Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

The_CNPITH_STORY_V1.2(draft)

76 views

Published on

  • Login to see the comments

  • Be the first to like this

The_CNPITH_STORY_V1.2(draft)

  1. 1. The Center for Nonprofit Information Technology Hosting A 501(C)(3) Nonprofit Dedicated Cyber Security and Threat Mitigation Assistance
  2. 2. The CNPITH Mission Statement  To improve America’s cyber security posture through public awareness, research, and open collaboration.
  3. 3. About The CNPITH  The CNPITH is a IRS recognized 501(C)(3) founded in 2010 to provide dedicated pro-bono cyber security and threat mitigation assistance to United States based 501(C)(3) nonprofits under 25 personnel.  The CNPITH mission is built on the philosophy of education of national cyber security issues, providing cyber security Subject Matter Expertise, and threat mitigation to participating 501(C)(3)’s.  Located in Metro Washington DC.  Senior Engineer is DOD 8570.1 Compliant IATIII, IAMIII, and CNDSP  The CNPITH maintains a 3rd Party Certified Public Accountant (CPA) firm located in the Metro DC area for compliance and monitoring.
  4. 4. Goals and Initiatives  Education  Providing cross educational assistance to high school and college students with in house training on new technologies related to network, cloud computing and cyber security.  Providing members annual security awareness training and tracking metrics.  Providing “Social Community Clouds” for SharePoint and Lync instant Messaging collaboration through our secure private cloud infrastructure.  Cyber Security Mitigation Services  Providing Turn-Key infrastructure services to small nonprofits in an effort to secure, protect, identify threats, and increase our nations cyber security posture one nonprofit at a time.  Monitor, identify, track and document threat vectors infiltrating small nonprofits through out the United States.  Providing rapid response IT systems for domestic and international crisis relief programs.  Prevent organizational disruptions by malware, botnets, and ransomware.  Prevent financial loss and compromise of nonprofit bank accounts resulting in the loss of publically funded money and the inability for nonprofits to gain future grants and donations.
  5. 5. The CNPITH Background The CNPITH owns and controls 100% of the cloud hardware, design and operations. The infrastructure is 100% Commercial Off The Shelf – no custom software components. Nonprofits have the benefit of interacting with common known software such as Microsoft Windows Server, Windows 8.1, Microsoft office suite. The CNPITH is a pure IAAS “Turn- Key Service” providing a pre built modern Microsoft based environments consisting of Active Directory 2012, Exchange 2013, Lync Communicator 2013 and 1 Win8.1 desktops. Members also have the option for Sharepoint 2013, additional virtual desktops, and even the ability to migrate current infrastructure into the CNPITH cloud solution. The CNPITH is dedicated to US based 501(C)(3) nonprofits. The CNPITH provides a turn-key solution to organizations under 25 personnel. 100% Owned100% COTS 100% Service 100% Nonprofit 5 The CNPITH is built on federal security standards such as NIST 800-53, DOD DISA STIG’s for OS hardening, Unified Threat Management solutions, End Point Security, Real Time Threat Monitoring, and active cyber threat intelligence from the FBI Infragard Program. 100% Security
  6. 6. What makes The CNPITH unique? The CNPITH stands out as being unique in its mission goals and objectives due in part to it’s production multi-tenancy and community cloud environment. While there are handful of organizations that provide information on How small business’s and nonprofits can make themselves more “cyber ready” and enhance security. No current organization provides a service and expertise to facilitate such activities. They stand alone in being informational. The CNPITH stands out by providing an actual pro bono solution that nonprofits can participate in that take a substantial financial, management, and technical burden off the organizations themselves related to Information Technology requirements. Leveraging cloud solutions allows for lower cost solution that provides a substantial security and quality of service increase, while lowering management, operational, and technical burdens on small nonprofits. The CNPITH has not had one unscheduled network outage since its inception.
  7. 7. What nonprofits face in today’s cyber insecure environment  Lack of funding for modern equipment.  Many organizations still run windows XP and Vista Operating Systems.  Many organizations run Microsoft Server 2003 and 2008 with no updates enabled and no host security.  Many organizations run no end point security and those who do, do not have automatic updates enabled and or expired free trial licenses.  Lack of funding for technical personnel with cyber security experience.  Personnel with knowledge and experience to secure even the most smallest of environments.  Theft of financial information leading to the loss of publically funded money, grants and donations. Causing some nonprofits the inability to gain future funding without proving some level of IT security to protect future monies.
  8. 8. Core Pro Bono Services  Dedicated Active Directory Server  Dedicated user setup  User security based off of groups and role based access  Dedicated Exchange 2016 Server  Outlook Web Access for anywhere Web access  Outlook Anywhere for laptop and desktop secure outlook connections  Mobil device email  Unlimited email accounts and alias name* (predicated on allocated hard drive space)  Dedicated Skype for Business Communication Server  IM communicator  Skype calling ability  Gotomeeting/WebEx like shared desktop  1 Dedicated Windows 10 virtual desktop  Web Hosting with complete access through IIS  Daily Scanning of vulnerabilities and mitigation reports based on DOD and NIST framework cyber standards  Dedicated Symantec Antivirus Server 12.1.6  Unified Threat Messaging Suite  Real time antivirus updates at gateway  SPAM control and monitoring  Intrusion detection sensors  Global reputation threat analysis  Custom firewall settings  Between all servers and services 250GB of Hard Drive Space  Unclassified cyber threat mitigation of “Bad actors” and phishing scams VIA the FBI Infragard program. Threats are assessed and worked into the CNPITH primary systems for monitoring  5MB/PS of internet speed. Will provide enough bandwidth for email and Lync communication over VPN line and 1x 24/7 connection to Virtual Remote Desktop  Hourly VEEAM backups of email, Daily for all other servers and workstations.  Free EV SSL public certs through Digicert.
  9. 9. Cloud Hosting Baseline Comparison Vendor Total Virtual Machines Total VM Processors Total VM RAM Total VM Hard Drive External IP Office to CNPITH VPN Security Support Backups Total Monthly COST CNPITH 5 9 14 365 1 1 UTM Firewall with Gateway scanner, Malware detector, APT, SPAM detector, Microsoft Patching Integration through WSUS, Symantec End Point for servers and Hosts. Custom Firewall rules. Weekly Compliance Scanning. Dark Web monitoring through Norse. Free public SSL certs through Digicert ($1000.00) On prem Watchguard firewall for each org ($1500.00) Free 1 hour per week on internal organizational requirements Daily VM backups, with hourly backups on email. $0.00 CenturyLink 5 9 14 365 1 1 Basic firewall rules, no other options available. None $720.00 Dimension Data 5 9 14 365 1 1 Basic firewall rules, no other options available. None $850.00
  10. 10. The Cyber Communities Program  The Cyber Communities Program is an initiative started by The CNPITH that brings cloud computing and cyber security together to offer a unique environment both individually for each nonprofit and collectively as a community.  This concept is initiated by providing individual nonprofits there own secured Infrastructure As A Service(IAAS) environment . Providing a turn key solution for each nonprofit to accept or move their existing environment into the cloud.  The CNPITH then provides a unique “Community cloud” where utilizing shared services in Microsoft known as “Federated Services”; each nonprofit that may want to participate can join their organizations to specific community cloud’s created around specific national initiatives such as volunteer fire departments, schools, veteran groups, foreign country missions, disaster recovery and relief, and so on.
  11. 11. Security Operations Application Security Server and EndPoint Security Perimeter and Infastructure Security Symantec End Point Manager for all Endpoints WhatsUpGold for Centralized Logs Event Monitoring and Management Configuration and Asset Management Application Whitelisting and Sandboxing Email Data Encryption Instant Messaging Single Sign On Symantec Anti Virus WSUS Patch Management Data Loss Prevention Capabilities Duo Two Factor Authentication Secured Vlans with Vmware NSX Virtualized Firewalls Load Balancing and Reverse Proxy Gateway AntiVirus Dark Fibre Monitoring through Norse Steelcloud DOD STIG Scanning and Remedition Infragard and Other Monitoring Sources The CNPITH “Security Onion”
  12. 12. Nonprofit Cyber Research And Collaboration Program  The Center for Nonprofit Information Technology Hosting’s “Nonprofit Cyber Research and Collaboration Program” also known as the NCRCP was created to provide vulnerability and cyber threat analytical date collection with 501C3 organizations. This data collection is limited to information pertaining to transport Internet Protocol (IP) data information, collection of gateway firewall logs, SPAM monitoring systems, vulnerability scanning, audit logs, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Event system logs, SIEM, analysis systems, and data collection tools.  The information gathered by participating 501C3 shall not contain specific Personally Identifiable Information (PII), Intellectual Property (IP) information, or files traversing any of the network pathways. The goal of the program is to just identify where things are coming from, where they are going, and what types of security threats are impacting US based Nonprofit and educational groups.
  13. 13. 2014-2016 Lessons learned from Pilot Programs  Internal staff must work to effective evangelize the technologies and in many cases migration to them.  Over the last several years one of the largest reasons to move to such a cloud based solution is the centralization of email and communication dedicated to each VFD business. With many individuals, the use of their personal Gmail, Hotmail, Yahoo and AOL email to conduct volunteer activities is “familiar”, and “convenient” and can often be difficult to convince individuals to embrace another email account. Especially one that may have more security involved.  Level of Effort from VFD’s is minimal.  Through our first pilot programs we found the extent of request for assistance often went no further then updating individuals and email addresses. And often those request were minimal as well.  Passwords  We general encourage a 90 day password change, but after much discussion we found it was easier to give a 6 month acclimation period to using the services before deploying a 90 day password change.

×