/
Lock, Stock & Two Smoking Smart Devices! Lock, Stock & Two Smoking Smart Devices!

Lock, Stock & Two Smoking Smart Devices! - PowerPoint Presentation

briana-ranney
briana-ranney . @briana-ranney
Follow
354 views
Uploaded On 2018-11-21

Lock, Stock & Two Smoking Smart Devices! - PPT Presentation

SIA310 Andy Malone CEO amp Founder The Cybercrime Security Forum Follow me AndyMalone Andrewmalonequalitytrainingcouk SIA310 Agenda Introduction Perimeter Security Why it No Longer Works ID: 732469

access byod data security byod access security data amp microsoft server cloud policies solutions device direct remote application mobile

Share:

Link:

Embed:

Download Presentation from below link

Download Presentation The PPT/PDF document "Lock, Stock & Two Smoking Smart Devi..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.


Presentation Transcript

Slide1

Lock, Stock & Two Smoking Smart Devices!

SIA310Andy MaloneCEO & FounderThe Cybercrime Security ForumFollow me @AndyMalone

Andrew.malone@quality-training.co.uk

SIA310Slide2

Agenda

IntroductionPerimeter Security: Why it No Longer Works!The Proliferation of Smart DevicesBYOPC: Assessing the RiskPlanning & Designing BYOD Solutions BYOD: Virtualization Solutions

BYOD In the Cloud!Mobile Device Security SolutionsBYOD: Getting LegalSession ReviewSlide3

"We are undoubtedly experiencing the most diverse computing landscape in perhaps 15 or 20 years,"

Keir Thomas wrote for PCWorldSlide4

The Traditional Industrial Security Model

Assets: Equipment, Machines etc.

are Traditionally held within a PerimeterEmployees (Users) Must Enter the Perimeter in Order to Access the AssetsThe Perimeter is Guarded by a Gatehouse & GuardsSlide5

Trusted

Internal Network

R

isks

Internet

Traditional Perimeter Based Security

Remote Access

Firewall

Content filtering VPN

Theft

Application vulnerabilities

Compliance

IPS

Active Directory / DNSSlide6

Perimeter Security: Why it No Longer Works!

Threats to the Perimeter:People are the Weakest Link!

Mobile Devices outside of the office, (Phone, Laptop USB keys etc…)Visitors to your SitePoor Social Networking PracticesRemote AccessCloud computing Slide7

The One Size Fits all Network Concept No longer Works!

Mobile Devices are Responsible for the ShiftDell Predicted that the Mobile Work Force

will one day be full of mobile devicesBYOD must be covered under Corporate Mobility Management Solutions and Policies that manage company Wireless DevicesBYOD Has caused a Major shift in traditional business environments and vendors including Microsoft

Proliferation of Smart DevicesSlide8

BYOD: The BenefitsSlide9

BYOD: The Business ChallengesSlide10

Represents a significant challenge for the security professional

Employees bring in their new devices into the office with the expectation that they can use them at workRegardless of corporate policy, organisations are challenged on a daily basis to provide support for a huge range of devices

The BYOD Secuirty NightmareSlide11

Planning & Deploying

a BYOD SolutionBYODSlide12

First! Decide on Who’s in Control?

I Want you to Support my

Windows Phone

No I Want you Support

My IPhone & My New Laptop

Aghhhh

$%*&(*))”!@Slide13

Compliance Framework

Information Security Policy

Security

Privacy &Regulatory

Service Continuity

BYOPC: Security & Compliance ConsiderationsSlide14

BYOD: Assessing the Risk!Slide15

Preparing for BYOD!Slide16

Clarify

the Corporate Policy Supplement this with Education and Updated Technology Controls to act as Enforcement and

Monitoring Encourage Secure Behaviour Discourage Bad PracticesControls Used Within Enterprises should be Able to Support the Consumerisation Trends, e.g. Ability to Partially Wipe Personal D

evicesCombine with Data loss Prevention, Network Access Control etc.Time to Rethink the Corporate IT PolicySlide17

CorpNet

Internet

Designing for BYOD!

Remote Employees

Firewall / ADFS Proxy

VPN Server

DHCP Cluster

NAP Health

Policy Server

Active Directory/ DNS Servers

Perimeter Network

IEEE 802.1X

Lync Cluster

NAP Enforced Client with limited access

Hyper-V Cluster

RDS / VDI Infrastructure

Remediation Servers

ADFS Cluster

Internal Workstation

Mail Cluster

Direct Access Server

End Point ProtectionSlide18

The BYOD Tool belt!Slide19

BYOD: Network Security

BYODSlide20

Internet

Intranet

Remote Employees

Remote Access Gateway

Web Server

Customers

Perimeter

X

Infrastructure Servers

Extranet Server

Business Partners

BYOD: In A Highly-Connected World

Increasingly Complex Range of Interconnected networks

Distributed data

Expanded Mobile Workforce

Business Extranets

Complex Remote Access

Secure Web Services

Secure Wireless Access

Mobile Smart Device Support

Need to Protect Endpoints & ClientsSlide21

BYOD: Securing Your Corporate Realm!

Many Features can be Secured through Group PolicyRemote Access SecurityDirect AccessNetwork Access Protection (NAP)

IPSec ConsiderationsFirewall PoliciesBranch CacheAppLockerWireless Access PoliciesAnti Virus / Anti MalwareNetwork Availability ScheduleEnsure

Auditing Controls in PlaceSlide22

Walkthrough

Direct Access…Slide23

Direct Access Slide24

Direct Access Slide25

Direct Access Slide26

Direct Access Slide27

Direct Access Slide28

Direct Access Slide29

Direct Access Slide30

Direct Access Slide31

Direct Access Slide32

Direct Access Slide33

Demo

Useful GPO Settings for BYOD ImplementationSlide34

Walkthrough

Microsoft Exchange 2010Active SyncSlide35

Active Sync Policies (Exchange Server)Slide36

Active Sync Policies (Exchange Server)Slide37

Active Sync Policies (Exchange Server)Slide38

Active Sync Policies (Exchange Server)Slide39

Active Sync Policies (Exchange Server)Slide40

Exchange Server 2010: Remote WipeSlide41

BYOD: Virtualization Solutions

BYODSlide42

Virtualization Delivered at Presentation Level

Applications Run on Servers & ClientsConnect Through Remote DesktopSupports Application Publishing through RemoteApp and RD Web Access

Supports RDP Access to Internal Network through HTTPS tunnel Supports Hardware and Media Redirection, E.g. USB Drives, Printers etc Allows for Centralized Application Deployment and Management

BYOPC Access Solutions: Remote DesktopSlide43

APP-V is Part of Microsoft’s Desktop Optimisation Pack (MDOP)

Requires a Somewhat Complex Server Infrastructure and an App-V Client Installation

Delivers Application Virtualization without Users Having to Install & Run Virtual Machines or Applications on HostIdeal Platform for BYOD Application Deployment and ManagementIncludes Ability to Run I

ncompatible Applications on Same Machine Applications Can Also be Cached of Off-Line UseCan be Combined with Remote Desktop ServicesBYOPC Access Solutions: Application VirtualizationSlide44

Enables users to use virtual machines as their main computer

Ensures Corporate Desktop is Separate from Personal DesktopNo additional client software is required to provide VDIRequires Hyper-V and leverages RDSIT Can Assign Virtual Machines to users, or Organize them in Shared Pools

Can be Combined with User State Virtualization For Increased SecurityBYOPC Access Solutions: Virtual Desktop InfrastructureSlide45

BYOPC

Access Solutions: Virtual Desktop InfrastructureSlide46

BYOPC

Access Solutions: Virtual Desktop InfrastructureSlide47

User State Virtualization

Not “True” Virtualization as other technologiesProvides Roaming of User’s Documents and SettingsUser Profiles are a Feature of Windows Server and Windows client

Leverages the Folder Redirection, Roaming Profilesand Offline Files TechnologiesCan be combined with RDS, MED-V, and App-VProvides centralized user data and settingsProvides

roaming capabilitiesSlide48

BYOD Data in the Cloud?

BYODSlide49

BYOD & The Cloud: Common Questions!

Compatibility & The Cloud!How are Cloud Providers Protecting my Privacy?Free Vs Paid Service!Why don’t Cloud Providers Encrypt my Data?

Will my Mobile Device be Supported?Where will my Data be Stored?Who has Access to my Data?Is my Data Backed Up?What can I do if my device is Stolen?Slide50

Firstly Know what Your Signing up For!

Make Sure you understand this!Slide51

Decide on Public

Vs. Private

Storage SolutionsSlide52

What About Cloud Identity Management!

Need to Implement a Strong Trust ModelDecide on Password policy controls e.g. Microsoft Online IDs (MS or SSO)

Single sign-on (SSO) Considerations with corporate credentials Required ADFS & DirsyncConsider (RBAC) Role-based administrationWhat about “Admin on behalf of” for support partnersSecure ConnectivitySlide53

Small Corp

Authenticating BYOD For Small Business in the Cloud!

Remote Employees

Firewall / VPN / ADFS Proxy

Small Business Servers 2011

Perimeter Network

IEEE 802.1X

Internal Workstation

End Point Protection

ADFS Farm

Firewall / VPNSlide54

Information Author

The Recipient

AD-RMS

Server

SQL Server

Active Directory

2

3

4

5

Author defines a set of usage rights and rules for their file; Application creates a “publishing license” and encrypts the file

Author distributes file

Recipient clicks file to open, the application calls to the RMS server which validates the user and issues a “use license”

Application renders file and enforces rights

Author receives a client licensor certificate the first time they

rights-protect information

1

Protecting BYOD Data in The Cloud: Enterprise – AD-RMSSlide55

AD-RMS: Recent Improvements

AD

RMS Now Supports enhanced cryptography Added with Service Pack 1 for Windows 2008 R2 and in Windows Server 2012Provides increased cryptographic strength in Advanced Mode known as "Cryptographic Mode 2' Mode 2 Operation supports, RSA 2048 bit encryption

Hashing is enhanced from using SHA-1 (128 bits) to SHA-256 (256 bits)Provides improved Regulatory Compliance for NIST 800-57All computers that host either AD RMS server or client software must be patched and updatedSlide56

Protecting BYOD Data in The Cloud: PublicSlide57

Protecting BYOD Data in The Cloud: Enterprise

CipherCloud: Virtual Appliance technology that Local Admins can use to encrypt or to mask sensitive data before it hits the cloud platform

Enterprises retain keys and have complete control over the encryption and decryption processAES based algorithm works in a way that encrypts data without fundamentally altering the data format or function Uses a tokenization feature that replaces sensitive data entered into a cloud application with anonymous dummy values

Tokenization: Masks sensitive data while ensuring that they still retain the ability to sort, search, validate and generate reports with it CipherCloud’s technology is designed to work with any cloud provider Slide58

Demo

Cloud Security SolutionsSlide59

Hardware Security

BYODSlide60

Device / Laptop Theft

Growing ProblemMassive Data Leak ProblemLaptops can be Replaced, Data cannot!Lock windows and doors before you go out

Make sure valuables or cash can't be seen from outsideKeep keys out of reach of windows and doorsClose curtains and set light timers if you go out at nightDon’t let strangers into the buildingRegister your valuables for free at http://www.immobilise.com/

Consider using a Tracking ServiceImplement a Remote Wipe of device / LaptopSlide61

Laptop Theft: “Prey”

Device Locator Services / SoftwareSlide62

Http://

mylookout.com Free!Includes anti-virus, anti-malware, anti-spyware protection and basic contact backup in the free versionRemote lock & wipe for $2.99 a Month / $29.99 a YearComplete

backup and restore of your dataWindows, Blackberry & Android Theft

Device Locator Services / SoftwareRemember!Activate the passcode that would block a stranger from just picking up the device, turning it on and accessing all your info!Slide63

http://

goo.gl/RUgmhFor iPhone 4, iPad and iPod Touch users (running IOS 4.2 or higher)Apple recently made the ‘Find My iPhone/iPad’ app freeOnce installed, you can locate, remotely lock or remotely wipe any of the devices from the MobileMe.com

websiteApple Device Theft

Device Locator Services / SoftwareTip: A workaround for iPhone 3Gs users is to activate the account on one of the qualifying devices first, then download the app to the 3Gs iPhone and use the same account to track it!Slide64

Demo

Hardware Theft Solutions!Slide65

BYOD / Phone ForensicsSlide66

BYOD: Industrial Espionage

The theft of trade secrets by the removal, copying or recording of confidential or valuable information in a company for use by a competitor. Industrial espionage is conducted for commercial purposes rather than national security purposes (espionage), and should be differentiated from competitive intelligence, which is the legal gathering of information by examining corporate publications, websites, patent filings and the like, to determine a corporation's activities. Read more:

http://www.investopedia.com/terms/i/industrial-espionage.asp#ixzz1dxUQc0E4Slide67

BYOD Forensics

Have a solid Security Policy!The Forensics DilemmaData = Local or Remote?Logs – Logs – Logs!The Virtual “Shrink Wrapped” Crime Scene!Cloud Vendors – Subpoenas

Key Escrow Systems – EFS, Bitlocker!Revoke User CertificatesAccount Lockout ProceduresSlide68

To reduce legal and liability

riskCarefully analyse existing Security PoliciesDetermine how they relate to and impact their employees' use of their personal devices for business purposes

BYOPC: Legal ReviewSlide69

Policies that may be relevant, include (without limitation):

Mobile Device Security Policies Password Policies Encryption Policies Data Classification Policies

Acceptable Usage Policies Antivirus Software Policies Wireless Access PoliciesIncident Response PoliciesRemote Working Policies Privacy Policies, and Others

BYOD: Business ReviewSlide70

Network Access Protection (NAP)

Desktop / Application VirtualizationVirtual Desktop Infrastructure (VDI)Multi Factor Authentication (Smart Cards etc)Bitlocker / EFS (Data at Rest Solution)IPSec, EPA/TLS, SSL, Certificates (Data in Transit Solutions)

Direct AccessRemote Wipe Smart device Technology (Exchange 2010)Device Locator Service (GPS)On Line / Cloud Backup ServiceAudit / Forensics Framework in Place

BYOD: Technical Review Slide71

Session Review

IntroductionPerimeter Security: Why it No Longer Works!The Proliferation of Smart DevicesBYOPC: Assessing the RiskPlanning & Designing BYOD Solutions BYOD: Virtualization Solutions

BYOD In the Cloud!Mobile Device Security SolutionsBYOD: Getting LegalSlide72

Track Resources

www.microsoft.com/twc

www.microsoft.com/security

www.microsoft.com/privacy

www.microsoft.com/reliabilitySlide73

Resources

Connect. Share. Discuss.

http://northamerica.msteched.com

Learning

Microsoft Certification & Training Resources

www.microsoft.com/learning

TechNet

Resources for IT Professionals

http://microsoft.com/technet

Resources for Developers

http://microsoft.com/msdn Slide74

Complete an evaluation on CommNet and enter to win!Slide75

Thanks For Attending :-)

SIA310Andy MaloneCEO & FounderThe Cybercrime Security ForumFollow me @AndyMalone

Andrew.malone@quality-training.co.ukSlide76

Please Complete an Evaluation

Your feedback is important!

Multiple

ways to Evaluate SessionsBe eligible

to win great daily prizes and the grand prize of a $5,000 Travel Voucher!

Scan the Tag

to evaluate this

session now

on

myTechEd

MobileSlide77

©

2012 Microsoft

Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Slide78