Copyright Security-Assessment.com 2004

New Technology Enforcement Strategies

by Peter Benson

Copyright Security-Assessment.com 2004

Copyright Security-Assessment.com 2004

The issues• Information Loss

• Perimeter Breakdown

• Mobile Users

• New Technology

• Vulnerabilities

• Future Directions

Copyright Security-Assessment.com 2004

Perimeter Breakdown• Perimeters slowly disappearing

– VPN

– Partner Connections

– Home Users

– Wireless Insecurities

• Zones of Trust

• Testing Security

Copyright Security-Assessment.com 2004

Laptop Users• Current Laptop Loss Rate >4%

• Information and hardware costs

• Theft Prevention on increase

• Minimum controls required for mobile population

– Personal Firewall

– AV

– Disk Encryption

• Policy and Security Architecture Requirements

• Citrix is your Friend!

Copyright Security-Assessment.com 2004

New Technology and Information Loss• USB Fobs

• External Memory Cards

• CD / DVD Writers Common

• PDA’s

• Integration of Cell Phone Technology

• IM

• VoIP

Copyright Security-Assessment.com 2004

Copyright Security-Assessment.com 2004

General Strategies• Track New Technology Opportunities

• Research and define Policy

• Default Deny

• Enforce Policy

– Technical Controls

– Policy Controls

– HR Controls

– Approval / Authorisation Controls

Copyright Security-Assessment.com 2004

VoIP• Implement your strategy and policy

• Architect!

• Default Deny

• “Free is not necessarily cost effective”

• Research

• Be Proactive. Your people are using this now.

Copyright Security-Assessment.com 2004

Instant Messaging• Manage malicious code via A/V or other means

• Control at the gateway

– Default Deny

– Man in the Middle inspection

• Have approved processes and systems

Copyright Security-Assessment.com 2004

Mobile Storage Devices• Encrypt removable media

• USB management of storage devices

• Flash memory security

• Allow managed access to USB storage devices

• Block illegal software installation

• Block .exe .com .vbs .mp3 files etc

• Printer, modem permissions management

• Client side content filtering of removable media

Copyright Security-Assessment.com 2004

Mobile Communications• Discover your Mobile Perimeter

– Asset Database, exposure management

– Capture changes to Mobile Perimeter

– Vulnerabilities

– Connections

• Control Connectivity

• Control Mobile Information Security

– Encryption

– A/V

– Content

Copyright Security-Assessment.com 2004

Emerging Enforcement Technologies• Reflex Magnetics, Reflex Disk Net Pro

• Trust Digital, Trust Enterprise Mobile Suite

• Asset Discovery and Management

• Anti-Spyware for Enterprises

• Connection Enforcement

• Enterprise Quality Encryption for Laptops / Mobile Systems

• Application Aware Firewalls

• MITM Proxys

• Fractured Networks (zones of trust)

Copyright Security-Assessment.com 2004

Copyright Security-Assessment.com 2004

Thank You

Questions?