Stki summit2013 infra_pini sigaltechnologies_v5 final

671 views

Published on

part 2 STKI 2013

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
671
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Stki summit2013 infra_pini sigaltechnologies_v5 final

  1. 1. Changing Data Center STKI Summit 2013 IT at the crossroads: Lead, follow or get out of the way Pini Cohen Sigal Russin Security and Networking
  2. 2. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Customers Main Issues in 2012 • Cyber security -Smarter & Complexity attacks, APT, DDOS • BYOD - Security on Mobile –MDM • Network monitoring -SIEM • NAC –network access control • WI-FI as a service • Control & Monitoring of Administrative • Unauthorized Device Detection • DLP- Data loss prevention • Cloud security • Regulation – ISO 2
  3. 3. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Security • Security 2013 • Social engineering • Identity management • Cloud storage services 3
  4. 4. Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 4 Security
  5. 5. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Industry groups represented by percent of breaches 5 Source: Verison , 2012 DATA BREACH INVESTIGATIONS REPORT Security
  6. 6. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Social tactics by percent of breaches within Social 6 Source: Verison , 2012 DATA BREACH INVESTIGATIONS REPORT Security
  7. 7. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 7 Source: Ponemon Institute Security
  8. 8. 8 Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 1 3 2
  9. 9. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 9 Security
  10. 10. Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Identity & Access Management 10
  11. 11. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 11 Security
  12. 12. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 12Source: veracode
  13. 13. Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 13 "Forrester: “Most data breaches caused by employees 30% - 'simple loss or theft‘ 27% - 'inadvertant misuse by an employee‘ 25% - 'external attack‘ 12% - 'malicious insiders‘ Source: information week 2012 Security
  14. 14. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Turn Insiders Into Assets - Security Awareness Program 14 Source: information week 2012 Focus on changing user behavior- training your employee (videos) Test and retest - testing employee reaction to an actual test like: phishing e-mails. Teach the individual- tailored training to the company and the individuals who work there (USB devices). Even a failure can be a success- employee reports, susceptible to social engineering.
  15. 15. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Most Intellectual Property Theft Involves Company Insiders • Perimeter defenses do not absolutely protect a network, vetting suppliers is not a sure way to protect against compromised hardware. You should monitor for anomalies in your network. • Keep Policy Up To Date! 15 Source: information week 2012, Verison Security
  16. 16. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Best Practices for Defending Yourself 16 Out of office replies- do not give a stranger personally identifiable information. Email Links and Attachments-never open a link or an attachment from someone you don’t know. Phone Calls-requiring that employees use verbal code words to verify their identity. On-Premise Badge and Security- use cameras, guards and mantraps before a secure doorway. Unlocked Computers and Laptops- always be vigilant! Source: http://blog.neustar.biz/dont/social-engineering-5-tips-and-best-practices-for-defending-against-it/
  17. 17. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 17 Security
  18. 18. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 18 Security
  19. 19. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Don’t risk your Data! 19 Source: Ponemon Institute
  20. 20. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Cloud Storage Services Definition • A network of distributed data centers which typically uses cloud computing technologies like virtualization, and offers some kind of interface for storing data. • To increase the availability of the data, it may be redundantly stored at different locations. • Many cloud storage providers are active on the market, offering various kinds of services to their customers. 20 Source: https://www.sit.fraunhofer.de/fileadmin/dokumente/studien_und_technical_reports/Cloud-Storage-Security_a4.pdf Security
  21. 21. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Cloud Storage Features 21 Source: https://www.sit.fraunhofer.de/fileadmin/dokumente/studien_und_technical_reports/Cloud-Storage-Security_a4.pdf Security
  22. 22. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Case Study : DROPBOX 22 APIBrowser  Dropbox uses Amazon Web Services (AWS) for storage and transfer.  Dropbox does not verify the email address at registration, hence it is open for incrimination attacks.  Client-side encryption is not supported.  It is unclear which flavor of sharing is used if non-subscribers are included (closed user group vs. publication).  In 2011 accounts could be accessed without a password, and in 2012 spam emails were sent to Dropbox users. SouIe: https://www.sit.fraunhofer.de/fileadmin/dokumente/studien_und_technical_reports/Cloud-Storage-Security_a4.pdf Security
  23. 23. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 23 Source: The FixYa Cloud Storage Report. Novmber 2012 Security
  24. 24. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Security Concerns • SkyDrive uses SSL to encrypt files during transport, but files are unencrypted once at rest on Microsoft’s servers. • Data Leak 24 Source: Ponemon Institute
  25. 25. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Secured Alternative Solutions • Use Local encryption for protecting your data • IBM Collaboration Cloud • Box.net • SpiderOak • Sharefile –Citrix • WatchDox • Acronis • Application Rapping • Symantec • F5 25 67% viewed third-party applications as a significant risk – second to mobile security risk. Security
  26. 26. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph WatchDox 26 ACCESS documents on any device SHARE documents across organizations CONTROL documents at all times Security
  27. 27. Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph WatchDox Makes Document Security Easy Email Sharing Group Collaboration Cross-Device Sync WatchDox Exchange WatchDox Workspaces WatchDox Sync • Security is added seamlessly, automatically • Documents encrypted at all times: rest, transit, use
  28. 28. Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Recommendations • Review your security policy related to social engineering • DO NOT allow using free cloud storage OR • Allow employee BYOA but secure it with encryption tools • Use a collaboration tool for better productivity & security • Start Identity & access management project • Education ,awareness  Training! 30
  29. 29. Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Data Leakage Prevention -Israeli Market Positioning 1Q13 31 LocalSupport Market Presence/Perception Websense McAfee Symantec GTB Verdasys EMC Safend Fidelis CA Checkpoint Player Worldwide Leader
  30. 30. Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 32 Security Consultants -Israeli Market View 1Q13 (Partial List) Source: STKI *DataSec, **Oasis-Tech
  31. 31. Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph 33 Security System Integrators -Israeli Market View 1Q13 (Partial List) Source: STKI *Netcom **Spider ^Oasis-Tech ^^Decimus
  32. 32. Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Networking General trends-2013 34 Software- defined networking will replace current NAC Wireless local area network (WLAN) for guests and BYOD (VoWLAN) Network visibility in virtualized environments
  33. 33. Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Network Visibility Benefits  Improve the performance of your network with cloud computing, video streaming, mobility etc.  Utilize security issues and application performance management.  Good view of your network traffic down to the packet level.  You don’t need to go through an emergency change control at the start of the incident just to get these taps! 35 Networking
  34. 34. Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Port Mirroring • Requires an engineer to configure the switch or switches. • Eliminate corrupt packets or packets which below a minimum size. • Switches may drop layer 1 and select layer 2 errors depending on high priority. • Need to troubleshoot common physical layer problems such as faulty NIC. • A network devices can support a restricted number of port mirrors. It is very important for security and analysis the same data with many devices. 36
  35. 35. Cyber Security Challenges – No Visibility NETWORK INFRASTRUCTURE Traffic Data Center Device New Applications New Protocols, Encrypted Traffic BYOD Mixture of devices, Policies & Compliance Cloud / Virtualization Applications go virtual, Inter-VM traffic Traffic Growth Number of links, Size of links, amount of traffic Cloud / Virtualization
  36. 36. Solution - Visibility with NPB NETWORK INFRASTRUCTURE Traffic Data Center Device Cloud / Virtualization Network Packet Broker MONITORING TOOLS
  37. 37. Traffic Visibility FabricGigamon - Market Maker, Market Leader
  38. 38. Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Data Leakage Prevention -Israeli Market Positioning 1Q13 40 LocalSupport Market Presence/Perception Websense McAfee Symantec GTB Verdasys EMC Safend Fidelis CA Checkpoint Player Worldwide Leader
  39. 39. Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Customer Center Infrastructure -Israeli Market Positioning 1Q13 41 LocalSupport Market Presence/Perception Player Worldwide Leader Cisco Alcatel-Lucent Avaya Interactive Intelligence Cosmocom Siemens EC Aspect
  40. 40. Pini Cohen and Sigal Russin’s work/ Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Network Access Control -Israeli Market Positioning 1Q13 42 LocalSupport Market Presence/Perception Player Worldwide Leader Access Layers Wise-Mon Fore Scout Cisco Juniper Symantec Microsoft Checkpoint HP Enterasys
  41. 41. Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Output Management-Israeli Market Positioning 1Q13 43 LocalSupport Market Presence/Perception Player Worldwide LeaderAman Adobe Auto font Consist ISIS-Papyrus Vendors to watch : HP
  42. 42. Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph HP Exstream 44
  43. 43. Thanks for your patience and hope you enjoyed 45 Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph

×