DSS - ITSEC Conference - Protected-Networks - An Open Door May Tempt a Saint - Riga Nov2011
•
0 likes•358 views
The presentation from "DSS" ITSEC conference on 24th of November, Riga, Latvia.
Recommended
More Related Content
What's hot
What's hot (20)
Similar to DSS - ITSEC Conference - Protected-Networks - An Open Door May Tempt a Saint - Riga Nov2011
Similar to DSS - ITSEC Conference - Protected-Networks - An Open Door May Tempt a Saint - Riga Nov2011 (20)
More from Andris Soroka
More from Andris Soroka (20)
Recently uploaded
Recently uploaded (20)
DSS - ITSEC Conference - Protected-Networks - An Open Door May Tempt a Saint - Riga Nov2011
- 1. Access Governance in Windows Environments AN OPEN DOOR MAY TEMPT A SAINT 28.11.2011
- 2. 65% 80% of employees have of data loss originates unrestricted access to from within the sensitive data company 28.11.2011
- 3. AND LEAD US NOT INTO TEMPTATION Opportunity makes a thief • Crime rates are significantly influenced by opportunity • Most criminals „drift“ into misconduct, are not deeply motivated • The avoidance of risk of detection and effort determine the target Don‘t neglect an essential process • Information regarding Active Directory rights structures is extremely difficult to obtain. • MS board tools do not provide efficient framework to manage your access rights • Manual process is error prone and very cumbersome, making it difficult to justify effort Dynamic scenarios reqire constant oversight • Fundamental aspect of data security • Leaving this process unmanaged REAL SECURITY THREAT! 28.11.2011
- 4. SCENARIOS YOU MAY KNOW WELL No control of access rights at the data owner level • Who has rights to access my files, who granted these and why? • Should the branch department administer rights!? Know-How vs. knowledge • Responsibility in Business or IT? Abundance of rights vs. Need-To-Know Requirements from auditors, security or branch departments • Creation of a list of people with access to specific folders or resources • Reporting: Where does an employee have access? • Outsourcing, who has (lost) the overview? Where does „EVERYONE“ have access? Project / consulting / ”super user” effect • Users accumulate rights at each stage of their employment cycle! • Consultants and project worker receive access rights, when do they get withdrawn? • What happens when people change roles? Rights proliferation on file servers & AD 28.11.2011
- 5. WHY ACCESS RIGHTS MANAGEMENT? Transparency Efficiency Responsibility Rights proliferation on file servers & AD Where does „EVERYONE“ have access? Abundance of rights vs. Need-To-Know Minimize risks Manage rights DataOwner-Principle Protect essential company data efficiently Join technical know-how and from internal fraud Automated and efficient special knowledge in one place processes in IT Security Compliance enabled Foundation for IdM Create reports Building block for certified Understand the existing For auditors, data protection security (ISO 27001, SOX, situation to enable change officers and data owners ISO, PCI-DSS, etc.) 28.11.2011
- 6. PROPER AD MANAGEMENT IS ESSENTIAL Access to file servers & Policies/Templates SharePoint AD Groups Access to Resources (printers/copiers) Access to Applications 28.11.2011
- 8. WHAT IS 8MAN? A fully integrated software solution for the management of Active Directory, file server and SharePoint access rights 8MAN delivers INFORMATION on the currently existing and historical access rights at a glance 8MAN provides written DOCUMENTATION of these rights to interested parties in an easy to understand format 8MAN enables ADMINISTRATION of these rights to resolve unsecure situations and administrative flaws Administration – Information – Documentation A.I.D.-MAN -> 8MAN 28.11.2011
- 9. TRANSPARENCY WITH ONE CLICK 28.11.2011
- 10. 8MAN = AID-MAIN ADMINISTRATION – INFORMATION - DOCUMENTATION 28.11.2011
- 11. Steven Bennett protected-networks.com 1 Stanhope Gate, Camberley, Surrey, GU15 3DW s.bennett@protected-networks.com www.protected-networks.com access rights under control 28.11.2011