Presenters:
Rick Holland, Principal Analyst , Forrester Research
Brian Kelly, Principal PMM, Duo Security
Bob Hillhouse, Associate CIO and CISO , University of Tennessee, Knoxville
Gen AI in Business - Global Trends Report 2024.pdf
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication
1. How To Stop Targeted Attacks And Avoid
“Expense In Depth” With Strong Authentication
Presented by Duo Security
with guests Forrester Research and University of Tennessee, Knoxville
September 25, 2014
#duowebinar
2. Agenda
Rick Holland, Forrester Research
How To Stop Targeted Attacks and
Avoid “Expense In Depth” with Strong Authentication
Brian Kelly, Duo Security
How Duo Helps You Avoid “Expense In Depth”
Bob Hillhouse, University of Tennessee, Knoxville
A Case for Multi-factor Authentication
#duowebinar
3. How To Stop Targeted Attacks And
Avoid “Expense In Depth”
With Strong Authentication
Rick Holland, Principal Analyst
Forrester Research
#duowebinar
31. Thank you
Rick Holland
rholland@forrester.com
Twitter: @rickhholland
32. How Duo Helps You Avoid
“Expense In Depth”
Brian Kelly, Principal Product Marketing Manager
Duo Security
#duowebinar
33. Adoption of cloud, mobile, and BYOD is
accelerating dramatically
# #
&
☁#☁#
IT 1.0: Mainframe IT 2.0: Client/Server IT 3.0: Cloud/Mobile
34.
# #
&
&
&
☁#☁#
1995 2000 2005 2010
&
Data Breaches
Along this same timeline we’ve also seen
dramatic growth in user-targeted attacks
36. What’s new in IT 3.0?
‣ Users
‣ Access from anywhere
‣ “Zero Trust” environment
‣ Devices
‣ Mobile proliferation
‣ BYOD acceptance
‣ Services
‣ Diminishing perimeter
‣ Platform and Software -as-a-Service
&
☁#☁#
37. What’s new in Security 3.0?
‣ Users
‣ Access from anywhere
‣ “Zero Trust” environment
‣ Devices
‣ Mobile proliferation
‣ BYOD acceptance
‣ Services
‣ Diminishing perimeter
‣ Platform and Software -as-a-Service
Better OS and app security
…but, limited endpoint control
Better service security
…but, limited network visibility
38. What’s new in Security 3.0?
‣ Users
‣ Access from anywhere
‣ “Zero Trust” environment
‣ Devices
‣ Mobile proliferation
‣ BYOD acceptance
‣ Services
‣ Diminishing perimeter
‣ Platform and Software -as-a-Service
User-targeted attacks
Credentials are easily stolen
• Phished
• Guessed
• Keylogged
• Sniffed
• Cracked
• Reused
• Bypassed
39. 100% OF BREACHES
involve stolen credentials
— Mandiant
Source: mandiant.com/threat-landscape and M-Trends annual reports
40. advanced adversary will compromise your environment and accomplish their goal.
The Targeted Attack Figure 2 The Hierarchy Targeted-Attack Hierarchy Of Of Needs
Needs
Detection
and
response
Prevention
An integrated portfolio that
enables orchestration
A focus on the fundamentals
A dedication to recruiting and retaining staff
An actual security strategy
107121 Source: Forrester Research,
41. advanced adversary will compromise your environment and accomplish their goal.
The Targeted Attack Figure 2 The Hierarchy Targeted-Attack Hierarchy Of Of Needs
Needs
Detection
and
response
Prevention
An integrated portfolio that
enables orchestration
A focus on the fundamentals
A dedication to recruiting and retaining staff
An actual security strategy
107121 Source: Forrester Research, Back to Basics
‣ Patch, harden, update (everything)
‣ Segment data, services, networks
‣ Review access controls (often)
‣ Inspect endpoints, enforce policy
‣ Require strong authentication
45. A Case For Multi-Factor
Authentication
Bob Hillhouse, Associate CIO and CISO
University of Tennessee, Knoxville
#duowebinar
46. Cast
▪ The University of Tennessee, Knoxville
▪ 57 merchants across campus
▪ 130 Users; 150 Devices
▪ The UT Office of the Treasurer
▪ The Office of Information Technology (OIT)
47. Act I - Prelude
▪ PCI-DSS Requirement 8.3
– Incorporate two-factor authentication for remote access to the network
by employees, administrators, and third parties…
▪ 150 devices in the PCI-Subnet require Remote
Desktop Services (RDP)
48. Act II – The Timeline
▪ 8:00 AM
▪ 8:15 AM
▪ 8:30 AM
▪ 9:00 AM
49. Act III – Prologue
▪ 2013 – The end of strong password-only
security.
– http://duo.sc/utk-vid
50. Epilogue
▪ Compliance Goal was met
▪ Next: Two-Factor Authentication for all central IT
staff using the VPN
– 200 additional users
▪ Next: Two-Factor Authentication for all VPN Users
– Usage Patterns
– Establish scope (Campus-wide? Privileged Users Only?)
51. Questions + Answers #duowebinar
Rick Holland, Forrester Research
rholland@forrester.com @rickhholland
Brian Kelly, Duo Security
bkelly@duosecurity.com @resetbrian
Bob Hillhouse, University of Tennessee, Knoxville
bob@utk.edu @ut_oit