Streamlining End Point Security Rothke

528 views

Published on

Streamlining Endpoint Security – The devil is in the details. Ben Rothke, CISSP

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
528
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
12
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Streamlining End Point Security Rothke

  1. 1. Streamlining Endpoint Security – The devil is in the details Ben Rothke, CISSP QSA Security Consultant BT INS
  2. 2. About me <ul><li>Ben Rothke, CISSP CISM QSA </li></ul><ul><li>Security Consultant – BT INS </li></ul><ul><li>Have worked in the information technology sector since 1988 and information security since 1994 </li></ul><ul><li>Frequent writer and speaker </li></ul><ul><li>Author of Computer Security: 20 Things Every Employee Should Know (McGraw-Hill 2006) </li></ul>
  3. 3. Endpoint security – a Definition <ul><li>While there is no single universal definition for endpoint security, a general definition is: </li></ul><ul><ul><li>Process of securing a host through a combination of policy management, configuration management, and desktop security software, such as anti-virus and anti-spyware. </li></ul></ul><ul><ul><li>Sum total of the measures taken to implement security concerning endpoints. </li></ul></ul><ul><ul><li>The use of a network access control system used to restrict network access only to systems that demonstrate adherence to a pre-defined corporate security policy </li></ul></ul>
  4. 4. Endpoint security <ul><li>The beauty of endpoint security hardware and software is that it seamlessly integrates into your environment </li></ul><ul><li>Plug and play endpoint security services instantly protect against all vulnerabilities </li></ul><ul><li>Users can instantly work with greater productivity </li></ul><ul><li>You can easily eliminates intrusions onto the network via worms, spyware, viruses, malware, phishing, etc. </li></ul><ul><li>Once the endpoint agent is installed, users work with greater efficiency. </li></ul><ul><li>But……the bullet items above do not reflect reality </li></ul>
  5. 5. Endpoint realities <ul><li>Endpoint security is like putting heavy duty commercial locks on all your doors and windows. </li></ul><ul><li>The locks will significantly increase security, but also will likely decrease the user experience </li></ul><ul><li>You need to know the specific lock needed (deadbolt, auxiliary, cylindrical, mortise, dead latch, etc.) and the exact styles (single or double cylinder, etc.) and requirements (door prep, backset, door thickness, trim material, etc.), and many other details to ensure effective endpoint security. </li></ul>
  6. 6. Endpoint security - not a silver bullet <ul><li>While endpoint security is a hot topic with myriad hardware and software solutions, the reality is that: </li></ul><ul><ul><li>There are no standards </li></ul></ul><ul><ul><li>Many current solutions are proprietary </li></ul></ul><ul><ul><li>Still an immature solution </li></ul></ul><ul><ul><li>Not a lot of experts in the field </li></ul></ul><ul><ul><li>Solutions can be costly and complex to implement </li></ul></ul><ul><ul><li>Not plug-and-play (advertisements to the contrary) </li></ul></ul><ul><ul><li>Not all solutions address post-admission control </li></ul></ul><ul><ul><li>Endpoint security market is still evolving, and its noble objectives are still progressing. Many of which have yet to be achieved. </li></ul></ul>
  7. 7. Strategic endpoint security <ul><li>Effective endpoint security requires a strategic approach that understands the need to optimize connectivity while also ensuring protection for all critical resources </li></ul><ul><ul><li>This is not a trivial task </li></ul></ul><ul><li>Endpoint security is not plug and play </li></ul><ul><ul><li>deployments require a lot of initial TLC </li></ul></ul><ul><ul><li>can break many applications </li></ul></ul><ul><ul><li>cause others to crash </li></ul></ul>
  8. 8. One-size does not fit all <ul><li>Biggest mistake in endpoint design </li></ul><ul><ul><li>taking a one-size fits all approach </li></ul></ul><ul><ul><li>each organization needs its own unique formal design </li></ul></ul><ul><li>Endpoint policies must address </li></ul><ul><ul><li>Who </li></ul></ul><ul><ul><li>What </li></ul></ul><ul><ul><li>Where </li></ul></ul><ul><ul><li>When </li></ul></ul><ul><ul><li>Why </li></ul></ul>
  9. 9. One-size never fits all in IT <ul><li>Second biggest mistake in endpoint design </li></ul><ul><ul><li>Inadequate piloting </li></ul></ul><ul><ul><ul><li>First pilot groups should be with users who are computer savvy </li></ul></ul></ul><ul><ul><ul><li>Endpoint policies take a lot of tweaking to get them right </li></ul></ul></ul><ul><li>Start small </li></ul><ul><ul><li>Don’t try a global deployment until you have a few successful localized deployments </li></ul></ul>
  10. 10. Create high-level recommendations <ul><li>Unsecured endpoint must not be allowed to connect to the network if doing so inappropriately increases the risk to the organization </li></ul><ul><li>Management must identify the state of the endpoints before they are allowed access to internal networks </li></ul><ul><li>CISO must be able to provide a level of assurance to management that information will be protected when it reaches the endpoint </li></ul><ul><li>Remediation plans must be created for remote endpoints </li></ul>
  11. 11. Conclusions <ul><li>Endpoint security is a powerful technology whose time has come. </li></ul><ul><li>Don’t underestimate the time and complexity it will take to deploy. </li></ul><ul><li>Make sure you define your specific needs and requirements and map those to your environment. </li></ul><ul><li>You will have to live with and support your decision, so make sure you make the right choice. </li></ul>

×