Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Network and Endpoint Security v1.0 (2017)

255 views

Published on

This presentation covers the challenges and potential risks each device connected to a corporate network creates. It provides some of the recommended security approaches an organisation should comply with and the processes they should follow.

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Network and Endpoint Security v1.0 (2017)

  1. 1. Delivering the best in z services, software, hardware and training.Delivering the best in z services, software, hardware and training. Delivering the best in z services, skills, security and software. Network and Endpoint Security Rui Miguel Feio – Senior Technical Lead
  2. 2. Agenda • Network and Endpoint Security – what is it? • Problems and risks • Impact and cost of a security breach • How to implement Network and Endpoint Security? • Endpoint Security management • Challenges • Real example of an ineffective implementation • Online world and Hackers • Network and endpoint security on the mainframe
  3. 3. Who am I? RUI MIGUEL FEIO • Senior Technical Lead at RSM Partners • Based in the UK but travels all over the world • 18 years experience working with mainframes • Started with IBM as an MVS Sys Programmer • Specialist in mainframe security • Experience in other platforms
  4. 4. Technological and Social Evolution • Society is evermore dependent on technology to function • There’s a prevalence for storing data in digital format • Globalisation is not only a social-economic event, but digital as well (Internet) Image Source: paleoplan.com
  5. 5. The digital network
  6. 6. • Network security refers to technologies and processes that are used to keep digital networks in good, secure working order. • Endpoint security refers to any device that connects to the digital network, from servers to desktops, mobile devices, and any other device that is network-enabled. • As such, Network and Endpoint Security aims to protect and ensure the normal functioning of the digital network and devices connected to it. Network and Endpoint Security
  7. 7. • We can only secure what we ‘control’: – Company digital network – Devices connected to the company’s digital network • Is this enough? No, we should also consider: – People – Business partners – Service providers – Physical security Securing our interests
  8. 8. • Misconfigured hardware/software • Lack of knowledge and resources • Default settings • Human factor • Cyber criminals • Systems not up-to-date • Solutions not fit for purpose • Lack of interest • Out of support software/hardware Problems lead to security risks
  9. 9. • OS/2 was a computer operating system, initially created by Microsoft and IBM, then later developed by IBM exclusively. • The first version of OS/2 was released in December 1987 and newer versions were released until December 2001. • OS/2 went out of support in December 2006. • OS/2 is still used today by a UK Bank to run one of its critical application. • There’s no plan to have it moved into a different platform. Have you ever heard of OS/2?
  10. 10. • A security breach can have devastating effects to the company: – Reputation – Exposure of confidential data and information – Financial • It can even compromise the existence of the company Impact of a Security Breach
  11. 11. Cost of a security breach https://www-03.ibm.com/security/infographics/data-breach/
  12. 12. Cost of a security breach https://www-03.ibm.com/security/infographics/data-breach/
  13. 13. Cost of a security breach https://www-03.ibm.com/security/infographics/data-breach/
  14. 14. Cost of a security breach https://www-03.ibm.com/security/infographics/data-breach/
  15. 15. How to Secure? Your LogoYour SECURITY Processes Analysis Education Review Monitor Alerting Audit & Testing Improve
  16. 16. Endpoint Security Management http://cybersec.buzz/endpoint-security-sizzling-however/
  17. 17. The Challenges Mentalities
  18. 18. On a Pen Test at one of the top 5 US banks: • Client was convinced they had a top of the art network security system. • I decided to unplug Ethernet cable from one of the terminals and connect it to my laptop • This went without detection • I was able to run a port scan on the mainframe without detection • This was just the beginning!!... When you think you got it right...
  19. 19. On a Pen Test at one of the top 5 US banks: • Client was convinced they had a top of the art network security system. • I decided to unplug Ethernet cable from one of the terminals and connect it to my laptop • This went without detection • I was able to run a port scan on the mainframe without detection • This was just the beginning!!... When you think you got it right... Vulnerabilities 24 high risk 25 medium risk 2 low risk
  20. 20. Off With Their Heads!!
  21. 21. • Is it enough to protect the company’s digital network and devices? • Have you consider internal breaches? • How about the online services you use? • Is your site really secure? • Is everyone following the security procedures? The big questions
  22. 22. • Most online services (Google, social media, etc) collect data: – Type of device (OS, Web browser, device type, etc) – Location • This data can be used to: – Develop user/company profiles – Customised ads – Customised what we see (WYSIWYG) The Online ’World’
  23. 23. • Companies are a prime target for Hackers • Social media is a source of information • Data collected online can be used to compromise your systems • Hackers have time, patience, and in many cases, resources • It’s not a matter of if you will be hacked, it’s a matter of what will you do when you are? The Hackers are coming for you
  24. 24. Hackers’ resources
  25. 25. Social engineering http://www.social-engineer.org/social-engineering/social-engineering-infographic/
  26. 26. Hackers’ resources
  27. 27. Network and Endpoint security on the mainframe • SERVAUTH class: – STACK – PORT – NET ACCESS • Policy Agent • AT-TLS • IPSEC • IP Filtering • Intrusion Detection Services
  28. 28. • Defence Manager Daemon • Traffic Regulation Management Daemon • Syslog Daemon (SyslogD) • SNA environment • Enterprise Edition (EE) connections make sure who they are connected to and what access the 3rd parties has • Internal Telnet connections Network and Endpoint security on the mainframe
  29. 29. • Implement alerting systems (IBM zSecure, Vanguard, …) • Monitoring systems • Perform on a regular basis: – Security audits – Penetration testings – Security remediations – Recertification • Review processes and procedures • Educate and train your resources Mainframe – What else?
  30. 30. • Review your security policies across the board • Review your technological estate • Provide regular training and awareness • Keep your systems up-to-date • Segregate and do not allow devices that do not meet the minimum security requirements • Perform regular security audits, and pen tests • Pay special attention to default settings • Always assume you’ve already been hacked! Before we go, a quick review
  31. 31. Questions?
  32. 32. Rui Miguel Feio, RSM Partners ruif@rsmpartners.com mobile: +44 (0) 7570 911459 www.rsmpartners.com Contact www.linkedin.com/in/rfeio

×