Exceptional Technology Solutions, LLCTyler Tech Expo 2013

Solution Spotlight

Security and Compliance

Social Media

SPAM – Spyware - Malware

Social Engineering

• Federal Bureau of Investigation – Criminal Justice Information Systems

• Health Insurance Portability and Accountability Act

• Payment Card Industry -Data Security Standard

• The Sarbanes-Oxley Act of 2002

What is PCI-DSS

• PCI DSS applies to organizations that “store, process or transmitcardholder data” for credit cards. One of the requirements of PCI DSSis to “track…all access to network resources and cardholder data”.

PCI DSS 2.0 RequirementsPenalties: Fines, loss of credit card processing and level 1 merchant requirements

• 5.1.1 - Monitor zero day attacks not covered by antivirus

• 6.5 - Identify newly discovered security vulnerabilities

• 11.2 - Perform network vulnerability scans quarterly by ASV

• 11.4 - Maintain IDS/IPS to monitor and alert personnel; keep engines up to date

• 10.2 - Automated audit trails

• 10.3 - Capture audit trails

• 10.5 - Secure Logs

• 10.6 - Review logs at least daily

• 10.7 - Maintain logs online for three months

• 10.7 - Retain audit trail for at least one year

• 6.6 - Install a web application firewall

What is PCI-DSS

HIPAA

• HIPAA includes security standards for certain health information. NISTSP 800-66, An Introductory Resource Guide for Implementing theHealth Insurance Portability and Accountability Act (HIPAA) SecurityRule, lists HIPAA-related log management needs. For example, Section4.1 of NIST SP 800-66 describes the need to perform regular reviewsof audit logs and access reports. Also, Section 4.22 specifies thatdocumentation of actions and activities need to be retained for atleast six years.

• 164.308 (a)(1)(ii)(A): Risk Analysis—Conducts vulnerability assessment

• 164.308 (a))1)(ii)(B): Risk Management—Implements security measures to reduce risk of security breaches

• 164.308 (a)(5)(ii)(B): Protection from Malicious Software—Procedures to guard against malicious software host/network IPS

• 164.308(a)(6)(iii): Response & Reporting—Mitigates and documents security incidents

• 164.308 (a)(1)(ii)(D): Information System Activity Review—Procedures to review system activity

• 164.308 (a)(6)(i): Log-in Monitoring—Procedures and monitoring log for log-in attempts on host IDS

• 164.312 (b): Audit Controls—Procedures and mechanisms for monitoring system activity

• 164.308 (a)(1): Security management process—Implement policies and procedures to prevent, detect, contain and correct

• security violations

• 164.308 (a)(6): Incident Procedures (R)— Implement policies and procedures to address security incidents

HIPAA

Sarbanes-Oxley

• Although SOX applies primarily to financial and accountingpractices, it also encompasses the information technology (IT)functions that support these practices. SOX can be supported byreviewing logs regularly to look for signs of securityviolations, including exploitation, as well as retaining logs and recordsof log reviews for future review by auditors.

Sarbanes-Oxley

• DS5.3 Identity Management

• Ensure that all users are uniquely identifiable. Enable user identities via authentication mechanisms.

• Maintain user identities and access rights in a central repository.

• Deploy cost-effective technical and procedural measures, and keep them current to establish user identification, implement authentication and enforce access rights.

Sarbanes-Oxley

• DS5.4 User Account Management

• Address requesting, establishing, issuing, suspending, modifying and closing user accounts and related user privileges with a set of user account management procedures.

• Perform regular management review of all accounts and related privileges.

Sarbanes-Oxley

• DS5.5 Security Testing, Surveillance and Monitoring

• Test and monitor the IT security implementation in a proactive way.

• A logging and monitoring function will enable the early prevention and/or detection and subsequent timely reporting of unusual and/or abnormal activities that may need to be addressed

Sarbanes-Oxley

• DS5.6 Security Incident Definition

• Clearly define and communicate the characteristics of potential security incidents so they can be properly classified and treated by the incident and problem management process.

Sarbanes-Oxley

• DS5.7 Protection of Security Technology

• Make security-related technology resistant to tampering

Sarbanes-Oxley

• DS5.9 Malicious Software Prevention, Detection and Correction

• Put preventive, detective and corrective measures in place (especially up-to-date security patches and virus control) across the organisationto protect information systems and technology from malware (e.g., viruses, worms, spyware, spam).

Sarbanes-Oxley

• DS5.10 Network Security

• Use security techniques and related management procedures (e.g., firewalls, security appliances, network segmentation, intrusion detection) to authorise access and control information flows from and to networks.

Sarbanes-Oxley

• DS5.11 Exchange of Sensitive Data

• Exchange sensitive transaction data only over a trusted path or medium with controls to provide authenticity of content, proof of submission, proof of receipt and non-repudiation of origin.

Sarbanes-Oxley

• ME1 Monitor and Evaluate IT Performance

• ME1.4 Performance Assessment

• Periodically review performance against targets, analyze the cause of any deviations, and initiate remedial action to address the underlying causes. At appropriate times, perform root cause analysis across deviations.

• ME1.5 Board and Executive Reporting

• Develop senior management reports on IT's contribution to the business.

• Provide the report to senior management, and solicit feedback from management's review.

• ME1.6 Remedial Actions

• Identify and initiate remedial actions based on performance monitoring, assessment and reporting.

• Since July 2010 ETS has been approved to work with PoliceDepartments, Fire Departments, EMT and 911 Data Centersthrough the Texas Department of Public Safety and the FederalBureau of Investigation. All of our managers, technicians andengineers are required to be approved by TLETS/CJIS before weallow them to work on any of our clients.

What is CJIS/TLETS

• TLETS provides intrastate interconnectivity for criminal justiceagencies to a variety of local, state, and federal data base systems.Additionally, TLETS’ link with Nlets, the International Justice andPublic Safety Network, facilitates exchange between criminal justiceagencies across the state of Texas to their counterparts in otherstates. The link with Nlets allows DPS to provide critical information tothe national criminal justice community and allows TLETS operatorsto obtain information from a variety of data base services from otherstates, Canada, Interpol, and private companies.

What is CJIS/TLETS

The CJIS Addendum requirements are outlined in a 46 page addendum published by the FBI and collaboratively though the Texas Department of Public Safety TLETS agency. The Addendum outlines every aspect of IT security:

• User security and access

• Logging

• Hardware management

• Software management

• Mobility

• BYOD

• Mobile data terminals

• Firewall and Workstation Security and updates… And Many more.

Security Partnerships

Partnerships

• Alert Logic offers Security-as-a-Service in the cloud — a platform offully managed products and services to keep your data safe andcompliant. Whether your IT infrastructure is on-premise, in the cloudor anywhere in between, our portfolio of solutions and deploymentoptions allows unprecedented visibility into your environment, savingyour business time, money and worries about data compliance andsecurity.

Partnerships

• The XTM family of next-generation network security appliances arebest-in-class, performance-driven solutions. Blazing fast throughputcombines with advanced networking features to handle high-volumetraffic securely - and at an affordable price. Includes a suite of flexiblemanagement tools that allows IT administrators to manage securitythrough an intuitive centralized console, command line interface, andweb UI. For businesses of all sizes, whether they have thousands ofusers, or just a few.

Partnerships

• Giving Government Secure Access to the Information It Needs

• When it’s a matter of safety or public service, it’s paramount that your mobile workforce has the information it needs to get the job done as efficiently as possible.

Partnerships

• The Public Sector required reliable products that can be counted on in daily operations and in a crisis. Our expanded product, technology and service solutions enables state and local government officials and public safety workers to access vital information wherever their job takes them.

Communications is quite literally mission-critical for law enforcement agencies, firedepartments, emergency medical serviceproviders and other public safetyorganizations. In the past, first responderswere limited to voice communications witheach other and with command and control.The result was a potentially dangerous lackof situational awareness.

Partnerships

4.9 GHz Wireless Networks for Law Enforcement and Emergency Response

• Penetration testing: probe, protect, comply

• For organizations of any size, penetration testing is an absolute necessity. Regardless of whether it is driven by regulatory compliance, corporate liability concerns, or basic network hygiene, penetration testing is the foundation of enterprise security. It identifies vulnerabilities, validates existing controls, and, when done right, provides a roadmap for remediation. Monthly, quarterly, or annually, IBM can meet the penetration testing demands of any business in any industry. Just give us a call to get started.

Partnerships

Backup and Disaster Recovery Services

Partnerships

Exceptional Technology Solutions, LLC offers a complete business backup and disaster recovery solution. DNABackup and Disaster Recovery is a full service solution designed to work in a multitude of environments. Whether your organization requires data retention from a single desktop or across an entire global network. DNABackup is the right fit for you.

SecuritySecure 128 bit or 192 bit AES encryption.All of our technicians are TLETS/CJIS approved through TxDPS and the FBI.All data backed up to ETS secure facility.Worry free restore. We handle it for you.

Cross Platform SupportBackup most platforms including:Windows XP, Vista, 7 2003, 2008Linux (most variants)VMware (V-Sphere, ESX, ESXi)MS Hyper-VSAN, NAS, DASMS SQL, MS Exchange & MS Sharepoint backup

BenefitsAll backups monitored 24/7/365 for consistency.All support included in monthly fees.

To Wrap Up…

• ETS is a Premier East Texas Based IT Solutions Company that specializes in Managed Services, Cloud Services and Advanced Professional Services.

• At ETS we do not sell products… We partner with our clients to provide the best solutions, from hardware to the software to the financial services and everywhere in between. Because a solution is not a solution unless it’s a total fit.

• ETS has a very robust security and compliance offering with various best of breed partners to further strengthen our efforts to keep your business secure and compliant.

Any Questions?

Exceptional Technology Solutions, LLC419 Rice RoadTyler, Texas 75703

903 509 0008 Local877 281 0008 Toll Freehttp://www.etstexas.com