Upload
eliora
View
34
Download
0
Embed Size (px)
DESCRIPTION
Securing Remote Devices and Using Good Internet Security. Jay D. Flanagan Manager, Email, IDM & Security University Technology Services Emory University. Agenda. Remote Device Security Blackberry’s Treo’s / Goodlink Laptop’s Internet Security Where am I going? What sites do I access? - PowerPoint PPT Presentation
Citation preview
Securing Remote Devices and Using Good Internet Security
Jay D. FlanaganManager, Email, IDM & SecurityUniversity Technology ServicesEmory University
2
Agenda
• Remote Device Security– Blackberry’s– Treo’s / Goodlink– Laptop’s
• Internet Security– Where am I going?
• What sites do I access?– What information do I give out?– Desktop security
• Tools
3
Remote Device Security
• Mobility– Working from anywhere– Access to data from anywhere
• Types of Data– Confidential / Restricted– Public
• Storage of Data– Encrypt / Encrypt / Encrypt
Blackberry
4
5
Blackberry
• Built in wireless security features– End-to-end Wireless encryption
• Uses AES or Triple DES
– Can use RSA SecureID for two-factor authentication
– HTTPS for secure data access– S/MIME Support– PGP Support– Digital Certificates
• Certs can be generated
– Smart Card reader
6
Blackberry
• Security for Stored Data– IT policy enforcement and management
• Mandatory authentication• Admins can remotely send commands
– Server permits only trusted connections– Certified Secure
• Advanced embedded encryption technology• Meets required government security standards
– FIPS 140-2
7
Blackberry
• Security Guidelines– Blackberry devices should be password
protected (Can be done as part of the encryption process)
– Anti-virus protection – Postini, Relays, Server and desktop
– Encryption – Transmission of data is already done. Be sure data is encrypted for content on the device – can easily be set up
– Always immediately report a lost, stolen or damaged Blackberry device (Help Desk / Local Support)
– Regularly back-up data
8
Blackberry
• Blackberry Security Links– Google Blackberry Security
•http://www.sans.org/reading_room/whitepapers/pda/258.php
•http://na.blackberry.com/eng/ataglance/security/knowledgebase.jsp#tab_tab_whitepapers
•http://iase.disa.mil/stigs/checklist/wireless_stig_blackberry_checklist_v5r2-1.pdf
TREO/GOODLINK
9
10
Treo/Goodlink
• Microsoft’s Messaging and Security Feature Pack (MSFP)– Direct push technology– Access Global Address List (GAL)– Supports protection against violations
of HIPAA and Gramm-Leach-Bliley Acts• Remote password policy enforcement
and data wipe– Password lengths can be set– Set failed password attempts before wiping of
data
11
Treo/Goodlink
• Security Guidelines– Treo devices should be password protected– Password protect documents– Anti-virus protection – Postini, Relays, Server and
desktop– Encryption – Transmission of data is already done. Be
sure data is encrypted for content on the device – Always immediately report a lost, stolen or damaged
Treo device (Help Desk / Local Support)– Regularly back-up data– Goodlink Security Page Link:
• http://www.good.com/documentation/GMM_Admin_Exchange/Stoli%20Exchange%20Admin%20HTML-03-3.html
12
Treo/Goodlink
• Treo Security Links– Google Treo Security
• http://www.lehigh.edu/~inlts/comp/docs/pda/security/palm/
• http://mytreo.net/archives/2006/04/treo-security-msafe-warden-teallock-comparison-review.html
• http://www.good.com/documentation/GMM_Admin_Exchange/Stoli%20Exchange%20Admin%20HTML-03-3.html
13
Laptops
14
Laptops
• Security Guidelines– Basic Security Measures
•Enable strong passwords•Asset Tag or Engrave the laptop•Register the laptop with the
manufacturer
15
Laptops
• Security Guidelines– Physical Security
• Get a cable lock and use it• Use a docking station• Lock up your PCMCIA cards• Consider other security devices based on
your needs• Use tracking software to have your laptop
call home
16
Laptops
• Security Guidelines– Protecting your Sensitive Data
• Use the NTFS file system• Disable the Guest Account• Rename the administrator account• Consider creating a dummy administrator account• Prevent the last logged-in user name from being
displayed• Use a personal firewall• Consider other security devices based on your
needs• Encrypt your data – Full Disk Encryption• Backup your data
17
Laptops
• Security Guidelines– Encrypting the hard drive
• http://www.guardianedge.com/products/Encryption_Anywhere/Hard_Disk.html
• http://www.dekart.com/howto/encrypt_hard_drive/• http://www.dekart.com/products/encryption/
private_disk/• http://www.safenet-inc.com/products/
data_at_rest_protection/Protectdrive.asp• http://www.truecrypt.org/• http://www.magic2003.net/scrypt/index.htm
18
Laptops
• Security Guidelines– Preventing Laptop Theft
• No place is safe• Use a non descript carry case• Beware of pay phones• Be aware of your laptop at all times
– When traveling by air– When traveling by car– While staying in a hotel– When attending conventions and conferences
• Make security a habit
19
Laptops
• Security Guideline Links– Google on Laptop Security
• http://labmice.techtarget.com/articles/laptopsecurity.htm
• http://www.securitydocs.com/library/3399• http://www.microsoft.com/atwork/
stayconnected/laptopsecurity.mspx• http://infosecuritymag.techtarget.com/
articles/february01/features_laptop_security.shtml
20
Safe Internet Security Practices
•The Internet is great–for searching–for gathering information–for purchasing products and services
•But………………………
21
Safe Internet Security Practices
• Where am I going on the internet and why am I going there?
• What information am I going to give out when I go to a web site?– Do you ask yourself these questions when surfing?
• You should– More and more sites gather information on you when
you surf• Some with your knowledge and some without
– Key loggers, trojans, worms and social engineering are just some of the things that reside on web sites waiting for you to come along.
– Precautions must be taken• Desktop security tools will help• But so will being security aware
22
23
Safe Internet Security Practices
• Desktop Security Tools– Virus Scanning
• Be sure to have anti-virus software installed, running and DAT files up to date
– Update DAT files and software automatically– Schedule regular scans
– Spam Scanning• Manage Postini spam filtering• Set up filters on email client – think hard about
this• Some anti-virus software will also do some limited
spam scanning
24
Safe Internet Security Practices
• Desktop Security Tools– Personal Firewall
• Install and set up personal firewall– Windows XP / Vista– Other Vendors
» Symantec» Zone Alarm
• Keep it up to date • Review logs regularly
– Anti-spyware Scanning• Install anti-spyware software
– Spybot– Yahoo Anti-Spyware– MS Anti-Spyware
• Keep it up to date• Scan regularly
25
26
Safe Internet Security Practices
•Desktop Security Tools–Other host based security tools•Host based IPS•Host based IDS•URL and Content Filters
27
Summary
• Mobility and access to data– Blackberry’s, Treo/Goodlink, Laptops
• Keep these mobile devices secure– Steps that should be taken
• Being safe and secure on the Internet– Security Awareness– Security Tools
28
Contact Information
• Jay D. Flanagan, Emory University– Email
– Phone•404-727-4962
– Web Page•http://it.emory.edu/security
29
?QuestionsQUESTIONS?