Slick Cyber Systems, profile picture
Uploaded bySlick Cyber Systems
PPTX, PDF367 views

Security in the enterprise - Why You Need It

Jim Slick is the President and CEO of Slick Cyber Systems. He has over 30 years of experience in IT, including building data centers. His presentation covers various topics related to enterprise security, including gateway security, unified threat management appliances, email security, server security, desktop security, remote user security, disaster recovery and backup, social engineering, security policies, and outsourcing IT functions. He emphasizes the importance of having proper security measures, policies, and expertise in place to protect a business and its data.

Technology
Related topics:
IT Security

Embed presentation

Downloaded 10 times
Security in the Enterprise Jim Slick President and Chief Executive Officer
Presenter Jim Slick, the President and Chief Executive Officer of Slick Cyber Systems has been in the IT industry, professionally, since 1984. In his career, Jim has built many data centers ranging in size from single small-business servers to massive 300+ server fully clustered environments with real-time replication and disaster recovery. Jim’s educational background covers an Electrical Engineering degree as well as a BS degree in Business Administration and an MBA. He has also graduated from the Disney Institute in Florida, has earned his Microsoft Certified Systems Engineer status, as well as many other certifications in the industry.
Security and data theft is the single most important topic any IT professional should consider when reviewing their own infrastructure. Data is the core... the past, present, and future of any business. Data is finance, your intellectual property (IP), your communications, and the list goes on. Without any single component, the company would not survive. Data IS the business! Make sure you have all of your bases covered.
Gateway Security What it is and why you need it…
UTM Appliances • Unified Threat Management: What is it? – Gateway Anti-Virus – Gateway Anti-Spyware – Gateway Intrusion Detection and Prevention – Gateway Content Filtering – State full Inspection Firewall – VPN (Virtual Private Networking)
Security Statistics • Crimeware or APT? Malware’s “Fifty Shades of Grey” – Some cybercriminals build massive botnets to use unsuspecting endpoints for SPAM, distributed denial-of-service (DDoS) attacks, or large-scale click fraud. With the aid of banking Trojans, other cybercriminals create smaller, specialized botnets that focus on stealing bank credentials and credit card information. – Remote access tools, or RATs, are an integral part of the cybercrime toolbox. For example, a recent FireEye investigation into XtremeRAT revealed that it had been propagated by SPAM campaigns that typically distribute Zeus variants and other banking-focused malware. This tactic may stem in part from the realization that compromising retailers can net millions of credit card numbers in one fell swoop. – APT (Advanced Persistent Threat) is a set of stealthy and continuous computer hacking processes, often orchestrated by human(s) targeting a specific entity. APT usually targets organizations and or nations for business or political motives. APT processes require high degree of covertness over a long period of time. As the name implies, APT consists of three major components/processes: advanced, persistent, and threat. The advanced process signifies sophisticated techniques using malware to exploit vulnerabilities in systems. The persistent process suggests that an external command and control is continuously monitoring and extracting data off a specific target. The threat process indicates human involvement in orchestrating the attack
More Security Statistics • The extent to which such attacks are targeted, and not opportunistic, is unclear. The attackers could be singling out specific retailers in advance. Or they could be targeting an entire industry, simply capitalizing on opportunities that arise. • The world of cybercrime features a broad spectrum of bad actors: On one end, highly focused state-sponsored attackers use custom tools and zero-day exploits. On the other end, “commodity” cybercriminals use widely deployed exploit kits that indiscriminately compromise thousands of systems around the globe. • In the middle are (at least) “fifty shades of grey.” One class of attacker mixes publicly available malware platforms and custom tools. These latter cases suggest that it is not always easy to estimate the size or sophistication of an adversary simply by finding one piece of what may be a far larger puzzle. • Bottom line, the puzzle is very complex and very large.
Even More Security Statistics • Medical Facts: • The Identity Theft Resource Center® recorded 614 breaches on the 2013 ITRC Breach List, a dramatic increase of 30% over the total number of breaches tracked in 2012. The Healthcare sector accounted for 43.8% of the total breaches on this list, overtaking the business sector at 34.4% for the first time since 2005, when the ITRC first began tracking data breaches. This comes as no surprise to the ITRC, with more and more breaches being reported to the Department of Health and Human Services (HHS). Additionally, due to the mandatory reporting requirement for healthcare industry breaches affecting 500 or more individuals, 87% of these healthcare breaches publicly stated the number of records exposed. The fact that a sector with a large percentage of breaches, with most entities publicly reporting the number of records, stands out significantly when compared to the 40.1% of incidents in 2013 in which the number of records exposed is unknown! • Don’t think it won’t happen to you. These statistics are real. Chances are one of you have already had a brush with it. Average number of U.S. identity fraud victims annually 11,571,900 Percent of U.S. households that reported some type of identity fraud 7 % Average financial loss per identity theft incident $4,930 Total financial loss attributed to identity theft in 2012 $24.7 billion Total financial loss attributed to identity theft in 2010 $13.2 billion
E-Mail Security What it is and why you need it…
E-Mail Security • Do you host e-mail internally or externally? – Externally? • POP3? Exchange? – Internally? • Exchange? Other? • Are YOU protected from SPAM and phishing attacks? If you are using POP3, good luck. If you are using Exchange, we have a solution.
E-Mail Security • If you host externally, there are outsourced scanning options available. • If you host internally, there are both outsourced and in-sourced options. Both are good. Think security first and what is YOUR exposed risk.
E-Mail Security • SPAM: Also known as junk mail. Most of these are harmless. Interesting statistic: 98.7% of all e-mail is SPAM. How’s that for clogging your internet connection or mail server (and how about backup costs for that junk)! • Phishing: These are the nasty folks who are actively trying to steal your user names, passwords, SS numbers, etc. They succeed all too frequently. Look for improper diction and mis- spellings or domain names that just don’t ‘look right’. • Virus Activity: Joke messages. Most are just jokes, some are not. Once it hits your server (especially if it’s polymorphic or a worm), you’re about done without the proper protection. • When it doubt, delete it without opening it. If you think it may be real, call the sender and verify its authenticity.
E-mail Security • What should I use? – Gateway: Install an e-mail appliance that will do the initial scan of mail or use an external scanning product like our Intel SCS EagleWing Ultimate Defense. Most is stopped here. – E-Mail Server (Exchange): Microsoft Forefront or Gfi’s Mail Security. It will stop infected messages that happen to make it in and will definitely stop worms. – User Education: This is the most important … Educate your users on what SPAM and phishing looks like!
Server Security What it is and why you need it…
Server based antivirus and anti-malware protection • Server based antivirus and anti-malware protection – IF I have anti-virus on the gateway, why do I need this too? • No one device or software package is perfect. It adds the final level of protection your servers and clients require. What if they bring in an infected file themselves from a pen drive or CD and drop it right on your network drive? It’s the only line of defense then. • Messaging level antivirus and anti-malware protection – If I have an e-mail security device, why do I need this? • As mentioned before, not everything is perfect. It adds that extra protection. If you have a company white listed on your external appliance you are now relying on them to be 100% secure … do you really trust anyone that much?
Server Security • Is antivirus software all I need? – No. You should also have anti-spyware software as well. Some packages do both, that doesn’t mean they are that good. Be careful and know your options.
Hosted Systems Security • How do I protect a hosted solution? – You can’t. You, unfortunately, need to rely on the hosted solutions providers ability to control security. Most EHR/EMR systems are hosted. – Be careful when selecting a vendor … know your vendor and your options if a breach occurs! – Make sure you have your gateway and desktops secured. – Educate your users!!
Desktop Security What it is and why you need it…
• Desktop based antivirus and anti-malware – Why do I need these too? • This is the last level of physical defense. Why would you go this far and not protect the very machines the users are working on?!? – Will it protect me from phishing sites? • No. Phishing sites aren’t local to your network. Users are lured into the trap. The firewall thinks the user knows what they are doing and allows the traffic to pass. User gives passwords … end of story.
• Browser Choices: – IE, Firefox, Opera, Google Chrome? What to use? • I am a firm believer that IE is just fine. • Firefox is still the number one hacked browser. They need to play ‘catch-up’ with their security. • Chrome is okay, but lacks the level of support that Microsoft has. • Everything else is a joke … stay away! – Is IE really as bad as ‘they’ say? • No, it is the most patched and watched browser available. It comes with your OS making it less work (i.e., IT $$). • Like anything in IT ... keep it patched!!!
• Operating System Choices – Windows 8, Windows 7, Windows Vista, or Windows XP: Which is more secure and should you upgrade? • XP – Windows XP is now retired and no longer support. It’s was the 2nd most hacked OS in the history of Windows (95 was the most). • Vista – Very stable. More difficult to hack than XP or other OS’s. – Had a bad ‘rap’, but was more robust than XP. • Windows 7 – Very stable. More difficult to hack than XP or other OS’s. – Still the most used OS in business • Windows 8 – Is all of the hype worth it? » Yes. It’s networking subsystem alone is tuned so well (for performance) that your network traffic will be reduced by 18+% and you will notice a significant performance gain in accessing network shares and apps. » It is extremely secure. » Get the right resources to help you deploy. It is NOT XP! – Mac’s? Do you really think they are impervious to virus activity and hacking? • It’s the hackers new frontier. Being a subset of Linux, it’s a very ‘hackable’ platform. 98% of all hacking software is developed on Linux. • The SUN story. 1992 … the keystroke hack that took UNIX by storm.
Server OS Choices • Still running 2000 Server? You are really pushing your luck. Upgrade now. • Windows 2003: Good server OS. Stable, secure. Will be obsolete next year. • Windows 2008: Even better. More stable. More secure. • Server 2012: The most secure server platform to date (based on Windows 8 code). Why would you not want to run it? Applications will decide. Push your vendors to certify their code on 2012 now!
Remote Users How do we keep our remote users safe?
Remote Users – What do they do? • Notebooks – Remote Access / VPN – Tons of wireless connectivity, especially in public places like airports, coffee shops, and hotels. • SmartPhones & Tablets – Remote e-mail – iPhone/Droid/Windows
Remote Users • How do we protect them? – Start with a good set of policies and procedures • Restrict certain types of public access • Restrict certain web sites – Local Antivirus and anti-spyware • Make sure you have a policy to keep it up to date. – Don’t allow data storage on the local drive • Make them connect to VPN to store their files on a file server. This protects the company from data loss as well as data theft. – Force all updates (Microsoft, AV, etc) daily
BYOD The greatest threat posed to IT in years. • What is BYOD? • Bring Your Own Device (tablet, phone, etc) • Why is it unsafe? • You have no idea what that person does at night! • Have a policy … better yet, don’t allow it!!
Disaster Recovery/Business Continuity and Backup What if … a question that should be asked…
Why do I need a DR plan? • Do you have a plan? • If so, is it just IT (Disaster Recovery) or the entire business (Business Continuity)? • Don’t have one? – Who should be working on it? – What else would I need other than my computer data? • Paper: Sometimes you need it… • Have you considered an offsite backup solution? – Don’t be fooled by ‘cheap’ solutions. You get what you pay for. • Real-time replication may be a better fit depending on data criticality. • At least get your data off site … daily! • What about DR centers? What do they have to offer? • Have you tested your plan? – Tests should be conducted at least once a year
Social Engineering How well do you know your employees?
What is Social Engineering Anyway? • Colleagues / employees / friends sharing passwords • Screens not being locked when walking away • Access to the building … posing as an employee when you are not. • Training for all employees .. especially executives! – Test your employees … see if your training has paid off.
Security Policies Why is this important?
Policies … how will that help? • Data retention – If you have a data retention policy and you get sued, you are only responsible for whatever your policy states. If you do not have one, the prosecutors can put a freeze on your servers (not allow access) and you are responsible for every piece of data and e-mail that you have on your systems. They will search everything. Remember, users will keep everything given the chance. • Security – Have policies that state clearly what corporate software is to be used and how it is to be updated. – Don’t let your programming staff tell you that OS patches cannot be installed. This is a pile of rubbish in most instances. It becomes an excuse for not keeping their code up to date. • Internet usage – Keep your employees from the ‘bad’ sites and avoid HR issues by clearly telling them what they can and cannot do. – Install monitoring tools if necessary. – Content management … your friend and your enemy. • Train your employees when they are hired, not six months later!
Hire Professionals when you need them •Outsourced IT consulting and service •Get it right from design to implementation. •Just because your in-house person can reformat a PC doesn’t mean they know how to install a server (let alone a security device!) •This is a critical problem that most companies fail on. Let experts do what they are trained to do. You’ll get it right the first time and save money doing it!
Outsourcing part or all of your IT • If you have never considered this? – Most companies that do this realize savings of up to 50% in the first year alone. – Upfront costs mean nothing. Look at the big picture. • Design and install are right the first time. • Zero unplanned down time. • Pay as you need and get an expert every time.
Summary • Do you buy car insurance? • Do you buy health insurance? • Do you buy life insurance? • Do you buy business insurance? • Why would you risk your data … your Company … your Patients’ … to not have the proper IT expertise, equipment, policies, and procedures in place. Do IT right!
Thank You!!!

More Related Content

PPT
Network Threats
byDan Oblak
 
PDF
Best Practices for Security Awareness and Training
byKimberly Hood
 
PDF
Information security awareness, middle management
byhaneen Emeir, CISA, ISO27001
 
PPT
BASIC IT AND CYBER SECURITY AWARENESS
byMd Abu Syeem Dipu
 
PPT
Threats and Security Tips of Computer System
byFaruk_Hossen
 
PPTX
Hyphenet Security Awareness Training
byJen Ruhman
 
PPTX
PACE-IT, Security+3.5: Types of Application Attacks (part 2)
byPace IT at Edmonds Community College
 
PPTX
Network Security of Data Protection
byUthsoNandy
 
Network Threats
byDan Oblak
 
Best Practices for Security Awareness and Training
byKimberly Hood
 
Information security awareness, middle management
byhaneen Emeir, CISA, ISO27001
 
BASIC IT AND CYBER SECURITY AWARENESS
byMd Abu Syeem Dipu
 
Threats and Security Tips of Computer System
byFaruk_Hossen
 
Hyphenet Security Awareness Training
byJen Ruhman
 
PACE-IT, Security+3.5: Types of Application Attacks (part 2)
byPace IT at Edmonds Community College
 
Network Security of Data Protection
byUthsoNandy
 

What's hot

PDF
Social Engineering Audit & Security Awareness
byCBIZ, Inc.
 
PPT
IT Security for the Physical Security Professional
byciso_insights
 
PPTX
PACE-IT: Common Threats (part 1)
byPace IT at Edmonds Community College
 
PPTX
PACE-IT, Security+1.1: Introduction to Network Devices (part 3)
byPace IT at Edmonds Community College
 
PPTX
PACE-IT, Security+3.4: Summary of Wireless Attacks
byPace IT at Edmonds Community College
 
PPTX
PACE-IT, Security+3.3: Summary of Social Engineering Attacks
byPace IT at Edmonds Community College
 
PDF
Chapter 2 konsep dasar keamanan
bynewbie2019
 
PPT
security and ethical challenges
byVineet Dubey
 
PDF
Network monitoring white paper
byImaging Network Technology, LLC
 
DOC
System Security Threats and Risks)
byBPalmer13
 
PPTX
information security and backup system
byEngr. Md. Jamal Uddin Rayhan
 
PPTX
Computer security and
byRana Usman Sattar
 
PDF
Combating Advanced Persistent Threats with Flow-based Security Monitoring
byLancope, Inc.
 
PPTX
Introduction to ethics
bySaqib Raza
 
PPTX
PACE-IT, Security+3.5: Types of Application Attacks (part 1)
byPace IT at Edmonds Community College
 
DOCX
Giarritano concept paper 4
byleahg118
 
PPTX
PACE-IT, Security+ 4.3: Solutions to Establish Host Security
byPace IT at Edmonds Community College
 
PPTX
PACE-IT, Security+3.2: Summary of Types of Attacks (part 1)
byPace IT at Edmonds Community College
 
PDF
Chapter 4 Computer Science :: Computer Ethics and Security
byFizaril Amzari Omar
 
PPTX
PACE-IT, Security+1.5: Wireless Security Considerations
byPace IT at Edmonds Community College
 
Social Engineering Audit & Security Awareness
byCBIZ, Inc.
 
IT Security for the Physical Security Professional
byciso_insights
 
PACE-IT: Common Threats (part 1)
byPace IT at Edmonds Community College
 
PACE-IT, Security+1.1: Introduction to Network Devices (part 3)
byPace IT at Edmonds Community College
 
PACE-IT, Security+3.4: Summary of Wireless Attacks
byPace IT at Edmonds Community College
 
PACE-IT, Security+3.3: Summary of Social Engineering Attacks
byPace IT at Edmonds Community College
 
Chapter 2 konsep dasar keamanan
bynewbie2019
 
security and ethical challenges
byVineet Dubey
 
Network monitoring white paper
byImaging Network Technology, LLC
 
System Security Threats and Risks)
byBPalmer13
 
information security and backup system
byEngr. Md. Jamal Uddin Rayhan
 
Computer security and
byRana Usman Sattar
 
Combating Advanced Persistent Threats with Flow-based Security Monitoring
byLancope, Inc.
 
Introduction to ethics
bySaqib Raza
 
PACE-IT, Security+3.5: Types of Application Attacks (part 1)
byPace IT at Edmonds Community College
 
Giarritano concept paper 4
byleahg118
 
PACE-IT, Security+ 4.3: Solutions to Establish Host Security
byPace IT at Edmonds Community College
 
PACE-IT, Security+3.2: Summary of Types of Attacks (part 1)
byPace IT at Edmonds Community College
 
Chapter 4 Computer Science :: Computer Ethics and Security
byFizaril Amzari Omar
 
PACE-IT, Security+1.5: Wireless Security Considerations
byPace IT at Edmonds Community College
 

Similar to Security in the enterprise - Why You Need It

PPTX
Network
bySowndar S
 
PDF
Cybercrime - An essential guide from Thawte
byRapidSSLOnline.com
 
PDF
fundamentals of Cybersecurity Lesion 1.pdf
byadamgaidam
 
PPT
Cyber Security-Foundation.ppt
byErAdityaSingh1
 
PPTX
Security Minded - Ransomware Awareness
byGreg Wartes, MCP
 
PPTX
Cyber Security and Healthcare
byJonathon Coulter
 
PPTX
The Evolution of Cybercrime
byStephen Cobb
 
PPT
Cyber-Security-.ppt
bykarthikvcyber
 
PPTX
2nd Class PPT.pptx
bySibyJames1
 
PDF
DWP Cybersecurity 101 for Nonprofits
byDWP Information Architects Inc.
 
PPTX
Lecture 2.pptx
byMuhammadRehan856177
 
PPTX
Delivering Security with GFI MAX - Mark Petrie
byMAXfocus
 
PDF
Getting users to care about security
byAlison Gianotto
 
PPT
Cyber-Security.ppt
bySeniorGaming
 
PPTX
Lecture 2.pptx
byMuhammadRehan856177
 
PPTX
Delivering Security with the MAX RemoteManagement Platform - Paul Fenwick
byMAXfocus
 
PPT
L N Yadav Cyber SECURITY.ppt
bylowlesh1
 
PPT
L N Yadav Cyber SECURITY2.ppt
bylowlesh1
 
PPTX
Cyber security awareness for end users
byNetWatcher
 
PPSX
csa2014 IBC
byapyn
 
Network
bySowndar S
 
Cybercrime - An essential guide from Thawte
byRapidSSLOnline.com
 
fundamentals of Cybersecurity Lesion 1.pdf
byadamgaidam
 
Cyber Security-Foundation.ppt
byErAdityaSingh1
 
Security Minded - Ransomware Awareness
byGreg Wartes, MCP
 
Cyber Security and Healthcare
byJonathon Coulter
 
The Evolution of Cybercrime
byStephen Cobb
 
Cyber-Security-.ppt
bykarthikvcyber
 
2nd Class PPT.pptx
bySibyJames1
 
DWP Cybersecurity 101 for Nonprofits
byDWP Information Architects Inc.
 
Lecture 2.pptx
byMuhammadRehan856177
 
Delivering Security with GFI MAX - Mark Petrie
byMAXfocus
 
Getting users to care about security
byAlison Gianotto
 
Cyber-Security.ppt
bySeniorGaming
 
Lecture 2.pptx
byMuhammadRehan856177
 
Delivering Security with the MAX RemoteManagement Platform - Paul Fenwick
byMAXfocus
 
L N Yadav Cyber SECURITY.ppt
bylowlesh1
 
L N Yadav Cyber SECURITY2.ppt
bylowlesh1
 
Cyber security awareness for end users
byNetWatcher
 
csa2014 IBC
byapyn
 

Recently uploaded

PDF
How does MES(Manufacturing Execution System) work?
byakipii ogaoga
 
PPTX
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
 
PDF
NTG -Company Profile_Software_Vendor_Company_in_MENA
byMustafa Kuğu
 
PDF
Constraint Collapse and Fidelity Decay in Scaled Language Models
bySemantic Fidelity Lab | A. Jacobs
 
PDF
UiPath Modern Automation Playbook -Session 2
bysuhanisingh58689
 
PDF
Security-Fails-in-the-Gaps-Between-Systems.pptx.pdf
byOhhproJunction
 
PDF
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
PDF
Escape from the Forbidden Zone: Smuggling green and inclusive tech past the g...
byBookNet Canada
 
PDF
Effortless Distributed Systems with Aspire.pdf
byParticular Software
 
PDF
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
PDF
Preserve workload integrity during cross-architecture migration
byPrincipled Technologies
 
PPTX
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
PDF
GenerationAI_Paris_2025_Architecting_Intelligence.pdf
byapidays
 
PDF
Explaining the flow of purpose-specific BOM
byakipii ogaoga
 
PPTX
Workflow and decision Automation with Flowable
bychakib ch
 
PDF
Transcript: Escape from the Forbidden Zone: Smuggling green and inclusive tec...
byBookNet Canada
 
PPTX
Celonis Optimizing your future with process
bydevjeremyappleyard
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 3
byDianaGray10
 
PDF
Odoo Implementation Checklist: A Strategic ERP Blueprint for Business-Ready D...
byBANIBRO IT SOLUTION
 
PDF
apidays New York 2025 | AI in Application Security
byapidays
 
How does MES(Manufacturing Execution System) work?
byakipii ogaoga
 
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
 
NTG -Company Profile_Software_Vendor_Company_in_MENA
byMustafa Kuğu
 
Constraint Collapse and Fidelity Decay in Scaled Language Models
bySemantic Fidelity Lab | A. Jacobs
 
UiPath Modern Automation Playbook -Session 2
bysuhanisingh58689
 
Security-Fails-in-the-Gaps-Between-Systems.pptx.pdf
byOhhproJunction
 
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
Escape from the Forbidden Zone: Smuggling green and inclusive tech past the g...
byBookNet Canada
 
Effortless Distributed Systems with Aspire.pdf
byParticular Software
 
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
Preserve workload integrity during cross-architecture migration
byPrincipled Technologies
 
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
GenerationAI_Paris_2025_Architecting_Intelligence.pdf
byapidays
 
Explaining the flow of purpose-specific BOM
byakipii ogaoga
 
Workflow and decision Automation with Flowable
bychakib ch
 
Transcript: Escape from the Forbidden Zone: Smuggling green and inclusive tec...
byBookNet Canada
 
Celonis Optimizing your future with process
bydevjeremyappleyard
 
UiPath Automation Developer Associate Training Series 2026 - Session 3
byDianaGray10
 
Odoo Implementation Checklist: A Strategic ERP Blueprint for Business-Ready D...
byBANIBRO IT SOLUTION
 
apidays New York 2025 | AI in Application Security
byapidays
 

Security in the enterprise - Why You Need It

  • 1.
    Security in theEnterprise Jim Slick President and Chief Executive Officer
  • 2.
    Presenter Jim Slick, thePresident and Chief Executive Officer of Slick Cyber Systems has been in the IT industry, professionally, since 1984. In his career, Jim has built many data centers ranging in size from single small-business servers to massive 300+ server fully clustered environments with real-time replication and disaster recovery. Jim’s educational background covers an Electrical Engineering degree as well as a BS degree in Business Administration and an MBA. He has also graduated from the Disney Institute in Florida, has earned his Microsoft Certified Systems Engineer status, as well as many other certifications in the industry.
  • 3.
    Security and datatheft is the single most important topic any IT professional should consider when reviewing their own infrastructure. Data is the core... the past, present, and future of any business. Data is finance, your intellectual property (IP), your communications, and the list goes on. Without any single component, the company would not survive. Data IS the business! Make sure you have all of your bases covered.
  • 4.
    Gateway Security What itis and why you need it…
  • 5.
    UTM Appliances • UnifiedThreat Management: What is it? – Gateway Anti-Virus – Gateway Anti-Spyware – Gateway Intrusion Detection and Prevention – Gateway Content Filtering – State full Inspection Firewall – VPN (Virtual Private Networking)
  • 6.
    Security Statistics • Crimewareor APT? Malware’s “Fifty Shades of Grey” – Some cybercriminals build massive botnets to use unsuspecting endpoints for SPAM, distributed denial-of-service (DDoS) attacks, or large-scale click fraud. With the aid of banking Trojans, other cybercriminals create smaller, specialized botnets that focus on stealing bank credentials and credit card information. – Remote access tools, or RATs, are an integral part of the cybercrime toolbox. For example, a recent FireEye investigation into XtremeRAT revealed that it had been propagated by SPAM campaigns that typically distribute Zeus variants and other banking-focused malware. This tactic may stem in part from the realization that compromising retailers can net millions of credit card numbers in one fell swoop. – APT (Advanced Persistent Threat) is a set of stealthy and continuous computer hacking processes, often orchestrated by human(s) targeting a specific entity. APT usually targets organizations and or nations for business or political motives. APT processes require high degree of covertness over a long period of time. As the name implies, APT consists of three major components/processes: advanced, persistent, and threat. The advanced process signifies sophisticated techniques using malware to exploit vulnerabilities in systems. The persistent process suggests that an external command and control is continuously monitoring and extracting data off a specific target. The threat process indicates human involvement in orchestrating the attack
  • 7.
    More Security Statistics •The extent to which such attacks are targeted, and not opportunistic, is unclear. The attackers could be singling out specific retailers in advance. Or they could be targeting an entire industry, simply capitalizing on opportunities that arise. • The world of cybercrime features a broad spectrum of bad actors: On one end, highly focused state-sponsored attackers use custom tools and zero-day exploits. On the other end, “commodity” cybercriminals use widely deployed exploit kits that indiscriminately compromise thousands of systems around the globe. • In the middle are (at least) “fifty shades of grey.” One class of attacker mixes publicly available malware platforms and custom tools. These latter cases suggest that it is not always easy to estimate the size or sophistication of an adversary simply by finding one piece of what may be a far larger puzzle. • Bottom line, the puzzle is very complex and very large.
  • 8.
    Even More SecurityStatistics • Medical Facts: • The Identity Theft Resource Center® recorded 614 breaches on the 2013 ITRC Breach List, a dramatic increase of 30% over the total number of breaches tracked in 2012. The Healthcare sector accounted for 43.8% of the total breaches on this list, overtaking the business sector at 34.4% for the first time since 2005, when the ITRC first began tracking data breaches. This comes as no surprise to the ITRC, with more and more breaches being reported to the Department of Health and Human Services (HHS). Additionally, due to the mandatory reporting requirement for healthcare industry breaches affecting 500 or more individuals, 87% of these healthcare breaches publicly stated the number of records exposed. The fact that a sector with a large percentage of breaches, with most entities publicly reporting the number of records, stands out significantly when compared to the 40.1% of incidents in 2013 in which the number of records exposed is unknown! • Don’t think it won’t happen to you. These statistics are real. Chances are one of you have already had a brush with it. Average number of U.S. identity fraud victims annually 11,571,900 Percent of U.S. households that reported some type of identity fraud 7 % Average financial loss per identity theft incident $4,930 Total financial loss attributed to identity theft in 2012 $24.7 billion Total financial loss attributed to identity theft in 2010 $13.2 billion
  • 9.
    E-Mail Security What itis and why you need it…
  • 10.
    E-Mail Security • Doyou host e-mail internally or externally? – Externally? • POP3? Exchange? – Internally? • Exchange? Other? • Are YOU protected from SPAM and phishing attacks? If you are using POP3, good luck. If you are using Exchange, we have a solution.
  • 11.
    E-Mail Security • Ifyou host externally, there are outsourced scanning options available. • If you host internally, there are both outsourced and in-sourced options. Both are good. Think security first and what is YOUR exposed risk.
  • 12.
    E-Mail Security • SPAM:Also known as junk mail. Most of these are harmless. Interesting statistic: 98.7% of all e-mail is SPAM. How’s that for clogging your internet connection or mail server (and how about backup costs for that junk)! • Phishing: These are the nasty folks who are actively trying to steal your user names, passwords, SS numbers, etc. They succeed all too frequently. Look for improper diction and mis- spellings or domain names that just don’t ‘look right’. • Virus Activity: Joke messages. Most are just jokes, some are not. Once it hits your server (especially if it’s polymorphic or a worm), you’re about done without the proper protection. • When it doubt, delete it without opening it. If you think it may be real, call the sender and verify its authenticity.
  • 13.
    E-mail Security • Whatshould I use? – Gateway: Install an e-mail appliance that will do the initial scan of mail or use an external scanning product like our Intel SCS EagleWing Ultimate Defense. Most is stopped here. – E-Mail Server (Exchange): Microsoft Forefront or Gfi’s Mail Security. It will stop infected messages that happen to make it in and will definitely stop worms. – User Education: This is the most important … Educate your users on what SPAM and phishing looks like!
  • 14.
    Server Security What itis and why you need it…
  • 15.
    Server based antivirusand anti-malware protection • Server based antivirus and anti-malware protection – IF I have anti-virus on the gateway, why do I need this too? • No one device or software package is perfect. It adds the final level of protection your servers and clients require. What if they bring in an infected file themselves from a pen drive or CD and drop it right on your network drive? It’s the only line of defense then. • Messaging level antivirus and anti-malware protection – If I have an e-mail security device, why do I need this? • As mentioned before, not everything is perfect. It adds that extra protection. If you have a company white listed on your external appliance you are now relying on them to be 100% secure … do you really trust anyone that much?
  • 16.
    Server Security • Isantivirus software all I need? – No. You should also have anti-spyware software as well. Some packages do both, that doesn’t mean they are that good. Be careful and know your options.
  • 17.
    Hosted Systems Security •How do I protect a hosted solution? – You can’t. You, unfortunately, need to rely on the hosted solutions providers ability to control security. Most EHR/EMR systems are hosted. – Be careful when selecting a vendor … know your vendor and your options if a breach occurs! – Make sure you have your gateway and desktops secured. – Educate your users!!
  • 18.
    Desktop Security What itis and why you need it…
  • 19.
    • Desktop basedantivirus and anti-malware – Why do I need these too? • This is the last level of physical defense. Why would you go this far and not protect the very machines the users are working on?!? – Will it protect me from phishing sites? • No. Phishing sites aren’t local to your network. Users are lured into the trap. The firewall thinks the user knows what they are doing and allows the traffic to pass. User gives passwords … end of story.
  • 20.
    • Browser Choices: –IE, Firefox, Opera, Google Chrome? What to use? • I am a firm believer that IE is just fine. • Firefox is still the number one hacked browser. They need to play ‘catch-up’ with their security. • Chrome is okay, but lacks the level of support that Microsoft has. • Everything else is a joke … stay away! – Is IE really as bad as ‘they’ say? • No, it is the most patched and watched browser available. It comes with your OS making it less work (i.e., IT $$). • Like anything in IT ... keep it patched!!!
  • 21.
    • Operating SystemChoices – Windows 8, Windows 7, Windows Vista, or Windows XP: Which is more secure and should you upgrade? • XP – Windows XP is now retired and no longer support. It’s was the 2nd most hacked OS in the history of Windows (95 was the most). • Vista – Very stable. More difficult to hack than XP or other OS’s. – Had a bad ‘rap’, but was more robust than XP. • Windows 7 – Very stable. More difficult to hack than XP or other OS’s. – Still the most used OS in business • Windows 8 – Is all of the hype worth it? » Yes. It’s networking subsystem alone is tuned so well (for performance) that your network traffic will be reduced by 18+% and you will notice a significant performance gain in accessing network shares and apps. » It is extremely secure. » Get the right resources to help you deploy. It is NOT XP! – Mac’s? Do you really think they are impervious to virus activity and hacking? • It’s the hackers new frontier. Being a subset of Linux, it’s a very ‘hackable’ platform. 98% of all hacking software is developed on Linux. • The SUN story. 1992 … the keystroke hack that took UNIX by storm.
  • 22.
    Server OS Choices •Still running 2000 Server? You are really pushing your luck. Upgrade now. • Windows 2003: Good server OS. Stable, secure. Will be obsolete next year. • Windows 2008: Even better. More stable. More secure. • Server 2012: The most secure server platform to date (based on Windows 8 code). Why would you not want to run it? Applications will decide. Push your vendors to certify their code on 2012 now!
  • 23.
    Remote Users How dowe keep our remote users safe?
  • 24.
    Remote Users –What do they do? • Notebooks – Remote Access / VPN – Tons of wireless connectivity, especially in public places like airports, coffee shops, and hotels. • SmartPhones & Tablets – Remote e-mail – iPhone/Droid/Windows
  • 25.
    Remote Users • Howdo we protect them? – Start with a good set of policies and procedures • Restrict certain types of public access • Restrict certain web sites – Local Antivirus and anti-spyware • Make sure you have a policy to keep it up to date. – Don’t allow data storage on the local drive • Make them connect to VPN to store their files on a file server. This protects the company from data loss as well as data theft. – Force all updates (Microsoft, AV, etc) daily
  • 26.
    BYOD The greatest threatposed to IT in years. • What is BYOD? • Bring Your Own Device (tablet, phone, etc) • Why is it unsafe? • You have no idea what that person does at night! • Have a policy … better yet, don’t allow it!!
  • 27.
    Disaster Recovery/Business Continuity andBackup What if … a question that should be asked…
  • 28.
    Why do Ineed a DR plan? • Do you have a plan? • If so, is it just IT (Disaster Recovery) or the entire business (Business Continuity)? • Don’t have one? – Who should be working on it? – What else would I need other than my computer data? • Paper: Sometimes you need it… • Have you considered an offsite backup solution? – Don’t be fooled by ‘cheap’ solutions. You get what you pay for. • Real-time replication may be a better fit depending on data criticality. • At least get your data off site … daily! • What about DR centers? What do they have to offer? • Have you tested your plan? – Tests should be conducted at least once a year
  • 29.
    Social Engineering How welldo you know your employees?
  • 30.
    What is SocialEngineering Anyway? • Colleagues / employees / friends sharing passwords • Screens not being locked when walking away • Access to the building … posing as an employee when you are not. • Training for all employees .. especially executives! – Test your employees … see if your training has paid off.
  • 31.
    Security Policies Why isthis important?
  • 32.
    Policies … howwill that help? • Data retention – If you have a data retention policy and you get sued, you are only responsible for whatever your policy states. If you do not have one, the prosecutors can put a freeze on your servers (not allow access) and you are responsible for every piece of data and e-mail that you have on your systems. They will search everything. Remember, users will keep everything given the chance. • Security – Have policies that state clearly what corporate software is to be used and how it is to be updated. – Don’t let your programming staff tell you that OS patches cannot be installed. This is a pile of rubbish in most instances. It becomes an excuse for not keeping their code up to date. • Internet usage – Keep your employees from the ‘bad’ sites and avoid HR issues by clearly telling them what they can and cannot do. – Install monitoring tools if necessary. – Content management … your friend and your enemy. • Train your employees when they are hired, not six months later!
  • 33.
    Hire Professionals whenyou need them •Outsourced IT consulting and service •Get it right from design to implementation. •Just because your in-house person can reformat a PC doesn’t mean they know how to install a server (let alone a security device!) •This is a critical problem that most companies fail on. Let experts do what they are trained to do. You’ll get it right the first time and save money doing it!
  • 34.
    Outsourcing part orall of your IT • If you have never considered this? – Most companies that do this realize savings of up to 50% in the first year alone. – Upfront costs mean nothing. Look at the big picture. • Design and install are right the first time. • Zero unplanned down time. • Pay as you need and get an expert every time.
  • 35.
    Summary • Do youbuy car insurance? • Do you buy health insurance? • Do you buy life insurance? • Do you buy business insurance? • Why would you risk your data … your Company … your Patients’ … to not have the proper IT expertise, equipment, policies, and procedures in place. Do IT right!
  • 36.