act user meeting june 2011. your entitlements window entitlements, roles and v1 security overview...
TRANSCRIPT
![Page 1: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/1.jpg)
Safety First:
ACT User MeetingJune 2011
New Challenges in Securing Your Environment
![Page 2: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/2.jpg)
V2 User Security
![Page 3: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/3.jpg)
3
What we will cover.
• Your entitlements window
• Entitlements, roles and v1 security overview
• Problems with v1 security
• Tasks, jobs and v2 security overview
• V2 user administration
![Page 4: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/4.jpg)
4
Next 2 slides
Finding your Entitlements window
![Page 5: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/5.jpg)
5
Click to view your entitlements
![Page 6: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/6.jpg)
6
From Account Master (and any screen)...
![Page 7: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/7.jpg)
7
Next slide
The Entitlements window shows what entitlements you have for the current screen.
![Page 8: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/8.jpg)
8
Entitlements Window
![Page 9: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/9.jpg)
9
Next slide
The Entitlement window also shows what tasks and jobs hold these entitlements.
![Page 10: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/10.jpg)
10
After double-clicking an entitlement
There is a log that records any change to a user security profile.
![Page 11: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/11.jpg)
11
What is an Entitlement?
• It is a grant to you that entitles you to do “something”.
access a screen.access a button.run a batch menu item.
• In V1 security, entitlements were granted to users one by one on the User Administration screen. But, there are many entitlements...
![Page 12: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/12.jpg)
12
What is a Role (V1)?
• It is a grant to you that allows access to data. (data privileges)
• In v1 security, roles were named after job functions.
Accounting Attorney
![Page 13: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/13.jpg)
13
V1 Security
• For you to do your job, you were granted each entitlement, one or more roles, and all BMIs
1 or more roles User 40 or more entitlements
all batch menu items (BMIs)
![Page 14: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/14.jpg)
14
Problems with V1 Security
• Entitlements may allow you to do something that the roles would not.
Screen fails !
• It was up to the user administrator to grant the proper entitlements.
Difficult !
• The roles would become outdated.Undependable !
![Page 15: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/15.jpg)
15
Problems with V1 Security
• Roles were very difficult to categorize.“This data is ACCOUNTING and this data is ATTORNEY”
• Roles had to be created by ACT.Too general or too specific for different
clients
![Page 16: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/16.jpg)
16
V2 Security• For you to do your job, you are granted one or
more v2 jobs.
User 1 or 2 jobs
![Page 17: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/17.jpg)
17
V2 security
user job task entitlement data privilege entitlement data privilege entitlement entitlement BMI BMI BMI
![Page 18: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/18.jpg)
18
Task
• ACT builds the tasks and verifies them.
• A task provides a complete set of entitlements, BMIs and the privileges needed to perform that function.
![Page 19: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/19.jpg)
19
Next 3 slides
A task's entitlements, BMIs and data privileges, viewed from the Security Maintenance screen.
![Page 20: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/20.jpg)
20
A Task’s Entitlements
![Page 21: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/21.jpg)
21
A Task’s BMIs
![Page 22: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/22.jpg)
22
A Task's Data Privileges
![Page 23: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/23.jpg)
23
Jobs
• ACT assembles tasks into jobs.
• A job is a complete inventory of tasks for a specific job title (as it relates to ACT).
![Page 24: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/24.jpg)
24
Next slide
A job’s tasks, shown from the Security Maintenance screen.
![Page 25: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/25.jpg)
25
Jobs
![Page 26: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/26.jpg)
26
Next slide
Creating a custom job using the Security Maintenance screen.
![Page 27: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/27.jpg)
27
Client Specific Jobs
![Page 28: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/28.jpg)
28
Next Slide
Granting a job using the Secutiy Administration screen.
![Page 29: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/29.jpg)
29
Granting a job to a user
![Page 30: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/30.jpg)
30
Next slide (shows entitlement s only)
Fine tuning from the Security Administration screen allows entitlement and BMI changes for the given user.
![Page 31: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/31.jpg)
31
Fine Tuning - Entitlements
![Page 32: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/32.jpg)
32
Next 2 slides
Fine tuning allows tasks and data privilege changes from Security Administration
![Page 33: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/33.jpg)
33
Fine Tuning - Tasks
![Page 34: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/34.jpg)
34
Fine Tuning - Privileges
![Page 35: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/35.jpg)
35
Next Slide
All actions are recorded and are viewable from the Security Administration screen.
![Page 36: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/36.jpg)
36
Grant History
![Page 37: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/37.jpg)
Information SecurityLGB&S, LLPACT User MeetingJune 2011
![Page 38: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/38.jpg)
38
Agenda
•Zeus toolkit video•Security and the End User•Malicious Code – Internet• File Transfer Protocol (FTP)
Security
![Page 39: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/39.jpg)
39
Zeus toolkit
![Page 40: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/40.jpg)
40
Zeus Lifecycle and Statistics• First identified in 2007, used against US Department of Transportation• Active in 2009, compromising FTP accounts and personal data• Active in 2010-2011, compromising bank and credit card data
• Proliferation• Controlled machines are in 196 countries
• Targets Windows machines• Availability• Removal and Detection
![Page 41: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/41.jpg)
41
Security and the End User• Best Practices• Be aware of your environment• Keep your antivirus software up to date• In a corporate environment, use anti-spam technologies• Ensure your computer has the most recent patches
• LGB&S solutions• Awareness Training• Forefront• IronMail• SCCM
![Page 42: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/42.jpg)
42
Malicious Code - Internet• Recent Trends• Browsers without current patches• Trusted sites infected with malicious code• Silent redirects
• What can you do?• Keep your browser and its plugins patched• Keep your operating system patched• Investigate and purchase a Web Security Gateway or an IDS which monitors port 80 and 443
![Page 43: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/43.jpg)
43
FTP Security• Recent Issues• Buffer overflow in FTP Service in Microsoft IIS 5.0 through 6.0• Heap-based buffer overflow in Microsoft FTP service 7.0 and 7.5• Stack-based buffer overflow in ProFTPD (Linux)• ProFTPD Backdoor
• Prevention• Update and patch vulnerable systems• Disable anonymous connections• Use strong passwords• Use SFTP, FTPS
![Page 44: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/44.jpg)
44
LGB&S EFT• GlobalScape Enhanced File Transfer Server• Supports• SFTP• FTPS• HTTP/S (Portal)• HTTP/S Web Transfer Client• FTP – LGB&S does not utilize this protocol on this
server.• Secure• Complex passwords• User account security• Connection security• PCI compliant• Federal Information Processing Standards (FIPS) 142-
2 Compliance
![Page 45: ACT User Meeting June 2011. Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security](https://reader034.vdocuments.net/reader034/viewer/2022051819/5518a2ce550346c31f8b4950/html5/thumbnails/45.jpg)
45
LGB&S EFT• Scheduled patching• Scheduled anti-virus scanning• Configuration control