AppSense, profile picture
Uploaded byAppSense
PPTX, PDF704 views

Protecting endpoints from targeted attacks

This document discusses strategies for protecting endpoints from targeted attacks. It begins with an overview of the increasing threats facing organizations from malware and cyber attacks. It then outlines five principles for an effective endpoint security strategy: 1) get organizational endpoints in order through vulnerability management and application control, 2) focus on protecting data rather than infrastructure on unmanaged devices, 3) utilize thin clients and cloud-based solutions, 4) implement a zero-trust approach to authentication, and 5) maintain visibility into endpoint activity. The document recommends implementing application control, patching vulnerabilities, deploying recommended security practices, improving authentication, and integrating network and endpoint security controls. It emphasizes continuing to shift focus to securing unmanaged devices by decoupling protection from infrastructure.

Embed presentation

Downloaded 12 times
® Protecting endpoints from targeted attacks. Forrester / Dell / AppSense
® Every company is becoming an IT company they’re just focused on different verticals.” John Chambers, Cisco = Huge attack surface
Today’s Session Security, user experience & visibility State of threats and security and the need to “think different” Two domains: Managed endpoints and unmanaged endpoints 5 design principles for an effective endpoint security strategy How VDI plays a big role in security and security plays a big role in VDI Thin clients’ natural malware resistance
Presenters Chris Sherman, Analyst Security and Risk Dan O’Farrell, Sr. Director of Product Marketing, Cloud Computing Bassam Khan, VP of Product Marketing
© 2015 Forrester Research, Inc. Reproduction Prohibited Five Steps To Protect Your Endpoints From Targeted Attacks Chris Sherman, Analyst May 2015
© 2015 Forrester Research, Inc. Reproduction Prohibited 6 Orgs will continue to struggle with 0-Day malware through 2015 0 10 20 30 40 50 60 Q1 2010 Q2 2010 Q3 2010 Q4 2010 Q1 2011 Q2 2011 Q3 2011 Q4 2011 Q1 2012 Q2 2012 Q3 2012 Q4 2012 Q1 2013 Q2 2013 Q3 2013 Q4 2013 Q1 2014 Q2 2014 Q3 2014 Q4 2014 Varients(inMillions) Unique Variants of Malware Per Quarter 600,000 new malware variants/day! Source: McAfee Threats Report: First Quarter 2015
© 2015 Forrester Research, Inc. Reproduction Prohibited Orgs will continue to struggle with targeted attacks Publicly reported cyber incidents and breaches in the US Source: Cyberfactors, LLC
© 2015 Forrester Research, Inc. Reproduction Prohibited© 2014 Forrester Research, Inc. Reproduction Prohibited 8 The Golden Age Of Hacking Continues
© 2015 Forrester Research, Inc. Reproduction Prohibited 9 1% 7% 23% 24% 49% 33% 39% Other Don't Know Lost/stolen asset (e.g., smartphone, tablet, laptop, external hard drive, USB flash drive, etc) Internal incident within a business partner/third party supplier’s organization Internal incident within our organization External attack targeting a business partner/third-party supplier External attack targeting our organization “What were the most common ways in which the breach(es) occurred in the past 12 months?” Source: Forrester BT Security Survey, Q3 2014 Base: 457 North American and European IT security executives and technology decision makers whose firms had experienced a breach in the past 12 months Thieves go for the gold: PII and IP Data breaches have led to 330,000,000 lost records in 2014 alone* *Cyberfactors, LLC
© 2015 Forrester Research, Inc. Reproduction Prohibited© 2014 Forrester Research, Inc. Reproduction Prohibited 10 Breach Costs Will Continue To Increase In 2015 › Average total cost: $3.5 million › Up 15% from 2013 › Each lost record cost $136 › Up 9% from 2013
© 2015 Forrester Research, Inc. Reproduction Prohibited 11 This Much Is Clear: Traditional Endpoint Security Tools Are Failing And Will Continue To Fail Through 2015
© 2015 Forrester Research, Inc. Reproduction Prohibited 12 An Ongoing Anti-Malware Technology Arms Race Signature based detection Encrypted payloads Decryptor matching/pas sive heuristics Polymorphic code Active heuristics/sandbo xing Sandbox evasion techniques Sandbox hardening Self-directed (metamorphic) code Runtime behavior detection Further obfuscation techniques/signed binaries/behavior randomization
© 2015 Forrester Research, Inc. Reproduction Prohibited 13 The 90’s called, they want their endpoint security strategy back Despite… Anti-Virus Application Whitelisting 80% 52% 48% 54% reporting frequent attacks involving software vulnerabilities 92% reporting rising operation costs involving malware Base: 671 IT and IT security practitioners. Source: Ponemon 2013 State of the Endpoint Survey Base: 881 IT Security Decision Makers. Source: Forrester BT Security Survey, Q3 2014 …Many organizations still rely heavily on antivirus. A New Approach Is Needed! 48% Application Priv. Mgmt. 52% 48% Application Sandboxing
© 2015 Forrester Research, Inc. Reproduction Prohibited 14 We are hyper focused on the WRONG things
© 2015 Forrester Research, Inc. Reproduction Prohibited 15 Organizations Must Refocus Their Endpoint Security Strategies In 2015
© 2015 Forrester Research, Inc. Reproduction Prohibited 16 Do a better job of endpoint protection. Managed endpoints Unmanaged endpoints Your Challenges are Twofold Protect your data and operations without owning the assets!
© 2015 Forrester Research, Inc. Reproduction Prohibited Five design principles for an effective endpoint security strategy Get your house in order (managed endpoints) Focus on data (unmanaged endpoints) Think thin, think cloud (combined) Zero trust (combined) Eye in the sky (combined)
© 2015 Forrester Research, Inc. Reproduction Prohibited 18 Principle No. 1: Get your house in order –attack surface reduction This completes 75% of the work. • Limit Firefox, Opera, and QuickTime • Options include application whitelisting, execution isolation, privilege management • Weigh the pros and cons of each form of app control Exercise application control. Disable Java in web browsers. Deploy the Enhanced Mitigation Experience Toolkit. • Eliminate superfluous applications from your environment. While you are at it:
© 2015 Forrester Research, Inc. Reproduction Prohibited 19 Get your house in order — manage your vulnerabilities You need an intelligent patch management system. Endpoint security products that sandbox code within browser is a plus! IE is a bit more complex. Consider this strategy: Browse the Net with Chrome. Keep IE for internal applications. If you see a patch for Flash, Java, or Reader: Patch it, patch it as fast as you can.
© 2015 Forrester Research, Inc. Reproduction Prohibited 20 Get your house in order (Summary) An effective endpoint security strategy must: Start with managing vulnerabilities. • Leverage a patch management solution which supports 3rd party applications • Focus on vulnerabilities with an existing exploit • Patch it well, and patch it early. Reduce attack surface through some form of application control. • Figure out which risky applications you don’t need, and eliminate them. • Policy-driven solutions require less effort (ex. trusted publisher, vendor signature, application category, etc) • Build a good exception-handling workflow. Augment with antimalware. • A layered defense = best for security • Measure solutions based on zero-day effectiveness
© 2015 Forrester Research, Inc. Reproduction Prohibited 21 Enter unmanaged devices…
© 2015 Forrester Research, Inc. Reproduction Prohibited 22 Principle No. 2: Focus on the data, not infrastructure Decouple data and threat protection from the infrastructure • Build security capabilities into the application. • E.g., encryption in the application • E.g., threat detection in the application • Malware • Fraud • Jailbreak Application Data Fortifying this
© 2015 Forrester Research, Inc. Reproduction Prohibited Principle No. 3: Think Thin, Think Cloud • If possible: • Thin client • Thin device • Process centrally, present locally • Leverage on cloud delivery and scaling • Requires connection • High Server-side operational load • Endpoint security tools still required
© 2015 Forrester Research, Inc. Reproduction Prohibited 24 Principle No. 4: Zero Trust • Authentication is always contextual: › Location, environment, and malware detection . . . all factor into authentication/authorization. • Authorization to access services must be evaluated dynamically • Trust is derived and verified, never assumed
© 2015 Forrester Research, Inc. Reproduction Prohibited 25 Principle No. 5: Eye In The Sky • Provides intelligence to focus on the right things • Monitor and control data flows across logical security boundaries • Requires data classification • Increased situational awareness Unmanaged devices, infrastructure Managed devices
© 2015 Forrester Research, Inc. Reproduction Prohibited 26 Principle No. 5: Eye In The Sky (Cont’d) › Endpoint Visibility & Control (EVC) provides detailed visibility into activity occurring on the endpoint: • Process executions • Application/file/registry modifications • Network activity • Active memory • Kernel-driver activity › Some provide containment
© 2015 Forrester Research, Inc. Reproduction Prohibited Recommendations 1. Implement meaningful app control 2. Run a targeted patch program 3. Deploy recommended practices (DEP, EMET) 4. Improve authentication measures 5. Integrate network and endpoint security controls where possible; aim for increased visibility
© 2015 Forrester Research, Inc. Reproduction Prohibited Recommendations 1. Continue to shift focus to unmanaged or lightly managed endpoints 2. Decouple protection from device and infrastructure 3. Think thin, think cloud 4. Toss your trust assumptions 5. Maintain a high level of visibility over your endpoints and data
© 2015 Forrester Research, Inc. Reproduction Prohibited #ageofthecustomer Chris Sherman csherman@forrester.com @ChrisShermanFR
Cloud client- computing The ultimate secure, manageable and reliable end to end virtual desktop solutions.
Cloud client-computing • Dell - Internal Use - Confidential Deliver nearly any desktop app to any user on any device Move your desktops to the cloud and: Empower the workforce Enable BYOD, deliver securely to any device, enhance user collaboration Optimize IT resources Reduce IT resources, scale and speed deployment Improve security Control data, recover from disasters, apply policies, comply with regulations, and monitor risk Manage costs Monitor and optimize total cost of ownership, achieve greater utilization from infrastructure assets, reduce energy use
Cloud client-computing • Dell - Internal Use - Confidential Highly-regulated industries were first to embrace this model to increase security and reduce costs
Cloud client-computing • Dell - Internal Use - Confidential Solutions that scale with your needs Specialized appliances Reduced TCORapid deploymentEasy installation Your choice of datacenter hardware with… …your choice of pre-tested software options Wyse Datacenter Towers with local storage VRTX (new form factors) Full racks with modular options
Cloud client-computing • Dell - Internal Use - Confidential Wyse Clients Industry-leading thin clients Secure the most secure thin clients on the planet Versatile tailored clients for Citrix, VMware, and Microsoft Powerful handle demanding tasks from video editing to 3D modeling Connected support a broad range of peripherals Desktop All-in-one Mobile Ultra mobile Dell offers the most extensive selection of secure, easy-to-manage thin and zero clients to suit your budget, application, and performance needs.
Cloud client-computing • Dell - Internal Use - Confidential See for yourself - next steps More information On the web: Dell.com/wyse Schedule a demo Work with your sales representative to schedule a demo. Access a range of demos, including Dell Enterprise Solutions, Dell DaaS, Dell DVS Simplified Appliance and others. Learn More Engage the experts Engage with your cloud client-computing sales specialist early in the pursuit. Leverage the knowledge of Dell's desktop virtualization experts. a demo at a Dell Solution Center View Dell IT Consulting to assess your needs Engage an Executive Briefing on cloud client-computing strategy Schedule
Backup •Thank You
® We believe you can manage and secure while providing a great user experience
It’s Not Only About Security Needs Endpoint manageability License control Profile management Simple Desktop IT Administration Ransomware, phishing, social engineering Unnecessary privileges Audit & Compliance Effective Endpoint Security Performance Flexibility & control Consistency Excellent User Experience
The most comprehensive UEM platform. Personalization Environment Manager™ Security Application Manager™ Managed data DataNow™ AppSense management Management Center™ Endpoint analytics Insight™ Optimal capacity & responsiveness Performance Manager™ AppSense AppSense AppSense AppSense AppSense AppSense ® Personalization Policy Privileges Performance Data Analytics Personalization Policy Privileges Performance Data Access Analytics ®
® Endpoint Analytics Demo
®® AppSense User-First Security Secure, manageable, great user experience Privilege Management Least privileges with just in time self-elevation Application Control Manageability & security through Trusted Ownership™ Analytics Visibility into what’s really going on ®
Global UEM Leader Founded in 1999 to help customers deliver a great user experience. • 3400+ customers • 7.5M+ endpoints • 400+ employees AppSense Global HQ in Sunnyvale, California Manchester | Reading | Munich Amsterdam | Paris | Melbourne Sydney | NYC | Sunnyvale | Raleigh 10 GLOBAL LOCATIONS
® Question & Answer
® Thank you! For more information, visit www.appsense.com or email iwanttoknowmore@appsense.com

More Related Content

PPTX
Stay out of headlines for non compliance or data breach
bySridhar Karnam
 
PPTX
Securing and automating your application infrastructure meetup 23112021 b
bylior mazor
 
PPTX
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
bycentralohioissa
 
PPT
The Case for Continuous Open Source Management
byBlack Duck by Synopsys
 
PDF
Managing Next Generation Threats to Cyber Security
byPriyanka Aash
 
PPTX
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
bycentralohioissa
 
PDF
Beyond the Scan: The Value Proposition of Vulnerability Assessment
byDamon Small
 
PPTX
Protecting Mission-Critical Source Code from Application Security Vulnerabili...
byIBM Security
 
Stay out of headlines for non compliance or data breach
bySridhar Karnam
 
Securing and automating your application infrastructure meetup 23112021 b
bylior mazor
 
Alex Hanway - Securing the Breach: Using a Holistic Data Protection Framework
bycentralohioissa
 
The Case for Continuous Open Source Management
byBlack Duck by Synopsys
 
Managing Next Generation Threats to Cyber Security
byPriyanka Aash
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
bycentralohioissa
 
Beyond the Scan: The Value Proposition of Vulnerability Assessment
byDamon Small
 
Protecting Mission-Critical Source Code from Application Security Vulnerabili...
byIBM Security
 

What's hot

PDF
Threat Modeling for the Internet of Things
byEric Vétillard
 
PDF
Outpost24 webinar - Improve your organizations security with red teaming
byOutpost24
 
PPTX
Top 10 tips for effective SOC/NOC collaboration or integration
bySridhar Karnam
 
PPTX
Lisa Guess - Embracing the Cloud
bycentralohioissa
 
PPTX
BSIMM: Bringing Science to Software Security
byCigital
 
PPTX
Using 80 20 rule in application security management
byDaveEdwards12
 
PPTX
4 Ways to Build your Immunity to Cyberthreats
byIBM Security
 
PPTX
BSIMM-V: The Building Security In Maturity Model
byCigital
 
PPTX
Data Security: Why You Need Data Loss Prevention & How to Justify It
byMarc Crudgington, MBA
 
PPTX
Prevent Getting Hacked by Using a Network Vulnerability Scanner
byGFI Software
 
PPT
Data Security: What Every Leader Needs to Know
byRoger Hagedorn
 
PPTX
NextGen Endpoint Security for Dummies
byAtif Ghauri
 
PPTX
Assessing Your security
byLegal Services National Technology Assistance Project (LSNTAP)
 
PPTX
Building an AppSec Team Extended Cut
byMike Spaulding
 
PDF
Outpost24 webinar - A day in the life of an information security professional
byOutpost24
 
PDF
Defining Security Intelligence for the Enterprise - What CISOs Need to Know
byIBM Security
 
PPTX
Incident Response in the age of Nation State Cyber Attacks
byResilient Systems
 
PDF
PRESENTATION▶ Cyber Security Services (CSS): Security Simulation
bySymantec
 
Threat Modeling for the Internet of Things
byEric Vétillard
 
Outpost24 webinar - Improve your organizations security with red teaming
byOutpost24
 
Top 10 tips for effective SOC/NOC collaboration or integration
bySridhar Karnam
 
Lisa Guess - Embracing the Cloud
bycentralohioissa
 
BSIMM: Bringing Science to Software Security
byCigital
 
Using 80 20 rule in application security management
byDaveEdwards12
 
4 Ways to Build your Immunity to Cyberthreats
byIBM Security
 
BSIMM-V: The Building Security In Maturity Model
byCigital
 
Data Security: Why You Need Data Loss Prevention & How to Justify It
byMarc Crudgington, MBA
 
Prevent Getting Hacked by Using a Network Vulnerability Scanner
byGFI Software
 
Data Security: What Every Leader Needs to Know
byRoger Hagedorn
 
NextGen Endpoint Security for Dummies
byAtif Ghauri
 
Assessing Your security
byLegal Services National Technology Assistance Project (LSNTAP)
 
Building an AppSec Team Extended Cut
byMike Spaulding
 
Outpost24 webinar - A day in the life of an information security professional
byOutpost24
 
Defining Security Intelligence for the Enterprise - What CISOs Need to Know
byIBM Security
 
Incident Response in the age of Nation State Cyber Attacks
byResilient Systems
 
PRESENTATION▶ Cyber Security Services (CSS): Security Simulation
bySymantec
 

Similar to Protecting endpoints from targeted attacks

PDF
You Can't Stop The Breach Without Prevention And Detection
byCrowdStrike
 
PDF
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
byAndris Soroka
 
PPTX
Select and Implement a Next Generation Endpoint Protection Solution
byInfo-Tech Research Group
 
PPTX
It's Time to Rethink Your Endpoint Strategy
byLumension
 
PPTX
Maturing Endpoint Security: 5 Key Considerations
bySirius
 
PDF
Why Endpoint Security Alone Is No Longer Enough for Organizations in 2026.pdf
byVisiontechInternatio
 
PPTX
2016 virus bulletin
byAdrian Sanabria
 
PDF
Carbon Black: 32 Security Experts on Changing Endpoint Security
byMighty Guides, Inc.
 
PDF
Carbon Black: 32 Security Experts on Changing Endpoint Security - Quotes from...
byMighty Guides, Inc.
 
PDF
DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...
byAndris Soroka
 
PDF
Carbon Black: Justifying the Value of Endpoint Security
byMighty Guides, Inc.
 
PPTX
451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...
byAdrian Sanabria
 
PDF
Evolving Threats Call For Integrated Endpoint Security Solutions With Holisti...
byJohn D. Haden
 
PDF
Wp evolving-threats-endpoint-security
byAi K
 
PDF
Carbon Black: Moving to a Cloud Based Next Generation Platform for Endpoint S...
byMighty Guides, Inc.
 
PDF
Endpoint Security & Why It Matters!
byNet at Work
 
PPTX
5 Habits of Highly Effective Endpoint Threat Protection
byTripwire
 
PPTX
The state of endpoint defense in 2021
byAdrian Sanabria
 
PPTX
Simplifying Security Management in the Virtual Data Center
byAlgoSec
 
PPTX
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
byEC-Council
 
You Can't Stop The Breach Without Prevention And Detection
byCrowdStrike
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
byAndris Soroka
 
Select and Implement a Next Generation Endpoint Protection Solution
byInfo-Tech Research Group
 
It's Time to Rethink Your Endpoint Strategy
byLumension
 
Maturing Endpoint Security: 5 Key Considerations
bySirius
 
Why Endpoint Security Alone Is No Longer Enough for Organizations in 2026.pdf
byVisiontechInternatio
 
2016 virus bulletin
byAdrian Sanabria
 
Carbon Black: 32 Security Experts on Changing Endpoint Security
byMighty Guides, Inc.
 
Carbon Black: 32 Security Experts on Changing Endpoint Security - Quotes from...
byMighty Guides, Inc.
 
DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...
byAndris Soroka
 
Carbon Black: Justifying the Value of Endpoint Security
byMighty Guides, Inc.
 
451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...
byAdrian Sanabria
 
Evolving Threats Call For Integrated Endpoint Security Solutions With Holisti...
byJohn D. Haden
 
Wp evolving-threats-endpoint-security
byAi K
 
Carbon Black: Moving to a Cloud Based Next Generation Platform for Endpoint S...
byMighty Guides, Inc.
 
Endpoint Security & Why It Matters!
byNet at Work
 
5 Habits of Highly Effective Endpoint Threat Protection
byTripwire
 
The state of endpoint defense in 2021
byAdrian Sanabria
 
Simplifying Security Management in the Virtual Data Center
byAlgoSec
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
byEC-Council
 

Recently uploaded

PDF
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
PPTX
Code Like Bro -A guide for better Coding
byMadan Panthi
 
PDF
How PayPal Account Verification Works – Complete Guide for Online Businesses
byjhdhj3989
 
PDF
Peculiar Findings Around CEX Activity and ETH Price
bytobbymnbvcxz
 
PDF
How to Design Premium Health (Public Health) PPT Using AI? Top Strategies
byPublic Health Concern Nepal
 
PDF
Certified AI-Native Foundations Professional.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
PDF
AI-Powered Alert Analysis with ClickHouse - DB Mastery Jan'26
byAlkin Tezuysal
 
PDF
Real-Time AI at Scale Masterclass: Feature Store at Scale
byScyllaDB
 
PDF
Pneumatic Pressure Pump PPP01 for Calibration & Testing
bySERRAX TECHNOLOGIES LLP
 
PDF
Build Next-Gen Spatial & Sensor Workflows: Secure, Scalable Processing in Sno...
bySafe Software
 
PDF
Computer-Based Training (CBT) The Backbone of Modern Technical & Defence Trai...
bycomputerbasedtrainin1
 
PDF
"When every team does things "right", but together it turns into chaos", Yozh...
byFwdays
 
PDF
React Mastery: Visual Mental Models to Understand React Deeply
byThomas Gaye
 
PDF
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
PDF
Certified AI-Empowered SAFe 6 Scrum Master.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
PDF
Why AI Girlfriends Are the Future of Digital Companionship
byAi Angels
 
PPTX
Spacecraft Guidance Quick Research Guide by Arthur Morgan
byArthur Morgan
 
PDF
Enterprise Data Services_ A Development Guide with Use Cases, Trends and Impl...
by2601harsh23
 
PDF
When Drones Decide for Themselves_ Inside the Rise of Machine-Led Flight.pdf
byLyra Anderson
 
PDF
Afsar Ahmed - Digital Marketing Portfolio
byAfsar Ahmed
 
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
Code Like Bro -A guide for better Coding
byMadan Panthi
 
How PayPal Account Verification Works – Complete Guide for Online Businesses
byjhdhj3989
 
Peculiar Findings Around CEX Activity and ETH Price
bytobbymnbvcxz
 
How to Design Premium Health (Public Health) PPT Using AI? Top Strategies
byPublic Health Concern Nepal
 
Certified AI-Native Foundations Professional.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
AI-Powered Alert Analysis with ClickHouse - DB Mastery Jan'26
byAlkin Tezuysal
 
Real-Time AI at Scale Masterclass: Feature Store at Scale
byScyllaDB
 
Pneumatic Pressure Pump PPP01 for Calibration & Testing
bySERRAX TECHNOLOGIES LLP
 
Build Next-Gen Spatial & Sensor Workflows: Secure, Scalable Processing in Sno...
bySafe Software
 
Computer-Based Training (CBT) The Backbone of Modern Technical & Defence Trai...
bycomputerbasedtrainin1
 
"When every team does things "right", but together it turns into chaos", Yozh...
byFwdays
 
React Mastery: Visual Mental Models to Understand React Deeply
byThomas Gaye
 
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
Certified AI-Empowered SAFe 6 Scrum Master.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
Why AI Girlfriends Are the Future of Digital Companionship
byAi Angels
 
Spacecraft Guidance Quick Research Guide by Arthur Morgan
byArthur Morgan
 
Enterprise Data Services_ A Development Guide with Use Cases, Trends and Impl...
by2601harsh23
 
When Drones Decide for Themselves_ Inside the Rise of Machine-Led Flight.pdf
byLyra Anderson
 
Afsar Ahmed - Digital Marketing Portfolio
byAfsar Ahmed
 

Protecting endpoints from targeted attacks

  • 1.
  • 2.
    ® Every company isbecoming an IT company they’re just focused on different verticals.” John Chambers, Cisco = Huge attack surface
  • 3.
    Today’s Session Security, userexperience & visibility State of threats and security and the need to “think different” Two domains: Managed endpoints and unmanaged endpoints 5 design principles for an effective endpoint security strategy How VDI plays a big role in security and security plays a big role in VDI Thin clients’ natural malware resistance
  • 4.
    Presenters Chris Sherman, Analyst Securityand Risk Dan O’Farrell, Sr. Director of Product Marketing, Cloud Computing Bassam Khan, VP of Product Marketing
  • 5.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited Five Steps To Protect Your Endpoints From Targeted Attacks Chris Sherman, Analyst May 2015
  • 6.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited 6 Orgs will continue to struggle with 0-Day malware through 2015 0 10 20 30 40 50 60 Q1 2010 Q2 2010 Q3 2010 Q4 2010 Q1 2011 Q2 2011 Q3 2011 Q4 2011 Q1 2012 Q2 2012 Q3 2012 Q4 2012 Q1 2013 Q2 2013 Q3 2013 Q4 2013 Q1 2014 Q2 2014 Q3 2014 Q4 2014 Varients(inMillions) Unique Variants of Malware Per Quarter 600,000 new malware variants/day! Source: McAfee Threats Report: First Quarter 2015
  • 7.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited Orgs will continue to struggle with targeted attacks Publicly reported cyber incidents and breaches in the US Source: Cyberfactors, LLC
  • 8.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited© 2014 Forrester Research, Inc. Reproduction Prohibited 8 The Golden Age Of Hacking Continues
  • 9.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited 9 1% 7% 23% 24% 49% 33% 39% Other Don't Know Lost/stolen asset (e.g., smartphone, tablet, laptop, external hard drive, USB flash drive, etc) Internal incident within a business partner/third party supplier’s organization Internal incident within our organization External attack targeting a business partner/third-party supplier External attack targeting our organization “What were the most common ways in which the breach(es) occurred in the past 12 months?” Source: Forrester BT Security Survey, Q3 2014 Base: 457 North American and European IT security executives and technology decision makers whose firms had experienced a breach in the past 12 months Thieves go for the gold: PII and IP Data breaches have led to 330,000,000 lost records in 2014 alone* *Cyberfactors, LLC
  • 10.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited© 2014 Forrester Research, Inc. Reproduction Prohibited 10 Breach Costs Will Continue To Increase In 2015 › Average total cost: $3.5 million › Up 15% from 2013 › Each lost record cost $136 › Up 9% from 2013
  • 11.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited 11 This Much Is Clear: Traditional Endpoint Security Tools Are Failing And Will Continue To Fail Through 2015
  • 12.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited 12 An Ongoing Anti-Malware Technology Arms Race Signature based detection Encrypted payloads Decryptor matching/pas sive heuristics Polymorphic code Active heuristics/sandbo xing Sandbox evasion techniques Sandbox hardening Self-directed (metamorphic) code Runtime behavior detection Further obfuscation techniques/signed binaries/behavior randomization
  • 13.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited 13 The 90’s called, they want their endpoint security strategy back Despite… Anti-Virus Application Whitelisting 80% 52% 48% 54% reporting frequent attacks involving software vulnerabilities 92% reporting rising operation costs involving malware Base: 671 IT and IT security practitioners. Source: Ponemon 2013 State of the Endpoint Survey Base: 881 IT Security Decision Makers. Source: Forrester BT Security Survey, Q3 2014 …Many organizations still rely heavily on antivirus. A New Approach Is Needed! 48% Application Priv. Mgmt. 52% 48% Application Sandboxing
  • 14.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited 14 We are hyper focused on the WRONG things
  • 15.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited 15 Organizations Must Refocus Their Endpoint Security Strategies In 2015
  • 16.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited 16 Do a better job of endpoint protection. Managed endpoints Unmanaged endpoints Your Challenges are Twofold Protect your data and operations without owning the assets!
  • 17.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited Five design principles for an effective endpoint security strategy Get your house in order (managed endpoints) Focus on data (unmanaged endpoints) Think thin, think cloud (combined) Zero trust (combined) Eye in the sky (combined)
  • 18.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited 18 Principle No. 1: Get your house in order –attack surface reduction This completes 75% of the work. • Limit Firefox, Opera, and QuickTime • Options include application whitelisting, execution isolation, privilege management • Weigh the pros and cons of each form of app control Exercise application control. Disable Java in web browsers. Deploy the Enhanced Mitigation Experience Toolkit. • Eliminate superfluous applications from your environment. While you are at it:
  • 19.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited 19 Get your house in order — manage your vulnerabilities You need an intelligent patch management system. Endpoint security products that sandbox code within browser is a plus! IE is a bit more complex. Consider this strategy: Browse the Net with Chrome. Keep IE for internal applications. If you see a patch for Flash, Java, or Reader: Patch it, patch it as fast as you can.
  • 20.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited 20 Get your house in order (Summary) An effective endpoint security strategy must: Start with managing vulnerabilities. • Leverage a patch management solution which supports 3rd party applications • Focus on vulnerabilities with an existing exploit • Patch it well, and patch it early. Reduce attack surface through some form of application control. • Figure out which risky applications you don’t need, and eliminate them. • Policy-driven solutions require less effort (ex. trusted publisher, vendor signature, application category, etc) • Build a good exception-handling workflow. Augment with antimalware. • A layered defense = best for security • Measure solutions based on zero-day effectiveness
  • 21.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited 21 Enter unmanaged devices…
  • 22.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited 22 Principle No. 2: Focus on the data, not infrastructure Decouple data and threat protection from the infrastructure • Build security capabilities into the application. • E.g., encryption in the application • E.g., threat detection in the application • Malware • Fraud • Jailbreak Application Data Fortifying this
  • 23.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited Principle No. 3: Think Thin, Think Cloud • If possible: • Thin client • Thin device • Process centrally, present locally • Leverage on cloud delivery and scaling • Requires connection • High Server-side operational load • Endpoint security tools still required
  • 24.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited 24 Principle No. 4: Zero Trust • Authentication is always contextual: › Location, environment, and malware detection . . . all factor into authentication/authorization. • Authorization to access services must be evaluated dynamically • Trust is derived and verified, never assumed
  • 25.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited 25 Principle No. 5: Eye In The Sky • Provides intelligence to focus on the right things • Monitor and control data flows across logical security boundaries • Requires data classification • Increased situational awareness Unmanaged devices, infrastructure Managed devices
  • 26.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited 26 Principle No. 5: Eye In The Sky (Cont’d) › Endpoint Visibility & Control (EVC) provides detailed visibility into activity occurring on the endpoint: • Process executions • Application/file/registry modifications • Network activity • Active memory • Kernel-driver activity › Some provide containment
  • 27.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited Recommendations 1. Implement meaningful app control 2. Run a targeted patch program 3. Deploy recommended practices (DEP, EMET) 4. Improve authentication measures 5. Integrate network and endpoint security controls where possible; aim for increased visibility
  • 28.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited Recommendations 1. Continue to shift focus to unmanaged or lightly managed endpoints 2. Decouple protection from device and infrastructure 3. Think thin, think cloud 4. Toss your trust assumptions 5. Maintain a high level of visibility over your endpoints and data
  • 29.
    © 2015 ForresterResearch, Inc. Reproduction Prohibited #ageofthecustomer Chris Sherman csherman@forrester.com @ChrisShermanFR
  • 30.
    Cloud client- computing The ultimatesecure, manageable and reliable end to end virtual desktop solutions.
  • 31.
    Cloud client-computing • Dell- Internal Use - Confidential Deliver nearly any desktop app to any user on any device Move your desktops to the cloud and: Empower the workforce Enable BYOD, deliver securely to any device, enhance user collaboration Optimize IT resources Reduce IT resources, scale and speed deployment Improve security Control data, recover from disasters, apply policies, comply with regulations, and monitor risk Manage costs Monitor and optimize total cost of ownership, achieve greater utilization from infrastructure assets, reduce energy use
  • 32.
    Cloud client-computing • Dell- Internal Use - Confidential Highly-regulated industries were first to embrace this model to increase security and reduce costs
  • 33.
    Cloud client-computing • Dell- Internal Use - Confidential Solutions that scale with your needs Specialized appliances Reduced TCORapid deploymentEasy installation Your choice of datacenter hardware with… …your choice of pre-tested software options Wyse Datacenter Towers with local storage VRTX (new form factors) Full racks with modular options
  • 34.
    Cloud client-computing • Dell- Internal Use - Confidential Wyse Clients Industry-leading thin clients Secure the most secure thin clients on the planet Versatile tailored clients for Citrix, VMware, and Microsoft Powerful handle demanding tasks from video editing to 3D modeling Connected support a broad range of peripherals Desktop All-in-one Mobile Ultra mobile Dell offers the most extensive selection of secure, easy-to-manage thin and zero clients to suit your budget, application, and performance needs.
  • 35.
    Cloud client-computing • Dell- Internal Use - Confidential See for yourself - next steps More information On the web: Dell.com/wyse Schedule a demo Work with your sales representative to schedule a demo. Access a range of demos, including Dell Enterprise Solutions, Dell DaaS, Dell DVS Simplified Appliance and others. Learn More Engage the experts Engage with your cloud client-computing sales specialist early in the pursuit. Leverage the knowledge of Dell's desktop virtualization experts. a demo at a Dell Solution Center View Dell IT Consulting to assess your needs Engage an Executive Briefing on cloud client-computing strategy Schedule
  • 36.
  • 37.
    ® We believe youcan manage and secure while providing a great user experience
  • 38.
    It’s Not OnlyAbout Security Needs Endpoint manageability License control Profile management Simple Desktop IT Administration Ransomware, phishing, social engineering Unnecessary privileges Audit & Compliance Effective Endpoint Security Performance Flexibility & control Consistency Excellent User Experience
  • 39.
    The most comprehensive UEMplatform. Personalization Environment Manager™ Security Application Manager™ Managed data DataNow™ AppSense management Management Center™ Endpoint analytics Insight™ Optimal capacity & responsiveness Performance Manager™ AppSense AppSense AppSense AppSense AppSense AppSense ® Personalization Policy Privileges Performance Data Analytics Personalization Policy Privileges Performance Data Access Analytics ®
  • 40.
  • 41.
    ®® AppSense User-First Security Secure,manageable, great user experience Privilege Management Least privileges with just in time self-elevation Application Control Manageability & security through Trusted Ownership™ Analytics Visibility into what’s really going on ®
  • 42.
    Global UEM Leader Founded in1999 to help customers deliver a great user experience. • 3400+ customers • 7.5M+ endpoints • 400+ employees AppSense Global HQ in Sunnyvale, California Manchester | Reading | Munich Amsterdam | Paris | Melbourne Sydney | NYC | Sunnyvale | Raleigh 10 GLOBAL LOCATIONS
  • 43.
  • 44.
    ® Thank you! For moreinformation, visit www.appsense.com or email iwanttoknowmore@appsense.com

Editor's Notes

  • #4 The pain of the Windows XP to Windows 7 migration is still fresh in many IT leaders’ minds. AppSense eliminates the need for complex migration projects by allow the full user persona, including user files, to follow users automatically between multiple operating systems.
  • #32 Desktop virtualization helps improve service delivery and competitiveness by simplifying how IT works on systems, dramatically reducing the complexity of the system and making it much more flexible. The IT group can then move from a largely reactive, technical group to a proactive strategic organization. Empowering the workforce – makes it possible for user to bring in an iPad, windows tablet, a Dell PC. Regardless of device your user is going to get the same look at the application, they are all going to have the same level of security. Nothing can be stored on a USB key nothing can be stored on a hard disk. It is secure as you need it to be. Optimize IT resources – managing a fleet of traditional PC is becoming increasing complex. With desktop virtualization, you are moving applications, data, and OS (the desktop) to the data center. There are certain advantages by doing this. IT is able to centrally manage “the virtual desktop” from the data center. Things like adds, moves, changes, back-ups and virus/malware protection. Virtual desktops in the data center also saves IT time and money from remotely troubleshooting PCs vs. physically visiting each PC. Improve security - Is by the design of the architecture. The virtual desktop is secure in the data center and is delivered over a video like protocol. Every end point is like a TV set. Desktop or applications are streaming down to the device, but once the device is turned off nothing resides on the device. One of Dell’s customers, a VA hospital, had a terrible situation where they move to a new ERM system. Someone stole a laptop in the AIDS ward. Normally the notebook hard drive is wiped and then goes up on eBay. The thief in this case knew what they had and the published all of the records on the internet. The hospital was embarrassed, the families were embarrassed. With cloud client-computing that cannot happen, because that data never lands on that laptop. Whenever a device connected to desktop virtualization goes out of its network, usually Wi-Fi, the user can get back to the server. There is no local storage so we can enforce security in a way that meaningful. Managing costs – the cost to deploy applications, the cost to deploy desktops is dramatically simpler when deploying from a data center. Add a user is nothing more that add a thin client on their desk, turning on the instance on the server, and you’re done. There are no installation of applications once its been done.
  • #33 70% of our business is in 5 segments: Healthcare, Government, Education, finance, and retail. These are the highly regulated industries. These are the ones that if a mistake is made in security there can be a target loss of 10% of their business. This is where we focus and desktop virtualization shines.
  • #34 Your choice of datacenter hardware with… We have a complete selection of virtual datacenter infrastructure to meet the needs of our customers. Our Dell DVS brand infrastructure solutions is comprised by a series of offers designed to align with the unique needs of your customers. From on premises solutions from small to large installations, we have it all. And, for customers who would like to easily and quickly pilot or POC desktop virtualization, or deploy a full desktop virtualization solution without buying the infrastructure, Dell offers desktop as a service, running from our own datacenters around the world. Just plug a thin client into the network, and start working. We have virtual environment from virtual workstations which is new. We worked with AMD and NVIDA to develop. So if you have virtual workload that traditional could only have been preformed on Dell Precision workstation (i.e. Finance, CAD / CAM, tank simulations) we can now virtualize that workload. Then starting from a small deployment with 10 seat or a pilot, through mid size with our VRTX technology, up to 50,000 seats. Or largest customer has over 150,000 simultaneously connected thin clients worldwide. Comes down to better scalability due to better density. In January of this year (2014) The average cost to deliver a seat of VDI was $400. A lot of that cost was the SAN. We created a new desktop virtualization environment where we integrated the storage in with the server. We were able to take the cost from $400 a seat down to $190 a seat. More that 50% reduction of cost. Dell has a wide range of data center offerings, better energy utilization, a lot less tools needed. We can spin up an entire environment with the single console. …your choice of pre-tested software options
  • #35 Dell Wyse software, cloud clients, and services provide the ultimate desktop virtualization endpoint solution when it comes to security, ease of use, and ease of management. For organizations looking to invoke a BYOD program and the Dell Wyse Cloud Client Manager cloud-based fixed and mobile device management console allows this ubiquitous user access to be “locked down” safe for both the organization and the user. Dell Wyse cloud clients and software help companies increase security, make their IT teams much more efficient and proactive, and sharply reduce ongoing management, maintenance and energy costs. Dell Wyse thin clients have zero disk and no moving parts, and those based on Dell Wyse ThinOS are the only virus-immune thin client operating system on the planet. Built on a firmware base that has no APIs, addressable ports or any other network-accessible vulnerabilities, ThinOS-based thin clients completely erase the threat of endpoint viruses and malware from any organization’s security equation. Dell Wyse zero clients are designed and purpose-built to complement Citrix, Microsoft, and VMware virtual desktop environments with strong security, outstanding performance, and easy, hands-off device management. Dell Wyse Cloud Connect (ultra mobile) Is a portable enterprise IT-controlled HDMI/MHL cloud device that allows people to convert a capable screen (TV or monitor) into a functioning interactive display controlled through Bluetooth peripherals, touch Interface or remote control on monitor/TV or companion application for smartphones and tablets. “Secure productivity from work, home, and on the go” IT managed enterprise client with outstanding portability, security, and rich user experience accessing broad applications and content in the cloud.
  • #36 You probably have customers now who could benefit from Dell Cloud Client Computing. This presentation was meant as a starting point for the sales journey you’ll make with your customer. Use the links provided to understand more about the offer and what’s possible for your customer. Contact your sales solution representative and engage with them and your customer via demos and interaction.