SlideShare uma empresa Scribd logo

Business Continuity 2009

OS-Cubed, Inc.
OS-Cubed, Inc.

IEC 2009 presentation on business security and continuity.

EducaçãoTecnologiaNegócios
1 de 61
Business continuity Protecting your systems in today’s world
Introduction  Lee Drake, OS-Cubed, Inc.  Contact: ldrake@os-cubed.com  Phone: 585-756-2444  30 years of support
LOL Cat warning Warning – this presentation contains the occasional LOLCAT courtesy of www.icanhazcheeseburg er.com
Fair warning of bias…  OS-Cubed is currently a:  Symantec Partner  HP Partner  Microsoft Gold Certified Partner  Cisco/Linksys Registered Partner While this presentation will consider protection strategies in general these are the products we have the most familiarity with. They are certainly NOT the only solution
Today’s Security Environment  Greater interconnectivity exposes more security risk  New types of security risks  Business dependence on IT systems means downtime is more expensive  Limited availability and high cost of experienced IT means all repairs cost more
“Small Business” definitions  For this presentation “Small Business” will be categorized into the following sizes:  1-5 “home-based business”  5-20 “Small Business”  20-100 “Medium business”  > 100 large business (from an IT point of view)
What are the threat vectors  Direct Internet connection  Email/Social networking tools  Your website (separate connection)  Your employees  Yourself  Attachable portable data devices  Hardware or software failure or corruption
Downtime – you can’t afford it
Is it really a threat? Computer security costs $$ - directly to your bottom line  TJ Maxx = $100/released record = $4,500,000,000  Average of $600 to recover a computer after infection  Cost to prevent $100-200/year  By 2011 4% of revenue could be spent on security (10x today’s spend
Malware
Threats defined  Malware – virus, rootkit, spyware  Install invisibly  You may be infected  Botnet infection slows down your computer and takes up internet bandwidth – sending spam or infecting other computers  Recent documented infection shows 200,000 bank accounts and CC# exposed!
What does that mean?  According to Info Security magazine:  “…botnets control more compromised machines than had been thought. Only a handful of criminals globally (likely a few hundred) have control of more than 100 million computers, the report says.”  “This means that cybercriminals have more computing power at their disposal than the entire world’s supercomputers combined - small wonder that more than 90% of all email worldwide is now spam”
Business Continuity  Protect your data and your productivity  Downtime costs money, and can lose you opportunity  Data loss is more costly than the downtime  Two types – full disaster recovery, and systems recovery
Information leakage  Losing information to competitors  Losing information to employees who leave  Privacy issues  Medical (if in that industry)  Credit card/Customer privacy  Employee privacy (HR)
Information Sabotage  Employee sabotage  Competitor sabotage  Unintentional damage
Productivity loss  Employee “surfing” during work hours  Improper use of bandwidth (Music sharing sites, etc.)  Gaming, “solitaire” etc.  Slowdowns due to malware/spyware  Spam processing
The good news  With a proper set of tools, protecting yourself does not have to be difficult or time consuming  Recent advances have lowered the cost of protection significantly  New technologies make it easier to deploy and manage
Tools Perimeter control Tools  Required  Spam blocking systems  Firewall  Optional  Content management  VPN/Encryption  Network access control  All-in-one devices
Endpoint Protection
Tools  Endpoint protection (all required)  Virus control (formerly antivirus)  Spyware  Personal firewall  Personal spam control  Endpoint protection (all of above)
Tools  Business continuity  Tape backup  Online backup  Disk to disk backup  Network Attached Storage  Offsite storage  PC Backup  (one onsite, one offsite required)
HR Practices
Tools  System management and monitoring tools  HR Best practices  Employee manual (Required)  Manager training  Employee orientation sessions  Employee termination procedures
Backup and fail in that order!
Backup explained  With low price USB, Firewire and Network Attached storage devices the landscape for backup has changed  Backup to disk is fast, reliable and allows almost instant restore and rebuild – even over a network  New disk imaging products allow “snapshot backups” for instant restore
Symantec Ghost/Backup Exec System Recovery  Every important computer in your organization should be protected by Ghost or BESR (corporate version)  Reduces recovery time for even a total disaster to a couple hours  Backups are faster, more reliable and easier, require no human intervention  Can be used for offsite
Still need offsite backup  Protects asset in the case of total destruction of server room (natural disaster, fire, sabotage, etc)  Can be used as history for deep- restore  Snapshots of business at various points.
Offsite backup options  Online options  Require significant bandwidth – do not underestimate requirements  Restore times frequently longer and can be more complex  Frequently do not backup system state – files only  Require a monthly fee for storage, that increases with the amount stored  If you trust 3rd party vendor can be more secure
Offsite Backup options  Tape  Compact size makes off-site easier  Backups require physical intervention (changing tapes)  Tapes deteriorate and need to be changed out every 1-2 years for new tapes  Can represent a security risk if stolen  For a monthly fee Iron mountain will retain, store and exchange tapes
Offsite backup options  Taking USB drives offsite  More attractive as drives size shrink to that of tapes  Drives much more susceptible to environmental damage  Similar downside characteristics as tape  Requires “human intervention”  Can be a solution for home businesses  Iron Mountain will also store this media
Endpoint Protection
Endpoint protection defined  Controlling what happens at the workstation  Virus protection  Spyware protection  Device control (usb drives, other attachable devices)  Workstation firewall (software firewall)  Initial access to the network  Can include email client based spam control
Endpoint protection options  4-5 major players in this space  Features and capabilities frequently leapfrog  Best advice is to pick one and stick to it, don’t swap back and forth  Major providers include: Symantec, McAfee, AVG, CA, and Kapersky  Symantec 2010 got PC World 2nd place, and places consistently 1st or 2nd
Don’t overdo it…  Multiple products to protect your endpoint are generally NOT needed  Use one product for best results, easiest management and fastest speed  Multiple products slow your system down by doing repeated tests  Use of clean-up products should be limited to infected machines
Protecting your network
Firewall appliances  Firewalls and content management systems prevent direct hacking from outside world  Can be used to control what resources your internal users can reach in the outside world (CM)  Are your first line of defense against hackers
Perimeter Firewall limitations  Once something is behind the firewall, it can spread quickly  Wireless access points behind firewalls are susceptible to hacking attempts  Trojans and other malware operate from behind the firewall and can be difficult or impossible to block as their traffic looks like web traffic
Endpoint firewalls  Firewalls at the client can prevent spread behind the corporate firewall  Endpoint protection typically includes a firewall at each client  Windows comes with a built-in firewall at each client, which should be on (at a minimum)
Spam Control
Other appliances  Spam control appliances sit between you and your email server, or between your email server and the world  They allow constantly updated spam signature and source control  Can significantly reduce spam-load  Can be expensive to configure and maintain – higher risk of false negatives.
Other appliances  VPN – Virtual Private Network  Extends your network to home or mobile machines  VPN connected machines should be subject to the same rigorous security requirements as internal machines  Can allow work from home easily  Frequently built into perimeter firewalls  Are even affordable at home office prices, but usually require a fixed IP address (not a home account)
Other stopgap methods  Use an alternate browser (Firefox, Chrome etc.) – however ALL browsers have security issues  Use an alternate OS – Linux and Mac OSes have a limited audience, thus are not as big targets. ALL operating systems have vulnerabilities though  Properly configured and patched any of these can be secure
Updates and patches  You or your provider should frequently check for and apply new patches  Subscribe to Microsoft and/or Symantec RSS feeds for emergency security bulletins  Select ALL critical updates, and any security or stability related optional updates  Run updates manually every other month
Network Administration
HR Guidelines  Every company should have an employee manual that details:  What is considered appropriate internet use  Specific consequences of inappropriate use  Rules about using copyrighted and unlicensed materials, pornography, etc.  Email use policy  Note that there is no expectation of privacy  A policy regarding use of unapproved software  A reminder that data tampering is a federal crime  A nondisclosure agreement regarding company data
Drive security
Physical security  USB drives change everything  Exposure risks from downloading data goes up  Can “boot to USB” and gain access to files without the OS or Endpoint loaded  Can put browser and files on usb drive and surf anything anywhere without installing on PC  Should seriously consider locking USB to read-only status
Do you trust your vendors?  All your vendors – not just IT vendors  I’ve seen server rooms where contractors are working unattended  Do not assume because of someone’s job that they’re not a computer hacker
Server rooms should be locked  Access to key trouble points should be locked from employee access  Network hubs and switches  Servers and network appliances  Routers and firewalls  Detachable USB drives and tapes
Password security
Password security  Passwords should be at least 8 characters  A combination of letters and numbers  Something people can remember  Don’t make them change them too often or they’ll just write them down
Fingerprint authentication
Fingerprint authentication  Finally a valid solution with newer, cheaper technology  Works best with Window’s Vista’s ability to have multiple users logged on simultaneously  Not foolproof – can be fooled by a number of tricks
What about encryption?  For sensitive data it can be invaluable  MUST have a safe and accessible place to look up the password in case it is lost or you are hurt  Data will be UNRETRIEVABLE without the password, however storing password with data won’t work  Can affect the validity and availability of backup data
Do you trust your protection?
Home Business typical configuration  Under 5 users  Inexpensive firewall (no content control – sonicwall/linksys/netgear)  Retail endpoint protection (Symantec, AVG, Etc.)  Endpoint spam control, or use 3rd party service  Ghost for individual workstations  NAS for in-house backup  USB Hard disk exchanged offsite for offsite backup
Small Business typical configuration  5-20 users  Centralized computer server  Tape or disk backup for offsite  Centralized licensed endpoint protection  Depending on email – either centralized virus and spam or endpoint  NAS for localized emergency recovery  Endpoint protection at systems  Mid-range firewall/spam/content (Sonicwall, Cisco) plus OpenDNS
Medium Business typical configuration  Perimeter  Firewall – both directions (Cisco, Sonicwall)  Content management appliance or OpenDNS  Spam control appliance (Barracuda)  Server  Centralized endpoint protection  Centralized systems management and monitoring  Protected by local disk imaging and tape or offsite backup  Endpoint  Endpoint protection  Local disk imaging of key systems
Large business  Best advice is to hire a security expert to design a system for you  Recommend going with specialized appliances  Limiting the number of different vendors simplifies management  Solve with an overall approach not individual band-aids
Notes and resources  On my website www.os-cubed.com  At this specific shortcut: http://bit.ly/IEC12-09  Off my linked in and facebook accounts (Search for Lee Drake in both)
Contact Information OS-Cubed, Inc. Lee Drake, CEO 274 Goodman St. N, Suite A401 Rochester, NY 14607 Ldrake@os-cubed.com www.os-cubed.com

Recomendados

L49 slides
L49 slidesL49 slides
L49 slides
sgibson28
 
Cyber Security and GDPR Made Easy
Cyber Security and GDPR Made EasyCyber Security and GDPR Made Easy
Cyber Security and GDPR Made Easy
ChristoanSmit
 
Mis Data Sheet 2010
Mis Data Sheet 2010Mis Data Sheet 2010
Mis Data Sheet 2010
Vadimazz
 
Ldc
LdcLdc
Ldc
Akosenko
 
V mware vdi environment
V mware vdi environmentV mware vdi environment
V mware vdi environment
ajitambekar
 
Cybersecurity Concerns You Should be Thinking About
Cybersecurity Concerns You Should be Thinking AboutCybersecurity Concerns You Should be Thinking About
Cybersecurity Concerns You Should be Thinking About
Advanced Technology Consulting (ATC)
 
Panda Cloud Protection - protectie maxima, costuri reduse
Panda Cloud Protection - protectie maxima, costuri redusePanda Cloud Protection - protectie maxima, costuri reduse
Panda Cloud Protection - protectie maxima, costuri reduse
IDG Romania
 
Symantec Web Security Solutions
Symantec Web Security SolutionsSymantec Web Security Solutions
Symantec Web Security Solutions
Symantec
 

Recomendados

L49 slides
L49 slidesL49 slides
L49 slides
sgibson28
 
Cyber Security and GDPR Made Easy
Cyber Security and GDPR Made EasyCyber Security and GDPR Made Easy
Cyber Security and GDPR Made Easy
ChristoanSmit
 
Mis Data Sheet 2010
Mis Data Sheet 2010Mis Data Sheet 2010
Mis Data Sheet 2010
Vadimazz
 
Ldc
LdcLdc
Ldc
Akosenko
 
V mware vdi environment
V mware vdi environmentV mware vdi environment
V mware vdi environment
ajitambekar
 
Cybersecurity Concerns You Should be Thinking About
Cybersecurity Concerns You Should be Thinking AboutCybersecurity Concerns You Should be Thinking About
Cybersecurity Concerns You Should be Thinking About
Advanced Technology Consulting (ATC)
 
Panda Cloud Protection - protectie maxima, costuri reduse
Panda Cloud Protection - protectie maxima, costuri redusePanda Cloud Protection - protectie maxima, costuri reduse
Panda Cloud Protection - protectie maxima, costuri reduse
IDG Romania
 
Symantec Web Security Solutions
Symantec Web Security SolutionsSymantec Web Security Solutions
Symantec Web Security Solutions
Symantec
 
2.7 what ict can provide
2.7 what ict can provide2.7 what ict can provide
2.7 what ict can provide
mrmwood
 
2.6 backup and recovery
2.6 backup and recovery2.6 backup and recovery
2.6 backup and recovery
mrmwood
 
Introduction to Network and System Administration
Introduction to Network and System AdministrationIntroduction to Network and System Administration
Introduction to Network and System Administration
Duressa Teshome
 
RSA 2010 Kevin Rowney
RSA 2010 Kevin RowneyRSA 2010 Kevin Rowney
RSA 2010 Kevin Rowney
Symantec
 
4.it activities one pager
4.it activities one pager4.it activities one pager
4.it activities one pager
kaseyaindia
 
Final2[1]
Final2[1]Final2[1]
Final2[1]
MohammedHazzaa1
 
Desktop Services
Desktop ServicesDesktop Services
Desktop Services
CloudTechnology
 
8 Sure-Fire Ways to Manage Your Desktops
8 Sure-Fire Ways to Manage Your Desktops8 Sure-Fire Ways to Manage Your Desktops
8 Sure-Fire Ways to Manage Your Desktops
ScriptLogic
 
You Will Be Breached
You Will Be BreachedYou Will Be Breached
You Will Be Breached
Mike Saunders
 
Computrace Laptop Security Solutions
Computrace Laptop Security SolutionsComputrace Laptop Security Solutions
Computrace Laptop Security Solutions
abe8512000
 
CH11-Managing Computing Securely, Safely and Ethically
CH11-Managing Computing Securely, Safely and EthicallyCH11-Managing Computing Securely, Safely and Ethically
CH11-Managing Computing Securely, Safely and Ethically
Sukanya Ben
 
Is your data at risk? Why physical security is insufficient for laptop computers
Is your data at risk? Why physical security is insufficient for laptop computersIs your data at risk? Why physical security is insufficient for laptop computers
Is your data at risk? Why physical security is insufficient for laptop computers
FindWhitePapers
 
CryptionPro Hdd Flyer English
CryptionPro Hdd Flyer EnglishCryptionPro Hdd Flyer English
CryptionPro Hdd Flyer English
cynapspro GmbH
 
ZENDAL BACKUP
ZENDAL BACKUPZENDAL BACKUP
ZENDAL BACKUP
Néstor Alemán Esteban
 
Harris Bdr
Harris BdrHarris Bdr
Harris Bdr
wericsmith
 
CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1
Ian Sommerville
 
A Guide To SMB Network Security Compliance Research Group(1)
A Guide To SMB Network Security Compliance Research Group(1)A Guide To SMB Network Security Compliance Research Group(1)
A Guide To SMB Network Security Compliance Research Group(1)
GuardEra Access Solutions, Inc.
 
What's New with Ivanti’s Enterprise Licensing Agreement?
What's New with Ivanti’s Enterprise Licensing Agreement?What's New with Ivanti’s Enterprise Licensing Agreement?
What's New with Ivanti’s Enterprise Licensing Agreement?
Ivanti
 
What if
What ifWhat if
What if
sc00777
 
ESET Enterprise
ESET EnterpriseESET Enterprise
ESET Enterprise
Ron Nath Mukherjee
 
1511 Sponsorship Opportunity
1511 Sponsorship Opportunity1511 Sponsorship Opportunity
1511 Sponsorship Opportunity
OS-Cubed, Inc.
 
Creating a content managed facebook app
Creating a content managed facebook appCreating a content managed facebook app
Creating a content managed facebook app
OS-Cubed, Inc.
 

Mais conteúdo relacionado

Mais procurados

2.7 what ict can provide
2.7 what ict can provide2.7 what ict can provide
2.7 what ict can provide
mrmwood
 
2.6 backup and recovery
2.6 backup and recovery2.6 backup and recovery
2.6 backup and recovery
mrmwood
 
4.it activities one pager
4.it activities one pager4.it activities one pager
4.it activities one pager
kaseyaindia
 
8 Sure-Fire Ways to Manage Your Desktops
8 Sure-Fire Ways to Manage Your Desktops8 Sure-Fire Ways to Manage Your Desktops
8 Sure-Fire Ways to Manage Your Desktops
ScriptLogic
 
CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1
Ian Sommerville
 

Mais procurados (20)

2.7 what ict can provide
2.7 what ict can provide2.7 what ict can provide
2.7 what ict can provide
 
2.6 backup and recovery
2.6 backup and recovery2.6 backup and recovery
2.6 backup and recovery
 
Introduction to Network and System Administration
Introduction to Network and System AdministrationIntroduction to Network and System Administration
Introduction to Network and System Administration
 
RSA 2010 Kevin Rowney
RSA 2010 Kevin RowneyRSA 2010 Kevin Rowney
RSA 2010 Kevin Rowney
 
4.it activities one pager
4.it activities one pager4.it activities one pager
4.it activities one pager
 
Final2[1]
Final2[1]Final2[1]
Final2[1]
 
Desktop Services
Desktop ServicesDesktop Services
Desktop Services
 
8 Sure-Fire Ways to Manage Your Desktops
8 Sure-Fire Ways to Manage Your Desktops8 Sure-Fire Ways to Manage Your Desktops
8 Sure-Fire Ways to Manage Your Desktops
 
You Will Be Breached
You Will Be BreachedYou Will Be Breached
You Will Be Breached
 
Computrace Laptop Security Solutions
Computrace Laptop Security SolutionsComputrace Laptop Security Solutions
Computrace Laptop Security Solutions
 
CH11-Managing Computing Securely, Safely and Ethically
CH11-Managing Computing Securely, Safely and EthicallyCH11-Managing Computing Securely, Safely and Ethically
CH11-Managing Computing Securely, Safely and Ethically
 
Is your data at risk? Why physical security is insufficient for laptop computers
Is your data at risk? Why physical security is insufficient for laptop computersIs your data at risk? Why physical security is insufficient for laptop computers
Is your data at risk? Why physical security is insufficient for laptop computers
 
CryptionPro Hdd Flyer English
CryptionPro Hdd Flyer EnglishCryptionPro Hdd Flyer English
CryptionPro Hdd Flyer English
 
ZENDAL BACKUP
ZENDAL BACKUPZENDAL BACKUP
ZENDAL BACKUP
 
Harris Bdr
Harris BdrHarris Bdr
Harris Bdr
 
CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1
 
A Guide To SMB Network Security Compliance Research Group(1)
A Guide To SMB Network Security Compliance Research Group(1)A Guide To SMB Network Security Compliance Research Group(1)
A Guide To SMB Network Security Compliance Research Group(1)
 
What's New with Ivanti’s Enterprise Licensing Agreement?
What's New with Ivanti’s Enterprise Licensing Agreement?What's New with Ivanti’s Enterprise Licensing Agreement?
What's New with Ivanti’s Enterprise Licensing Agreement?
 
What if
What ifWhat if
What if
 
ESET Enterprise
ESET EnterpriseESET Enterprise
ESET Enterprise
 

Destaque

1511 Sponsorship Opportunity
1511 Sponsorship Opportunity1511 Sponsorship Opportunity
1511 Sponsorship Opportunity
OS-Cubed, Inc.
 
Conservative Surgery In Ectopic
Conservative Surgery In EctopicConservative Surgery In Ectopic
Conservative Surgery In Ectopic
Anand Chaudhari
 
These Are A Few Of My Favorite Things
These Are A Few Of My Favorite ThingsThese Are A Few Of My Favorite Things
These Are A Few Of My Favorite Things
bainswo1
 

Destaque (6)

1511 Sponsorship Opportunity
1511 Sponsorship Opportunity1511 Sponsorship Opportunity
1511 Sponsorship Opportunity
 
Creating a content managed facebook app
Creating a content managed facebook appCreating a content managed facebook app
Creating a content managed facebook app
 
Artisan bread in 5 minutes
Artisan bread in 5 minutesArtisan bread in 5 minutes
Artisan bread in 5 minutes
 
Sistrix - SEOnTheBeach
Sistrix - SEOnTheBeachSistrix - SEOnTheBeach
Sistrix - SEOnTheBeach
 
Conservative Surgery In Ectopic
Conservative Surgery In EctopicConservative Surgery In Ectopic
Conservative Surgery In Ectopic
 
These Are A Few Of My Favorite Things
These Are A Few Of My Favorite ThingsThese Are A Few Of My Favorite Things
These Are A Few Of My Favorite Things
 

Semelhante a Business Continuity 2009

Panda Cloud Services
Panda Cloud ServicesPanda Cloud Services
Panda Cloud Services
Ozgur Gercek
 
How to improve endpoint security on a SMB budget
How to improve endpoint security on a SMB budgetHow to improve endpoint security on a SMB budget
How to improve endpoint security on a SMB budget
Lumension
 
MOP Technical Presentation.Ppt
MOP Technical Presentation.PptMOP Technical Presentation.Ppt
MOP Technical Presentation.Ppt
tswong
 
Beyond layers and peripheral antivirus security
Beyond layers and peripheral antivirus securityBeyond layers and peripheral antivirus security
Beyond layers and peripheral antivirus security
UltraUploader
 
2014CyberSecurityProject
2014CyberSecurityProject2014CyberSecurityProject
2014CyberSecurityProject
Kaley Hair
 
amrapali builders @@hacking printers.pdf
amrapali builders @@hacking printers.pdfamrapali builders @@hacking printers.pdf
amrapali builders @@hacking printers.pdf
amrapalibuildersreviews
 
Ece seminar 20070927
Ece seminar 20070927Ece seminar 20070927
Ece seminar 20070927
Todd Deshane
 

Semelhante a Business Continuity 2009 (20)

Desktop Security 8 9 07
Desktop Security 8 9 07Desktop Security 8 9 07
Desktop Security 8 9 07
 
PROJECT REPORT.docx
PROJECT REPORT.docxPROJECT REPORT.docx
PROJECT REPORT.docx
 
Panda Cloud Services
Panda Cloud ServicesPanda Cloud Services
Panda Cloud Services
 
How to improve endpoint security on a SMB budget
How to improve endpoint security on a SMB budgetHow to improve endpoint security on a SMB budget
How to improve endpoint security on a SMB budget
 
MOP Technical Presentation.Ppt
MOP Technical Presentation.PptMOP Technical Presentation.Ppt
MOP Technical Presentation.Ppt
 
Info Sec2007 End Point Final
Info Sec2007 End Point FinalInfo Sec2007 End Point Final
Info Sec2007 End Point Final
 
Beyond layers and peripheral antivirus security
Beyond layers and peripheral antivirus securityBeyond layers and peripheral antivirus security
Beyond layers and peripheral antivirus security
 
Internet safety and you
Internet safety and youInternet safety and you
Internet safety and you
 
Computer Security Issues
Computer Security IssuesComputer Security Issues
Computer Security Issues
 
Guard Era Security Overview Preso (Draft)
Guard Era Security Overview Preso (Draft)Guard Era Security Overview Preso (Draft)
Guard Era Security Overview Preso (Draft)
 
2014CyberSecurityProject
2014CyberSecurityProject2014CyberSecurityProject
2014CyberSecurityProject
 
amrapali builders @@hacking printers.pdf
amrapali builders @@hacking printers.pdfamrapali builders @@hacking printers.pdf
amrapali builders @@hacking printers.pdf
 
Ece seminar 20070927
Ece seminar 20070927Ece seminar 20070927
Ece seminar 20070927
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint Security
 
Top Tactics For Endpoint Security
Top Tactics For Endpoint SecurityTop Tactics For Endpoint Security
Top Tactics For Endpoint Security
 
Basics of IT security
Basics of IT securityBasics of IT security
Basics of IT security
 
Free Guide-to-cybersecurity-fundamentals.pdf
Free Guide-to-cybersecurity-fundamentals.pdfFree Guide-to-cybersecurity-fundamentals.pdf
Free Guide-to-cybersecurity-fundamentals.pdf
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
 
Event - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersEvent - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security Perimeters
 
Prueba de Presentacion
Prueba de PresentacionPrueba de Presentacion
Prueba de Presentacion
 

Mais de OS-Cubed, Inc.

1511 Corporate Subteam Ppt
1511 Corporate Subteam Ppt1511 Corporate Subteam Ppt
1511 Corporate Subteam Ppt
OS-Cubed, Inc.
 

Mais de OS-Cubed, Inc. (8)

Using Office365 to build collaborative teams
Using Office365 to build collaborative teamsUsing Office365 to build collaborative teams
Using Office365 to build collaborative teams
 
Microsoft Office365 cloud update - Fall 2014
Microsoft Office365 cloud update - Fall 2014Microsoft Office365 cloud update - Fall 2014
Microsoft Office365 cloud update - Fall 2014
 
Not For Profits – raising funds
Not For Profits – raising fundsNot For Profits – raising funds
Not For Profits – raising funds
 
FIRST Robotics Team 1511 Building sustainability presentation
FIRST Robotics Team 1511 Building sustainability presentationFIRST Robotics Team 1511 Building sustainability presentation
FIRST Robotics Team 1511 Building sustainability presentation
 
Building a development culture
Building a development culture Building a development culture
Building a development culture
 
Social Networking Pix Show
Social Networking Pix ShowSocial Networking Pix Show
Social Networking Pix Show
 
1511 Press Releases
1511 Press Releases1511 Press Releases
1511 Press Releases
 
1511 Corporate Subteam Ppt
1511 Corporate Subteam Ppt1511 Corporate Subteam Ppt
1511 Corporate Subteam Ppt
 

Último

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
Chris Hunter
 
Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.
MateoGardella
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
kauryashika82
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
negromaestrong
 

Último (20)

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 

Business Continuity 2009

  • 1. Business continuity Protecting your systems in today’s world
  • 2. Introduction  Lee Drake, OS-Cubed, Inc.  Contact: ldrake@os-cubed.com  Phone: 585-756-2444  30 years of support
  • 3. LOL Cat warning Warning – this presentation contains the occasional LOLCAT courtesy of www.icanhazcheeseburg er.com
  • 4. Fair warning of bias…  OS-Cubed is currently a:  Symantec Partner  HP Partner  Microsoft Gold Certified Partner  Cisco/Linksys Registered Partner While this presentation will consider protection strategies in general these are the products we have the most familiarity with. They are certainly NOT the only solution
  • 5. Today’s Security Environment  Greater interconnectivity exposes more security risk  New types of security risks  Business dependence on IT systems means downtime is more expensive  Limited availability and high cost of experienced IT means all repairs cost more
  • 6. “Small Business” definitions  For this presentation “Small Business” will be categorized into the following sizes:  1-5 “home-based business”  5-20 “Small Business”  20-100 “Medium business”  > 100 large business (from an IT point of view)
  • 7. What are the threat vectors  Direct Internet connection  Email/Social networking tools  Your website (separate connection)  Your employees  Yourself  Attachable portable data devices  Hardware or software failure or corruption
  • 8. Downtime – you can’t afford it
  • 9. Is it really a threat? Computer security costs $$ - directly to your bottom line  TJ Maxx = $100/released record = $4,500,000,000  Average of $600 to recover a computer after infection  Cost to prevent $100-200/year  By 2011 4% of revenue could be spent on security (10x today’s spend
  • 11. Threats defined  Malware – virus, rootkit, spyware  Install invisibly  You may be infected  Botnet infection slows down your computer and takes up internet bandwidth – sending spam or infecting other computers  Recent documented infection shows 200,000 bank accounts and CC# exposed!
  • 12. What does that mean?  According to Info Security magazine:  “…botnets control more compromised machines than had been thought. Only a handful of criminals globally (likely a few hundred) have control of more than 100 million computers, the report says.”  “This means that cybercriminals have more computing power at their disposal than the entire world’s supercomputers combined - small wonder that more than 90% of all email worldwide is now spam”
  • 13. Business Continuity  Protect your data and your productivity  Downtime costs money, and can lose you opportunity  Data loss is more costly than the downtime  Two types – full disaster recovery, and systems recovery
  • 14. Information leakage  Losing information to competitors  Losing information to employees who leave  Privacy issues  Medical (if in that industry)  Credit card/Customer privacy  Employee privacy (HR)
  • 15. Information Sabotage  Employee sabotage  Competitor sabotage  Unintentional damage
  • 16. Productivity loss  Employee “surfing” during work hours  Improper use of bandwidth (Music sharing sites, etc.)  Gaming, “solitaire” etc.  Slowdowns due to malware/spyware  Spam processing
  • 17. The good news  With a proper set of tools, protecting yourself does not have to be difficult or time consuming  Recent advances have lowered the cost of protection significantly  New technologies make it easier to deploy and manage
  • 18. Tools Perimeter control Tools  Required  Spam blocking systems  Firewall  Optional  Content management  VPN/Encryption  Network access control  All-in-one devices
  • 20. Tools  Endpoint protection (all required)  Virus control (formerly antivirus)  Spyware  Personal firewall  Personal spam control  Endpoint protection (all of above)
  • 21. Tools  Business continuity  Tape backup  Online backup  Disk to disk backup  Network Attached Storage  Offsite storage  PC Backup  (one onsite, one offsite required)
  • 23. Tools  System management and monitoring tools  HR Best practices  Employee manual (Required)  Manager training  Employee orientation sessions  Employee termination procedures
  • 24. Backup and fail in that order!
  • 25. Backup explained  With low price USB, Firewire and Network Attached storage devices the landscape for backup has changed  Backup to disk is fast, reliable and allows almost instant restore and rebuild – even over a network  New disk imaging products allow “snapshot backups” for instant restore
  • 26. Symantec Ghost/Backup Exec System Recovery  Every important computer in your organization should be protected by Ghost or BESR (corporate version)  Reduces recovery time for even a total disaster to a couple hours  Backups are faster, more reliable and easier, require no human intervention  Can be used for offsite
  • 27. Still need offsite backup  Protects asset in the case of total destruction of server room (natural disaster, fire, sabotage, etc)  Can be used as history for deep- restore  Snapshots of business at various points.
  • 28. Offsite backup options  Online options  Require significant bandwidth – do not underestimate requirements  Restore times frequently longer and can be more complex  Frequently do not backup system state – files only  Require a monthly fee for storage, that increases with the amount stored  If you trust 3rd party vendor can be more secure
  • 29. Offsite Backup options  Tape  Compact size makes off-site easier  Backups require physical intervention (changing tapes)  Tapes deteriorate and need to be changed out every 1-2 years for new tapes  Can represent a security risk if stolen  For a monthly fee Iron mountain will retain, store and exchange tapes
  • 30. Offsite backup options  Taking USB drives offsite  More attractive as drives size shrink to that of tapes  Drives much more susceptible to environmental damage  Similar downside characteristics as tape  Requires “human intervention”  Can be a solution for home businesses  Iron Mountain will also store this media
  • 32. Endpoint protection defined  Controlling what happens at the workstation  Virus protection  Spyware protection  Device control (usb drives, other attachable devices)  Workstation firewall (software firewall)  Initial access to the network  Can include email client based spam control
  • 33. Endpoint protection options  4-5 major players in this space  Features and capabilities frequently leapfrog  Best advice is to pick one and stick to it, don’t swap back and forth  Major providers include: Symantec, McAfee, AVG, CA, and Kapersky  Symantec 2010 got PC World 2nd place, and places consistently 1st or 2nd
  • 34. Don’t overdo it…  Multiple products to protect your endpoint are generally NOT needed  Use one product for best results, easiest management and fastest speed  Multiple products slow your system down by doing repeated tests  Use of clean-up products should be limited to infected machines
  • 36. Firewall appliances  Firewalls and content management systems prevent direct hacking from outside world  Can be used to control what resources your internal users can reach in the outside world (CM)  Are your first line of defense against hackers
  • 37. Perimeter Firewall limitations  Once something is behind the firewall, it can spread quickly  Wireless access points behind firewalls are susceptible to hacking attempts  Trojans and other malware operate from behind the firewall and can be difficult or impossible to block as their traffic looks like web traffic
  • 38. Endpoint firewalls  Firewalls at the client can prevent spread behind the corporate firewall  Endpoint protection typically includes a firewall at each client  Windows comes with a built-in firewall at each client, which should be on (at a minimum)
  • 40. Other appliances  Spam control appliances sit between you and your email server, or between your email server and the world  They allow constantly updated spam signature and source control  Can significantly reduce spam-load  Can be expensive to configure and maintain – higher risk of false negatives.
  • 41. Other appliances  VPN – Virtual Private Network  Extends your network to home or mobile machines  VPN connected machines should be subject to the same rigorous security requirements as internal machines  Can allow work from home easily  Frequently built into perimeter firewalls  Are even affordable at home office prices, but usually require a fixed IP address (not a home account)
  • 42. Other stopgap methods  Use an alternate browser (Firefox, Chrome etc.) – however ALL browsers have security issues  Use an alternate OS – Linux and Mac OSes have a limited audience, thus are not as big targets. ALL operating systems have vulnerabilities though  Properly configured and patched any of these can be secure
  • 43. Updates and patches  You or your provider should frequently check for and apply new patches  Subscribe to Microsoft and/or Symantec RSS feeds for emergency security bulletins  Select ALL critical updates, and any security or stability related optional updates  Run updates manually every other month
  • 45. HR Guidelines  Every company should have an employee manual that details:  What is considered appropriate internet use  Specific consequences of inappropriate use  Rules about using copyrighted and unlicensed materials, pornography, etc.  Email use policy  Note that there is no expectation of privacy  A policy regarding use of unapproved software  A reminder that data tampering is a federal crime  A nondisclosure agreement regarding company data
  • 47. Physical security  USB drives change everything  Exposure risks from downloading data goes up  Can “boot to USB” and gain access to files without the OS or Endpoint loaded  Can put browser and files on usb drive and surf anything anywhere without installing on PC  Should seriously consider locking USB to read-only status
  • 48. Do you trust your vendors?  All your vendors – not just IT vendors  I’ve seen server rooms where contractors are working unattended  Do not assume because of someone’s job that they’re not a computer hacker
  • 49. Server rooms should be locked  Access to key trouble points should be locked from employee access  Network hubs and switches  Servers and network appliances  Routers and firewalls  Detachable USB drives and tapes
  • 51. Password security  Passwords should be at least 8 characters  A combination of letters and numbers  Something people can remember  Don’t make them change them too often or they’ll just write them down
  • 53. Fingerprint authentication  Finally a valid solution with newer, cheaper technology  Works best with Window’s Vista’s ability to have multiple users logged on simultaneously  Not foolproof – can be fooled by a number of tricks
  • 54. What about encryption?  For sensitive data it can be invaluable  MUST have a safe and accessible place to look up the password in case it is lost or you are hurt  Data will be UNRETRIEVABLE without the password, however storing password with data won’t work  Can affect the validity and availability of backup data
  • 55. Do you trust your protection?
  • 56. Home Business typical configuration  Under 5 users  Inexpensive firewall (no content control – sonicwall/linksys/netgear)  Retail endpoint protection (Symantec, AVG, Etc.)  Endpoint spam control, or use 3rd party service  Ghost for individual workstations  NAS for in-house backup  USB Hard disk exchanged offsite for offsite backup
  • 57. Small Business typical configuration  5-20 users  Centralized computer server  Tape or disk backup for offsite  Centralized licensed endpoint protection  Depending on email – either centralized virus and spam or endpoint  NAS for localized emergency recovery  Endpoint protection at systems  Mid-range firewall/spam/content (Sonicwall, Cisco) plus OpenDNS
  • 58. Medium Business typical configuration  Perimeter  Firewall – both directions (Cisco, Sonicwall)  Content management appliance or OpenDNS  Spam control appliance (Barracuda)  Server  Centralized endpoint protection  Centralized systems management and monitoring  Protected by local disk imaging and tape or offsite backup  Endpoint  Endpoint protection  Local disk imaging of key systems
  • 59. Large business  Best advice is to hire a security expert to design a system for you  Recommend going with specialized appliances  Limiting the number of different vendors simplifies management  Solve with an overall approach not individual band-aids
  • 60. Notes and resources  On my website www.os-cubed.com  At this specific shortcut: http://bit.ly/IEC12-09  Off my linked in and facebook accounts (Search for Lee Drake in both)
  • 61. Contact Information OS-Cubed, Inc. Lee Drake, CEO 274 Goodman St. N, Suite A401 Rochester, NY 14607 Ldrake@os-cubed.com www.os-cubed.com