Copyright Security-Assessment.com 2004

New Technology Enforcement Strategies

by Peter Benson

Copyright Security-Assessment.com 2004

Copyright Security-Assessment.com 2004

The issues• Information Loss• Perimeter Breakdown• Mobile Users• New Technology• Vulnerabilities• Future Directions

Copyright Security-Assessment.com 2004

Perimeter Breakdown• Perimeters slowly disappearing

– VPN– Partner Connections– Home Users– Wireless Insecurities

• Zones of Trust• Testing Security

Copyright Security-Assessment.com 2004

Laptop Users• Current Laptop Loss Rate >4%• Information and hardware costs• Theft Prevention on increase• Minimum controls required for mobile

population– Personal Firewall– AV– Disk Encryption

• Policy and Security Architecture Requirements

• Citrix is your Friend!

Copyright Security-Assessment.com 2004

New Technology and Information Loss• USB Fobs• External Memory Cards• CD / DVD Writers Common• PDA’s• Integration of Cell Phone

Technology• IM• VoIP

Copyright Security-Assessment.com 2004

Copyright Security-Assessment.com 2004

General Strategies• Track New Technology Opportunities• Research and define Policy• Default Deny• Enforce Policy

– Technical Controls– Policy Controls– HR Controls– Approval / Authorisation Controls

Copyright Security-Assessment.com 2004

VoIP• Implement your strategy and policy• Architect!• Default Deny• “Free is not necessarily cost effective”• Research• Be Proactive. Your people are using this now.

Copyright Security-Assessment.com 2004

Instant Messaging• Manage malicious code via A/V or other means• Control at the gateway

– Default Deny– Man in the Middle inspection

• Have approved processes and systems

Copyright Security-Assessment.com 2004

Mobile Storage Devices• Encrypt removable media • USB management of storage devices • Flash memory security • Allow managed access to USB storage devices • Block illegal software installation • Block .exe .com .vbs .mp3 files etc • Printer, modem permissions management• Client side content filtering of removable media

Copyright Security-Assessment.com 2004

Mobile Communications• Discover your Mobile Perimeter

– Asset Database, exposure management– Capture changes to Mobile Perimeter– Vulnerabilities– Connections

• Control Connectivity• Control Mobile Information Security

– Encryption– A/V– Content

Copyright Security-Assessment.com 2004

Emerging Enforcement Technologies• Reflex Magnetics, Reflex Disk Net Pro• Trust Digital, Trust Enterprise Mobile Suite• Asset Discovery and Management• Anti-Spyware for Enterprises• Connection Enforcement• Enterprise Quality Encryption for Laptops / Mobile

Systems• Application Aware Firewalls• MITM Proxys• Fractured Networks (zones of trust)

Copyright Security-Assessment.com 2004

Copyright Security-Assessment.com 2004

Thank You

Questions?