Your SlideShare is downloading. ×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security AND Decrease Costs

132

Published on

To learn more visit: http://www.unisys.com/stealth …

To learn more visit: http://www.unisys.com/stealth

For years, security involved layering perimeter defenses and physical technology infrastructure that drove up operations and IT costs. But advanced, innovative technologies are driving public sector leaders to step outside the conventional Band-Aid approach. A new breed of public sector security opportunities around software-defined networking has emerged – one that strengthens security and cuts costs. The key – hide all endpoints completely from attackers so there’s no vector to target. There are five ways public sector leaders can increase security and decrease costs:

Cloak your endpoints and go undetectable;
Segment your data center by using communities of interest;
Isolate disparate networks;
Move mission-critical workloads to a more secure cloud;
Convert existing computing devices into secure communications tools.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
132
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
1
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security AND Decrease Costs By Unisys Corporation Public sector organizations are faced with a significant challenge managing risk in an environment replete with sophisticated cyber threats, cost constraints, and compliance demands. Cost reduction remains top of mind, but there is little tolerance for any compromise involving IT security. Meanwhile, with the adoption of mobile devices, and the increasing velocity of data breach attempts, the challenge to reduce costs while strengthening security can seem daunting. It’s only daunting because public sector leaders have come to equate increased security with increased cost. For years, security involved layering perimeter defenses and physical technology infrastructure that drove up operations and IT costs. But advanced, innovative technologies are driving public sector leaders to step outside the conventional Band-Aid approach. A new breed of public sector security opportunities around software-defined networking has emerged – one that strengthens security and cuts costs. The key – hide all endpoints completely from attackers so there’s no vector to target. 5 Ways to Increase Security and Reduce Costs 1. Cloak Your Endpoints and Go Undetectable Hackers attempt to locate devices on a network by broadcasting network messages, where even a negative reply can tell them what they want to know: the IP addresses of systems they can further probe for vulnerabilities. A cloaking strategy is based on the idea that by hiding all endpoints completely from attackers, there’s no vector to target. In order to accomplish this, a combination of cryptography, VPN technologies and segmentation tactics are used.
  • 2. 2. Segment Your Data Center by Using Communities of Interest 4. Move Mission-Critical Workloads to a More Secure Cloud Over the past several years, public sector organizations have reduced infrastructure costs through consolidation and virtualization strategies. Likewise, data center segmentation offers an opportunity to reduce security costs. This new approach allows a simplified, flatter network design, but provides highly segmented access and visibility permissions. Mission-critical workloads require both high availability and high security, and if either one is in question, a new approach might be required. With today’s solutions, private clouds can deliver the same availability attributes as a public cloud except it does so from within your data center, providing “just in time” resources that can be shared between COIs but remain secure and isolated from each other. IT resources are converted into a flexible, metered, self-provisioned service delivery. By cloaking public cloud provider servers, public sector organizations can get more leverage from the cloud while maintaining complete control of their workloads. Virtual machines should be cloaked from other tenants in the public cloud and from hackers attempting to infiltrate the cloud. This enables agencies to confidently deploy mission-critical workloads in the public cloud and take advantage of the associated cost savings. Best practices in data segmentation involve establishing communities of interest (COIs), in which the users and devices within each community have finite and predetermined visibility and access to different servers and applications. The COI capability, combined with executing very low in the protocol stack, darkens endpoints on the network, as if they were undetectable. Agencies can confidently share mission-critical information with citizens and stakeholders who need to know by creating secure communities of interest, allowing them to apply varying levels of security to specific users. COI access is defined by device or user identity rather than physical topology. Groups can therefore share the same physical or virtual network without fear of another group accessing their data or workstations and servers. 3. Isolate Disparate Networks Configuring and maintaining separate physical networks is prohibitively expensive and difficult to support, and relying upon telecommunications provider networks cannot assure security. Public sector organizations must protect local assets within designated regions while controlling access to assets from users in geographically dispersed regions. To do so, agencies need an ability to create a communications tunnel cloaked from those who are not part of a COI, and regional isolation creates the effect of cryptographically isolating each COI member. 2 5. Convert Existing Computing Devices Into Secure Communications Tools Comprehensive security features can protect data and information across any network that employees and partners choose - LAN, WAN, wireless, 3G, 4G and satellite networks, public or private. Whether for tactical defense and intelligence purposes, first responder services, or to empower any small team with specific and more privileged access, public sector organizations need a way to quickly and securely establish secure network connectivity which can assure continuity of operations. Similarly, to respond to emergencies, public sector organizations often need to be able to establish ad-hoc networks quickly, efficiently and securely. They can adopt an approach akin to COI in a one that leverages existing COI information to create a secure tunnel. A customized, dedicated and portable device can then enable a remote user to boot up and establish a “clean and secure session” linking back to the public sector organization’s own network.
  • 3. A Path Forward About Unisys Unsurpassed, Cost-effective Security - Without Network and Application Changes For more than 130 years, Unisys has led technology innovations that transform the way governments deliver on their missions. Through our robust portfolio of security, data center, end user, and application modernization services, we deliver a safer and more secure connected world. Our approach integrates resource and infrastructure security, creating a highly effective and efficient security environment and freeing our government client to focus on best serving citizens. Unisys security solutions are trusted worldwide, in 100+ airports, 1,500 government agencies, 100+ banks, and countless other organizations that have zero tolerance for breach. The Unisys StealthTM Solution Suite offers a unique opportunity for public sector executives to leverage software-defined networks for cost control and better security. By rejecting the past practice of allowing perimeter solution sprawl and moving on to the best practices described here, public sector executives can offer both new services and new layers of security, all while cutting costs. The Unisys Stealth Solution Suite provides a high level of security and assurance AES-245 encryption, FIPS 140-2 certified cryptographic engine, EAL-4+, DoD, NSA Common Criteria certifications. The benefits of stronger security are met with equally attractive cost-and time-saving benefits: • Deployable on top of existing infrastructure and tools, integration does not require any network or application changes in tiered or flat networks. • Integrates with identity management systems like Microsoft Active Directory, speeding the creation of COIs and the ongoing maintenance of their privileges. • Helps eliminate the need for separate physical networks for each COI, leased lines, equipment and associated point solution licenses. 3
  • 4. For more information visit www.unisys.com © 2014 Unisys Corporation. All rights reserved. Unisys, the Unisys logo, ClearPath, Unisys Stealth and Forward! by Unisys and the Forward! by Unisys logo are registered trademarks or trademarks of Unisys Corporation. All other brands and products referenced herein are acknowledged to be trademarks or registered trademarks of their respective holders. Printed in the United States of America 01/14 14-0048

×