wide, according to or infrared links while a laptop is connected to the Hay Hazama, VP of research and development for wired corporate LAN. “Concerning Wifi, most Safend, which produces endpoint security solutions. manufacturers have concentrated on the infrastructure, providing more secure protocols, higher “While most organizations adequately protect encryption, authentication and remaining compatible Internet connections via TCP/IP ports with firewalls, with 802.11,” says Safend’s Hazama. “But the endpoints are often overlooked,” says Hazama. problem is that the laptop can log on to a rogue “Given that there are 26,000 different USB products access point and believe it is on the correct network available today and WiFi use is on the rise, the and expose its data to unauthorized personnel.” problem of securing company laptops and PCs from data theft, data leakage and malicious attacks Encrypting the Hard Drive continues to challenge IT administrators.” Covers Another Vulnerability “The answer for IT managers deploying Wireless LANs is to effectively detect and block wireless access But what about the data after it is stored on the points and client stations automatically and in real- computer? The security threats caused by stolen laptop time,” according to a White Paper by AdventNet, computers have been well documented. University of provider of network management solutions for California, Berkeley had a laptop stolen that contained enterprises. personal information on more than 98,000 of the school's graduate students. In the last year, wireless According to AdventNet, rogue activity can be laptops containing hundreds of thousands of personnel detected by regularly doing the rounds of the records have been stolen from U.S. Department of facility with a mobile device using software such as Veterans Affairs staff, ING's U.S. Financial Services AirSnort or NetStumber that sniffs the air for wireless hoffice in Washington, D.C., Deloitte Accountants, activity. These solutions are well known for being able Electronic Data Systems and Equifax, the credit-bureau to detect unrecognized access points, but it is company. Mercantile Potomac Bank, General Electric, irregular in its approach to security. Full time RF Aetna, Hewlett-Packard and Fidelity Investments. sensors such as products by AirMagnet and AirDefense can be installed to continuously monitor Analyst Kevin Beaver all Wi-Fi traffic to detect, disable and document notes, “Hard drive rogue access. encryption is an especially big issue. In what is known as a background probe, Wavelink When a hard drive is not Rogue AP Detection and Identification Software can encrypted, practically enable the mobile devices in the company to scan the anyone can use airwaves for rogues during idle time. Additionally, legitimate security tools the AP detection can actually be integrated into the such as Ophcrack's access points, such as the ORiNOCO made by LiveCD or Elcomsoft Proxim Corp. System Recovery to maliciously break into Wavelink Mobile Manager and Airwave Management a system within minutes Platform (AMP) both depend on wired side inputs for of obtaining it by Kevin Beaver, AP detection and both support sensors from stealing it or finding it.” Principle Logic, LLC VOL. 3, ISSUE 2, 2007 EWM 21
Securing data on laptops is a new area of focus for organization can utilize a Radio IP Mobile VPN, and use today’s corporations, brought about by these well- iAnywhere's Afaria as another layer of security,” says publicized security problems and new regulations that Radio IP’s Torres. have also pointed a spotlight on security on the laptop, according to Shari Freeman, director of product Disaster Recovery, Business management for Sybase iAnywhere. Continuity and Data Security “For a long time, companies have been focused on over the air security, how wireless laptops get authenticated One way to reduce the risk involved in losing a wireless and how they connect with the corporate network with laptop is ensure that no company files reside on the VPN technology,” Freeman says. “The increase in hard drive; therefore, no possibility exists of have a security breeches has raised companies’ awareness of laptop full of critical information fall into the wrong the security issues surrounding laptops.” hands. Technology now exists that allows an employee to access the network remotely but is not allowed to In one example, in response to the theft of an download information. For example, Citrus and unencrypted laptop computer containing the personal Chemical Bank, a community bank in Central Florida information of 26.5 million people, the U.S. Department with $850 million in assets, was looking for a device to of Veterans Affairs moved to encrypt all computers support business continuity in the event of a disaster across the entire VA system, more than 300,000 such as a hurricane but found a new way to keep its laptops, desktops, smart phones and PDAs. Using the corporate data safe. GuardianEdge Data Protection Platform and Trust Digital Security's Mobile Device Solution, the V.A. targeted “We wanted a secure method for our employees to be laptops first for data security programs and then able to work from home if they were unable to come to followed with desktop PCs and portable media like work due to some disaster,” says Render Swygert, flash drives and compact discs. executive vice president of information systems and technology, Citrus and Chemical Bank. “We have a staff Another option to protect the laptop hard drive is that supports the bank 24/7/365. We are always on call Sybase Ianywhere’s Afaria product, which is designed to wherever we are.” manage applications and data and provide security on wireless devices. To protect the data in case the computer is stolen, The Afaria 5.5 Security Manager component uses an AES cryptographic module (currently undergoing FIPS 140-2 certification) to encrypt the hard drive and a pre-boot authentication password. “We see an increasing amount of interest in managing and securing mobile devices from companies with a lot of field workers, such as utilities and telecom providers, and companies with large sales forces, such as pharmaceutical companies and financial services,” Freeman says. No single solution will protect against all of the threats. As a matter of course, Sybase iAnywhere has partnered with Radio IP to combine hard drive encryption and The MobiKEY from Route1 is a cryptographic USB token mobile VPN, which are compatible and complementary device that uses two-factor authentication to enable technologies. “We frequently see installations where an secure remote access. (Photo courtesy Route1) VOL. 3, ISSUE 2, 2007 EWM 22
What the financial institution found To do this, Enterprises should take managed. Every data transmission was the Route1 MobiKEY, a concrete steps to protect data, using should be monitored and verified to cryptographic USB token device that a variety of techniques in areas of ensure against a security breach. uses two-factor authentication to exposure. Starting with securing Employees must be educated on enable secure remote access. The every mobile device, all methods of security procedures and policies to device operates on a access to the corporate network protect corporate data. communications platform called need to be evaluated, approved and MobiNET, which authenticates the user, certifies the device and encrypts the transmission, while ensuring no residual data files are left behind on the remote computer. Swygart purchased the MobiKEYS and the administration portal to manage the devices, reporting on who is accessing the computer network and when the connections are made. IT staff, commercial loan officers, executive management team, risk management team and finance all received the devices. “I like the fact that once the MobiKEY is unplugged from the computer no residual files are left on the unit,” says Swygert. “It is an excellent solution to the problem of people getting their computers stolen.” The laptop computer is used as a slave to the host computer. Since no data resides on the unit and the user manipulates software on the host computer, Swygert has decided that in the future employees will only need a thin client, or dummy laptop, running Windows® OS and with internet connectivity. Wireless security is a must for today’s Fortune 500 company. Personal information of employees, as well as the social security numbers, credit card numbers, and other personal information of its customers, must be safe and secure. VOL. 3, ISSUE 2, 2007 EWM 23

Recommended

IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themRadouane Mrabet
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTUniversity of Ontario Institute of Technology (UOIT)
 
IoT based on cyber security in defense industry and critical infrastructures
IoT based on cyber security in defense industry and critical infrastructuresIoT based on cyber security in defense industry and critical infrastructures
IoT based on cyber security in defense industry and critical infrastructuresUITSEC Teknoloji A.Ş.
 
An Internet of Things Reference Architecture
An Internet of Things Reference Architecture An Internet of Things Reference Architecture
An Internet of Things Reference Architecture Symantec
 
Internet of things
Internet of thingsInternet of things
Internet of thingsvarungoyal98
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoTVasco Veloso
 
IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 Tonex
 
Internet & iot security
Internet & iot securityInternet & iot security
Internet & iot securityUsman Anjum
 

Recommended

IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themRadouane Mrabet
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTUniversity of Ontario Institute of Technology (UOIT)
 
IoT based on cyber security in defense industry and critical infrastructures
IoT based on cyber security in defense industry and critical infrastructuresIoT based on cyber security in defense industry and critical infrastructures
IoT based on cyber security in defense industry and critical infrastructuresUITSEC Teknoloji A.Ş.
 
An Internet of Things Reference Architecture
An Internet of Things Reference Architecture An Internet of Things Reference Architecture
An Internet of Things Reference Architecture Symantec
 
Internet of things
Internet of thingsInternet of things
Internet of thingsvarungoyal98
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoTVasco Veloso
 
IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 Tonex
 
Internet & iot security
Internet & iot securityInternet & iot security
Internet & iot securityUsman Anjum
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2SHOLOVE INTERNATIONAL LLC
 
Dissecting internet of things by avinash sinha
Dissecting internet of things by avinash sinhaDissecting internet of things by avinash sinha
Dissecting internet of things by avinash sinhaAvinash Sinha
 
Internet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open StandardsInternet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open StandardsGeorge Fletcher
 
Security Architecture for Small Branch and IoT
Security Architecture for Small Branch and IoTSecurity Architecture for Small Branch and IoT
Security Architecture for Small Branch and IoTBarcoding, Inc.
 
Bapinger Network Security
Bapinger Network SecurityBapinger Network Security
Bapinger Network SecurityDjadja Sardjana
 
Trust in the mobile internet of things
Trust in the mobile internet of thingsTrust in the mobile internet of things
Trust in the mobile internet of thingsAntonio Gonzalo
 
beware of Thing Bot
beware of Thing Botbeware of Thing Bot
beware of Thing BotBellaj Badr
 
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Karim Vaes
 
SIEM-based detection and mitigation of IoT-botnet DDoS attacks
SIEM-based detection and mitigation of IoT-botnet DDoS attacksSIEM-based detection and mitigation of IoT-botnet DDoS attacks
SIEM-based detection and mitigation of IoT-botnet DDoS attacksIJECEIAES
 
SE-4111 Max Berman, User Authentication for Mobile Devices and Access
SE-4111 Max Berman, User Authentication for Mobile Devices and AccessSE-4111 Max Berman, User Authentication for Mobile Devices and Access
SE-4111 Max Berman, User Authentication for Mobile Devices and AccessAMD Developer Central
 
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016David Glover
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsKenny Huang Ph.D.
 
Security in the Internet of Things
Security in the Internet of ThingsSecurity in the Internet of Things
Security in the Internet of ThingsForgeRock
 
The sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceThe sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceIcomm Technologies
 
Attacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network SecurityAttacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network Securityijtsrd
 
BYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sBYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sPatrick Angel - MBA, CISSP(c) CISM(c) CRISC(c) CISA(c)
 
IoT Agent Design Principles
IoT Agent Design PrinciplesIoT Agent Design Principles
IoT Agent Design Principlesardexateam
 
Identity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsIdentity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsPing Identity
 
Internet of Things: Challenges and Issues
Internet of Things: Challenges and IssuesInternet of Things: Challenges and Issues
Internet of Things: Challenges and Issuesrjain51
 
Internet of Things Security
Internet of Things SecurityInternet of Things Security
Internet of Things SecurityTutun Juhana
 
Samuel Hall Fastback Networks
Samuel Hall Fastback NetworksSamuel Hall Fastback Networks
Samuel Hall Fastback NetworksSharpe Smith
 
Mike Jones Advanced RF Technologies
Mike Jones Advanced RF TechnologiesMike Jones Advanced RF Technologies
Mike Jones Advanced RF TechnologiesSharpe Smith
 

More Related Content

What's hot

Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2SHOLOVE INTERNATIONAL LLC
 
Dissecting internet of things by avinash sinha
Dissecting internet of things by avinash sinhaDissecting internet of things by avinash sinha
Dissecting internet of things by avinash sinhaAvinash Sinha
 
Internet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open StandardsInternet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open StandardsGeorge Fletcher
 
Security Architecture for Small Branch and IoT
Security Architecture for Small Branch and IoTSecurity Architecture for Small Branch and IoT
Security Architecture for Small Branch and IoTBarcoding, Inc.
 
Bapinger Network Security
Bapinger Network SecurityBapinger Network Security
Bapinger Network SecurityDjadja Sardjana
 
Trust in the mobile internet of things
Trust in the mobile internet of thingsTrust in the mobile internet of things
Trust in the mobile internet of thingsAntonio Gonzalo
 
beware of Thing Bot
beware of Thing Botbeware of Thing Bot
beware of Thing BotBellaj Badr
 
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Karim Vaes
 
SIEM-based detection and mitigation of IoT-botnet DDoS attacks
SIEM-based detection and mitigation of IoT-botnet DDoS attacksSIEM-based detection and mitigation of IoT-botnet DDoS attacks
SIEM-based detection and mitigation of IoT-botnet DDoS attacksIJECEIAES
 
SE-4111 Max Berman, User Authentication for Mobile Devices and Access
SE-4111 Max Berman, User Authentication for Mobile Devices and AccessSE-4111 Max Berman, User Authentication for Mobile Devices and Access
SE-4111 Max Berman, User Authentication for Mobile Devices and AccessAMD Developer Central
 
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016David Glover
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsKenny Huang Ph.D.
 
Security in the Internet of Things
Security in the Internet of ThingsSecurity in the Internet of Things
Security in the Internet of ThingsForgeRock
 
The sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceThe sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceIcomm Technologies
 
Attacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network SecurityAttacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network Securityijtsrd
 
IoT Agent Design Principles
IoT Agent Design PrinciplesIoT Agent Design Principles
IoT Agent Design Principlesardexateam
 
Identity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsIdentity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsPing Identity
 
Internet of Things: Challenges and Issues
Internet of Things: Challenges and IssuesInternet of Things: Challenges and Issues
Internet of Things: Challenges and Issuesrjain51
 
Internet of Things Security
Internet of Things SecurityInternet of Things Security
Internet of Things SecurityTutun Juhana
 

What's hot (20)

Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
 
Dissecting internet of things by avinash sinha
Dissecting internet of things by avinash sinhaDissecting internet of things by avinash sinha
Dissecting internet of things by avinash sinha
 
Internet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open StandardsInternet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open Standards
 
Security Architecture for Small Branch and IoT
Security Architecture for Small Branch and IoTSecurity Architecture for Small Branch and IoT
Security Architecture for Small Branch and IoT
 
Bapinger Network Security
Bapinger Network SecurityBapinger Network Security
Bapinger Network Security
 
Trust in the mobile internet of things
Trust in the mobile internet of thingsTrust in the mobile internet of things
Trust in the mobile internet of things
 
beware of Thing Bot
beware of Thing Botbeware of Thing Bot
beware of Thing Bot
 
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
 
SIEM-based detection and mitigation of IoT-botnet DDoS attacks
SIEM-based detection and mitigation of IoT-botnet DDoS attacksSIEM-based detection and mitigation of IoT-botnet DDoS attacks
SIEM-based detection and mitigation of IoT-botnet DDoS attacks
 
SE-4111 Max Berman, User Authentication for Mobile Devices and Access
SE-4111 Max Berman, User Authentication for Mobile Devices and AccessSE-4111 Max Berman, User Authentication for Mobile Devices and Access
SE-4111 Max Berman, User Authentication for Mobile Devices and Access
 
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy Considerations
 
Security in the Internet of Things
Security in the Internet of ThingsSecurity in the Internet of Things
Security in the Internet of Things
 
The sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceThe sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work force
 
Attacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network SecurityAttacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network Security
 
BYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sBYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO's
 
IoT Agent Design Principles
IoT Agent Design PrinciplesIoT Agent Design Principles
IoT Agent Design Principles
 
Identity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsIdentity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of Things
 
Internet of Things: Challenges and Issues
Internet of Things: Challenges and IssuesInternet of Things: Challenges and Issues
Internet of Things: Challenges and Issues
 
Internet of Things Security
Internet of Things SecurityInternet of Things Security
Internet of Things Security
 

Viewers also liked

Samuel Hall Fastback Networks
Samuel Hall Fastback NetworksSamuel Hall Fastback Networks
Samuel Hall Fastback NetworksSharpe Smith
 
Mike Jones Advanced RF Technologies
Mike Jones Advanced RF TechnologiesMike Jones Advanced RF Technologies
Mike Jones Advanced RF TechnologiesSharpe Smith
 
Clayton funk Media Venture Partners
Clayton funk Media Venture PartnersClayton funk Media Venture Partners
Clayton funk Media Venture PartnersSharpe Smith
 
John Stevens Infinigy Presentation AGL Conference Denver Aug. 5, 2015
John Stevens Infinigy Presentation AGL Conference Denver Aug. 5, 2015John Stevens Infinigy Presentation AGL Conference Denver Aug. 5, 2015
John Stevens Infinigy Presentation AGL Conference Denver Aug. 5, 2015Sharpe Smith
 
HetNet Forum Wireless Trends
HetNet Forum Wireless TrendsHetNet Forum Wireless Trends
HetNet Forum Wireless TrendsSharpe Smith
 
Presentation by Edward Parkinson, FirstNet, at AGL Conference, June 19, Washi...
Presentation by Edward Parkinson, FirstNet, at AGL Conference, June 19, Washi...Presentation by Edward Parkinson, FirstNet, at AGL Conference, June 19, Washi...
Presentation by Edward Parkinson, FirstNet, at AGL Conference, June 19, Washi...Sharpe Smith
 
EMPIRE STATE BUILDING CASE STUDY SUMMARY
EMPIRE STATE BUILDING CASE STUDY SUMMARYEMPIRE STATE BUILDING CASE STUDY SUMMARY
EMPIRE STATE BUILDING CASE STUDY SUMMARYSharpe Smith
 

Viewers also liked (9)

Samuel Hall Fastback Networks
Samuel Hall Fastback NetworksSamuel Hall Fastback Networks
Samuel Hall Fastback Networks
 
Mike Jones Advanced RF Technologies
Mike Jones Advanced RF TechnologiesMike Jones Advanced RF Technologies
Mike Jones Advanced RF Technologies
 
Clayton funk Media Venture Partners
Clayton funk Media Venture PartnersClayton funk Media Venture Partners
Clayton funk Media Venture Partners
 
Collectors3
Collectors3Collectors3
Collectors3
 
John Stevens Infinigy Presentation AGL Conference Denver Aug. 5, 2015
John Stevens Infinigy Presentation AGL Conference Denver Aug. 5, 2015John Stevens Infinigy Presentation AGL Conference Denver Aug. 5, 2015
John Stevens Infinigy Presentation AGL Conference Denver Aug. 5, 2015
 
Public safety
Public safetyPublic safety
Public safety
 
HetNet Forum Wireless Trends
HetNet Forum Wireless TrendsHetNet Forum Wireless Trends
HetNet Forum Wireless Trends
 
Presentation by Edward Parkinson, FirstNet, at AGL Conference, June 19, Washi...
Presentation by Edward Parkinson, FirstNet, at AGL Conference, June 19, Washi...Presentation by Edward Parkinson, FirstNet, at AGL Conference, June 19, Washi...
Presentation by Edward Parkinson, FirstNet, at AGL Conference, June 19, Washi...
 
EMPIRE STATE BUILDING CASE STUDY SUMMARY
EMPIRE STATE BUILDING CASE STUDY SUMMARYEMPIRE STATE BUILDING CASE STUDY SUMMARY
EMPIRE STATE BUILDING CASE STUDY SUMMARY
 

Similar to Security 2 Q 07[1]

Cyber security and cyber law
Cyber security and cyber lawCyber security and cyber law
Cyber security and cyber lawDivyank Jindal
 
Chapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptxChapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptx1SI19IS064TEJASS
 
Reinventing Cybersecurity in the Internet of Things
Reinventing Cybersecurity in the Internet of ThingsReinventing Cybersecurity in the Internet of Things
Reinventing Cybersecurity in the Internet of ThingsNirmal Misra
 
151022_oml_reinventing_cybersecurity_IoT_v1p
151022_oml_reinventing_cybersecurity_IoT_v1p151022_oml_reinventing_cybersecurity_IoT_v1p
151022_oml_reinventing_cybersecurity_IoT_v1pStéphane Roule
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersRishabh Gupta
 
Good Security Whitepaper
Good Security WhitepaperGood Security Whitepaper
Good Security Whitepapergenasun
 
CS155 Computer And Network Security.docx
CS155 Computer And Network Security.docxCS155 Computer And Network Security.docx
CS155 Computer And Network Security.docxwrite31
 
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...IJCSIS Research Publications
 
4192 sslvpn sb_0412
4192 sslvpn sb_04124192 sslvpn sb_0412
4192 sslvpn sb_0412Hai Nguyen
 
Information Security
Information SecurityInformation Security
Information Securitysteffiann88
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxcuddietheresa
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxsalmonpybus
 
White Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic WorkforceWhite Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic WorkforceCourtland Smith
 
Cyber Security Challenges on Latest Technologies
Cyber Security Challenges on Latest TechnologiesCyber Security Challenges on Latest Technologies
Cyber Security Challenges on Latest TechnologiesIRJET Journal
 
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...Entrust Datacard
 
Wireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseWireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseAirTight Networks
 

Similar to Security 2 Q 07[1] (20)

Cyber security and cyber law
Cyber security and cyber lawCyber security and cyber law
Cyber security and cyber law
 
Chapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptxChapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptx
 
Enterprise Edge Security with Cisco ISE
Enterprise Edge Security with Cisco ISEEnterprise Edge Security with Cisco ISE
Enterprise Edge Security with Cisco ISE
 
Reinventing Cybersecurity in the Internet of Things
Reinventing Cybersecurity in the Internet of ThingsReinventing Cybersecurity in the Internet of Things
Reinventing Cybersecurity in the Internet of Things
 
151022_oml_reinventing_cybersecurity_IoT_v1p
151022_oml_reinventing_cybersecurity_IoT_v1p151022_oml_reinventing_cybersecurity_IoT_v1p
151022_oml_reinventing_cybersecurity_IoT_v1p
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommuters
 
Good Security Whitepaper
Good Security WhitepaperGood Security Whitepaper
Good Security Whitepaper
 
Networking Expertise
Networking ExpertiseNetworking Expertise
Networking Expertise
 
Unit-3.pptx
Unit-3.pptxUnit-3.pptx
Unit-3.pptx
 
CS155 Computer And Network Security.docx
CS155 Computer And Network Security.docxCS155 Computer And Network Security.docx
CS155 Computer And Network Security.docx
 
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
The Sharp Increase in Unmasking of Obtrusion into Internet of Things (IoT) IP...
 
4192 sslvpn sb_0412
4192 sslvpn sb_04124192 sslvpn sb_0412
4192 sslvpn sb_0412
 
Information Security
Information SecurityInformation Security
Information Security
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docx
 
Discuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docxDiscuss how a successful organization should have the followin.docx
Discuss how a successful organization should have the followin.docx
 
White Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic WorkforceWhite Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic Workforce
 
Protecting Americas Next Generation Networks
Protecting Americas Next Generation NetworksProtecting Americas Next Generation Networks
Protecting Americas Next Generation Networks
 
Cyber Security Challenges on Latest Technologies
Cyber Security Challenges on Latest TechnologiesCyber Security Challenges on Latest Technologies
Cyber Security Challenges on Latest Technologies
 
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
 
Wireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseWireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your Enterprise
 

More from Sharpe Smith

Field Service Automation Main[1]
Field Service Automation Main[1]Field Service Automation Main[1]
Field Service Automation Main[1]Sharpe Smith
 
American University
American UniversityAmerican University
American UniversitySharpe Smith
 

More from Sharpe Smith (7)

Nostalgia 2
Nostalgia 2Nostalgia 2
Nostalgia 2
 
Field Service Automation Main[1]
Field Service Automation Main[1]Field Service Automation Main[1]
Field Service Automation Main[1]
 
Blue Man Group
Blue Man GroupBlue Man Group
Blue Man Group
 
Thompson
ThompsonThompson
Thompson
 
Carnegie
CarnegieCarnegie
Carnegie
 
American University
American UniversityAmerican University
American University
 
Utility
UtilityUtility
Utility
 

Recently uploaded

Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 

Recently uploaded (20)

Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 

Security 2 Q 07[1]

  • 1. Rogue Access Not Only CIO Security Headache BY J. SHARPE SMITH Security threats in the wireless space are so plentiful In fact, according to research done by J. Gold it is no wonder that some companies throw up their Associates, fewer than 10 percent of companies deploy hands and cut back on wireless access to their mobile security software suites. In its White Paper, computers. When we think of security risks, we usually “10 Steps to Mobile Security,” J. Gold suggests several think of someone stealing credit card information, actions that are key to mobile security. These 10 Steps but there is so much more to be wary of in today’s to Mobile Security include: enterprise in terms of threats, including rogue wireless access to company networks, denial of service • End users attacks on web sites and the introduction of crippling – Set policies, document, and get user buy-in viruses into the wireless space. – Enforce policies on mobile devices for all users • Devices But it doesn’t have to be that way. Companies today are – Make sure password protection is always set to finding plenty of ways of strengthening their security “ON” with a growing array of defenses to protect both – Include updated personal anti-virus (AV) and customer data and company data. For today’s telecom firewall on devices director or IT manager, if sensitive information is being – Encrypt sensitive files on all devices transmitted or can be accessed over the air, security is – Enable device lockdown and kill just as important as connectivity. • Infrastructure – Determine what file types can be Many corporate executives, however, are not aware downloaded/synced by which users, when, how of the risk and consequences of unsecured wireless, and to which devices according Kevin Beaver, an independent information – Log device usage for compliance where security advisor with Principle Logic, LLC. Working with appropriate today’s enterprises, Beaver sees many people – Enforce connection security/virtual private overlooking the task of testing for wireless security network (VPN) standards vulnerabilities during standard security assessments • Organization and audits. – Review and update policies regularly, as things change often VOL. 3, ISSUE 2, 2007 EWM 18
  • 2. Over the Air Encryption Too VPN must be deployed that includes data encryption, authentication and data encapsulation.” Often Overlooked Authentication of the mobile user can be achieved Beaver sees several quot;security frontsquot; or points of through the use of a user/password, biometrics, such vulnerability. The first one is people who carelessly use as a fingerprint, and the use of a token key or wireless networks at work, at home and when smartcard, which is inserted into the computer’s USB traveling. He finds many major corporations with port. It creates an additional layer to confirm the user. laptops, PDAs and other mobile devices that have no security protection such as device-specific firewalls, power-on passwords or VPNs. Even 802.11 communications with Wired Equivalent Privacy (WEP) or the Wi-Fi Alliance specification, Wi-Fi Protected Access (WPA) are vulnerable, according to Beaver. “These encryption keys can be hacked using a number of free tools such as Aircrack,” he says, “which can lead to the capture of confidential information, denial of service attacks, and more.” Mobile VPNs One security measure is to make a wireless laptop’s transmissions more secure through the use of a virtual Authentication of the mobile user can be achieved private network. While most VPNs are created for the through the use of biometrics, such as a fingerprint. wired networks, it is critical for a wireless user to use a mobile VPN, which is designed particularly for wireless networks. A mobile VPN allows for data encryption, “Authentication tokens are an essential component in encapsulation and authentication for each individual PC and data security solutions for they provide strong mobile user. user authentication, ensuring that individuals accessing data are who they claim to be,” according to a White “There is increased Paper by Aladdin, makers of Etoken authentication and market demand for password management. “Furthermore, certain kinds of security in mobile VPNs. authentication tokens – such as USB smart-card-based Users are expressing the tokens – can provide significant extended support for need for security in their strong PC and data security by offering secure data transmissions,” generation and storage of encryption keys.” says David Torres, director of business Not only must the user be authenticated, but the development, Radio IP wireless laptop must be guaranteed that it too is the Software, Inc., which correct mobile device for accessing the corporate offers mobile VPN as a network. To do this, the corporate server gateway has feature of its Radio IP David Torres, a certificate and the laptop receives a certificate. MTG software suite. Radio IP Software Together they can mutually authenticate. “Certificate authentication further validates your devices and “Government agencies, utilities and others are protects your system from intrusions,” says Torres. becoming more careful about transmitting sensitive information over the air.” The problem, according to User authentication attempts can only be made if Radio Torres, is that most VPN solutions are created for the IP MTG has validated the device and opened an wired networks. To protect a wireless laptop, a Mobile encrypted tunnel. This process protects the username, VOL. 3, ISSUE 2, 2007 EWM 19
  • 3. domain and password information from being intercepted. The data is then compressed to protect it from being intercepted and encrypted. Today’s encryption has been enhanced, making it increasingly difficult to break. There are several levels of encryption possible, from the 56 bit Data Encryption Standard (DES), which many feel is too easy to hack, to the Advanced Encryption Standard, which comes in 128, 192, and 256-bit key sizes. “To ensure your data is transmitted securely with high-level encryption,” says Torres, “your data should be encrypted with either AES (256-bit) or Triple DES (168-bit) methodologies, using FIPS [Federal Information Processing Standard] 140-2 certified technology.” The username, domain and password information in over the air transmissions are targets for interception. Mobile VPN Helps Northeastern Utility Secure Communications acceptance of wireless LAN technology comes ample possibility for leakage of corporate information or the Security plays a critical role in the wireless system of introduction of malware, malicious software designed EnergyEast, a diversified energy provider that serves 3 to damage a computer system. As a result, analysts million people in the Northeast, which deployed Radio suggest that more than half of the security breaches IP’s Mobile VPN early in 2006. come from within the walls of company headquarters through rogue wireless access to the network. Highly encrypted, secure transmissions to and from mobile devices in the field through the use of a Mobile “Guarding against denial of service attacks plays a big VPN are essential to protect the customer information, role in our security plan,” says EnergyEast’s Nistane. employee confidential information and details “It’s our most stringent criteria in combating wireless concerning the utility’s overall electrical infrastructure, security issues.” The utility is using Radio IP’s Access according to Shrikant Nistane, project lead for mobile Defender, which scrutinizes and quarantines all data at Energy East. In additional to the Mobile VPN, he incoming communication attempts, allowing the LAN to adds additional passwords to ensure user give access to the mobiles rather than the mobiles authentication. initiating the access to the LAN. “When there are mobile devices out in the field, there Access Defender is an example of central management is always the possibility that some one will gain access software that protects the host network from outside to the device. We are here to minimize and contain the attacks such as the DOS attacks and buffer overrun risk,” says Nistane. “It is a constant battle. At the same attacks. Rogue access must be detected and shut down time, we have to do everything that is absolutely before sensitive information is lost or an attack on the necessary to serve the customer.” network ensues. Vulnerable access points can occur for many reasons: Rogue Access to IT Systems Can a wireless system set up by an employee, a mis- Cause Security Breeches configured access point or one that is running default configurations. Additionally, a breech can be as More than just over-the-air security was needed at malicious as a hacker setting up an access point or it EnergyEast. The utility also required a way to guard can be as innocent as a neighboring WLAN accessing against denial of service (DOS) attacks in the form of the strongest signal through a poorly configured access rogue access to its data system. With the increasing point. And there’s more. A hacker can also gain access VOL. 3, ISSUE 2, 2007 EWM 20
  • 4. using hybrid network bridging through WiFi, AirMagnet. Mobile Manager detects rogue APs by Bluetooth, Modems or infrared links to a PC while it is comparing data from the APs and wireless laptops connected to the wired corporate LAN. reporting on the wireless side of a network with what Mobile Manager detects on the wired side. The key to network management is visibility of port access, knowing who is connecting what devices to Safend’s hybrid network bridging prevention feature is every single endpoint in the network –– from USB to designed to block access to WiFi, Bluetooth, modems WiFi and Bluetooth –– enterprise-wide, according to or infrared links while a laptop is connected to the Hay Hazama, VP of research and development for wired corporate LAN. “Concerning Wifi, most Safend, which produces endpoint security solutions. manufacturers have concentrated on the infrastructure, providing more secure protocols, higher “While most organizations adequately protect encryption, authentication and remaining compatible Internet connections via TCP/IP ports with firewalls, with 802.11,” says Safend’s Hazama. “But the endpoints are often overlooked,” says Hazama. problem is that the laptop can log on to a rogue “Given that there are 26,000 different USB products access point and believe it is on the correct network available today and WiFi use is on the rise, the and expose its data to unauthorized personnel.” problem of securing company laptops and PCs from data theft, data leakage and malicious attacks Encrypting the Hard Drive continues to challenge IT administrators.” Covers Another Vulnerability “The answer for IT managers deploying Wireless LANs is to effectively detect and block wireless access But what about the data after it is stored on the points and client stations automatically and in real- computer? The security threats caused by stolen laptop time,” according to a White Paper by AdventNet, computers have been well documented. University of provider of network management solutions for California, Berkeley had a laptop stolen that contained enterprises. personal information on more than 98,000 of the school's graduate students. In the last year, wireless According to AdventNet, rogue activity can be laptops containing hundreds of thousands of personnel detected by regularly doing the rounds of the records have been stolen from U.S. Department of facility with a mobile device using software such as Veterans Affairs staff, ING's U.S. Financial Services AirSnort or NetStumber that sniffs the air for wireless hoffice in Washington, D.C., Deloitte Accountants, activity. These solutions are well known for being able Electronic Data Systems and Equifax, the credit-bureau to detect unrecognized access points, but it is company. Mercantile Potomac Bank, General Electric, irregular in its approach to security. Full time RF Aetna, Hewlett-Packard and Fidelity Investments. sensors such as products by AirMagnet and AirDefense can be installed to continuously monitor Analyst Kevin Beaver all Wi-Fi traffic to detect, disable and document notes, “Hard drive rogue access. encryption is an especially big issue. In what is known as a background probe, Wavelink When a hard drive is not Rogue AP Detection and Identification Software can encrypted, practically enable the mobile devices in the company to scan the anyone can use airwaves for rogues during idle time. Additionally, legitimate security tools the AP detection can actually be integrated into the such as Ophcrack's access points, such as the ORiNOCO made by LiveCD or Elcomsoft Proxim Corp. System Recovery to maliciously break into Wavelink Mobile Manager and Airwave Management a system within minutes Platform (AMP) both depend on wired side inputs for of obtaining it by Kevin Beaver, AP detection and both support sensors from stealing it or finding it.” Principle Logic, LLC VOL. 3, ISSUE 2, 2007 EWM 21
  • 5. Securing data on laptops is a new area of focus for organization can utilize a Radio IP Mobile VPN, and use today’s corporations, brought about by these well- iAnywhere's Afaria as another layer of security,” says publicized security problems and new regulations that Radio IP’s Torres. have also pointed a spotlight on security on the laptop, according to Shari Freeman, director of product Disaster Recovery, Business management for Sybase iAnywhere. Continuity and Data Security “For a long time, companies have been focused on over the air security, how wireless laptops get authenticated One way to reduce the risk involved in losing a wireless and how they connect with the corporate network with laptop is ensure that no company files reside on the VPN technology,” Freeman says. “The increase in hard drive; therefore, no possibility exists of have a security breeches has raised companies’ awareness of laptop full of critical information fall into the wrong the security issues surrounding laptops.” hands. Technology now exists that allows an employee to access the network remotely but is not allowed to In one example, in response to the theft of an download information. For example, Citrus and unencrypted laptop computer containing the personal Chemical Bank, a community bank in Central Florida information of 26.5 million people, the U.S. Department with $850 million in assets, was looking for a device to of Veterans Affairs moved to encrypt all computers support business continuity in the event of a disaster across the entire VA system, more than 300,000 such as a hurricane but found a new way to keep its laptops, desktops, smart phones and PDAs. Using the corporate data safe. GuardianEdge Data Protection Platform and Trust Digital Security's Mobile Device Solution, the V.A. targeted “We wanted a secure method for our employees to be laptops first for data security programs and then able to work from home if they were unable to come to followed with desktop PCs and portable media like work due to some disaster,” says Render Swygert, flash drives and compact discs. executive vice president of information systems and technology, Citrus and Chemical Bank. “We have a staff Another option to protect the laptop hard drive is that supports the bank 24/7/365. We are always on call Sybase Ianywhere’s Afaria product, which is designed to wherever we are.” manage applications and data and provide security on wireless devices. To protect the data in case the computer is stolen, The Afaria 5.5 Security Manager component uses an AES cryptographic module (currently undergoing FIPS 140-2 certification) to encrypt the hard drive and a pre-boot authentication password. “We see an increasing amount of interest in managing and securing mobile devices from companies with a lot of field workers, such as utilities and telecom providers, and companies with large sales forces, such as pharmaceutical companies and financial services,” Freeman says. No single solution will protect against all of the threats. As a matter of course, Sybase iAnywhere has partnered with Radio IP to combine hard drive encryption and The MobiKEY from Route1 is a cryptographic USB token mobile VPN, which are compatible and complementary device that uses two-factor authentication to enable technologies. “We frequently see installations where an secure remote access. (Photo courtesy Route1) VOL. 3, ISSUE 2, 2007 EWM 22
  • 6. What the financial institution found To do this, Enterprises should take managed. Every data transmission was the Route1 MobiKEY, a concrete steps to protect data, using should be monitored and verified to cryptographic USB token device that a variety of techniques in areas of ensure against a security breach. uses two-factor authentication to exposure. Starting with securing Employees must be educated on enable secure remote access. The every mobile device, all methods of security procedures and policies to device operates on a access to the corporate network protect corporate data. communications platform called need to be evaluated, approved and MobiNET, which authenticates the user, certifies the device and encrypts the transmission, while ensuring no residual data files are left behind on the remote computer. Swygart purchased the MobiKEYS and the administration portal to manage the devices, reporting on who is accessing the computer network and when the connections are made. IT staff, commercial loan officers, executive management team, risk management team and finance all received the devices. “I like the fact that once the MobiKEY is unplugged from the computer no residual files are left on the unit,” says Swygert. “It is an excellent solution to the problem of people getting their computers stolen.” The laptop computer is used as a slave to the host computer. Since no data resides on the unit and the user manipulates software on the host computer, Swygert has decided that in the future employees will only need a thin client, or dummy laptop, running Windows® OS and with internet connectivity. Wireless security is a must for today’s Fortune 500 company. Personal information of employees, as well as the social security numbers, credit card numbers, and other personal information of its customers, must be safe and secure. VOL. 3, ISSUE 2, 2007 EWM 23