Protecting and Recovering Encrypted Data in Today’s World

BY

© 2016 ISACA. All Rights Reserved

1

BY


Protecting and Recovering Encrypted Data in Today’s World

Ted PanTechnical Product Specialist, Intel Security

BY


2

WELCOME

Use the Attachments button to find the following:

• PDF of today’s presentation

• Link to the Event Home Page where ISACA members can find the CPE Quiz

• MORE information about upcoming CSX events

• Upcoming ISACA Events

• MORE assets from today’s webcast

• Have a question for the speaker? Text it in using the Ask A Question button!

• Audio is streamed over your computer

• Technical issues? Click the ?button

• Use the Feedback button to share your feedback about today’s event

• Questions or suggestions?Visit support.isaca.org

http://www.support.isaca.org/

BY


3

TODAY’S SPEAKER

Ted PanTechnical Product Specialist - Data Protection

Intel Security

BY


4

� Protect Encrypted Data

� Recover Encrypted Data

� Latest Encryption Technologies

� Q&A

AGENDA

BY


5

Do you believe that governments should be allowed to force encryption providers to create a backdoor to their encryption solutions for legal investigations?

A. Yes

B. No

POLLING QUESTION 1

BY


6

THE CONTROVERSY

Balance

BY


7

ENCRYPTION KEY VS PHYSICAL VAULTS

BY


8

PROTECT ENCRYPTED DATA

BY


9

TYPES OF ENCRYPTION

Full Disk Encryption File and Folder Encryption

BY


10

Encryption Algorithm

HOW FULL DISK ENCRYPTION WORKS

It was the best of times, it was

the worst of times.

Encryption Key

BY


11

FULL DISK ENCRYPTION PROTECTS

BY


12

ENCRYPTION BACKDOOR IMPLICATIONS

Trustworthiness Security Customer Impact

BY


13

POLLING QUESTION 2

Would you trust an encryption solution where you don’t have full control of the keys?

A. Yes

B. No

BY


14

Clipper Chip

HISTORIC BACKDOORS

BY


15

Dual Elliptic Curve Deterministic Random Bit Generator (Dual_EC_DRBG)

HISTORIC BACKDOORS (CONT.)

NIST SP 800-90A

BY


16

Recover Encrypted Data

BY


17

RECOVER USE CASES

Help Desk SupportLeaves the Company Investigations

BY


18

BEST PRACTICES

Integrated forensic tools

Centralized console

Protected repository of keys

BY


19

WORKING WITH OUTSIDE AGENCIES

Prevent unjustified disclosure of sensitive data

BY


20

PROTECTING A LOST SYSTEM

Show proof of encryption on a lost or stolen system

BY


21

RECOVERING A CORRUPTED DRIVE

Provide a backup of the key to recover the data

BY


22

Leverage the Latest Encryption Technologies

BY


23

SPEED IT UP

AES-NI Instruction set provides much faster encryption

BY


24

PROTECT THE RAM

Protect against cold boot attack

BY


25

PRE-BOOT AUTHENTICATION

Provide protection before the Operating System starts up

BY


26

BOOT OFF THE NETWORK

Provide keys to a system before the Operating System starts up

BY


27

INCREASED PASSWORD STRENGTH

• Require complex passwords

• Require minimum length of 8

• Disable users when the system doesn’t communicate back with the central server

BY


28


QUESTIONS?For more information visit: www.mcafee.com/dataprotection

BY


29

CYBER SECURITY TRAINING:OUR CSX PORTFOLIO

PERFORMANCE BASED TRAINING – OUR ADVANTAGEInstead of the typical question/answer experience common to other certifications, which merely gauge the memorization of facts, CSX certifications evaluate the hands-on capability and aptitude of an individual desiring to work in the field of Cybersecurity.

BY


30

BY


THANK YOU FOR ATTENDING TODAY’S WEBINARFor more information visit www.isaca.org/cyber

Technology

Protecting and Recovering Encrypted Data in Today’s World