how much security is enough? · intrusion detection system intrusion prevention system desktop...
Post on 30-Apr-2020
5 Views
Preview:
TRANSCRIPT
How much Security is Enough?
Security & Solution
Security & Solution
Security & Solution
What is adequate Security to your Organization?
• What need to be protected?• Why does it need to be protected?• What happened if it is not protected?• What will it cost you?
How to get started?
Audit & Assessment• Identify your business processes• Identify assets that are supporting your business
processes• Identify threats to those assets• Assess your current security measures (Security
assessment)
Output• A risk treatment plan tailored to your
organization need and priority
Example
Company ABC - Distributed workforce- IT Infrastructure
- Messaging- Web- Database- Remote Access
Audit & Assessment of Company ABC
Business process is- Placing of order by Sales personnel- Enquiry by Online customer
Assets that are required by those processes
Placing of order by Sales personnel• Dial-up Server• Web server• Database server• Messaging server• PC / Notebook used by sales personnel
Enquiry by customer• Web server• Internet connection• Database server• Messaging server
Threats identified to those assets
Dial-up server – power, lightning, hackerWeb server – power, worm, hacker,
phishingDatabase server – power, worm, hacker,
disgruntled employeeMessaging server – power, worm, hackerPC – power, worm, virus, hacker, SPAMInternet Access – Power, DDOS
Security assessment
• Security assessment aim is to find vulnerabilities
• Not just on IT infrastructure but also processes
Risk Treatment Plan
• Reduce the risk • Accept the risk• Outsource the risk
Reducing Risk
• Security Policy• Educating your users• Implement Security Products to mitigate risks
SecuritySecurityAwareAware
Network Infra Network Infra
Evolution of Security Tools
FirewallFirewall
Intrusion Intrusion DetectionDetectionSystemSystem
Intrusion Intrusion PreventionPrevention
SystemSystem
DesktopDesktopAntivirusAntivirus
Gateway Gateway AntivirusAntivirus
SPAM SPAM FilteringFiltering
AntivirusAntivirusSuiteSuite
ContentContentFilteringFiltering
BandwidthBandwidthShapingShaping
Deep PacketDeep PacketInspectionInspection
FirewallFirewall
ConsolidatedConsolidatedPerimeter Perimeter
DeviceDevice
Integrated Integrated SecuritySecurity
ApplianceAppliance
Power
• UPS
• Generator
Lightning
• Lightning arrestor
Worm
• Email worm– Anti-virus suite
• Network worm– OS Patching suite
Hacker
• Network based IPS / Host based IPS
• Multi-tier Firewall• VPN• Two factor
Authentication• Wireless Security
Disgruntled Employee
• Authentication• Authorization• Accounting / Tracking• Access control
– Physical– Logical
Virus / SPAM
• Anti-virus suite• Anti-spam suite• Educating users
Customer Internet Mail Statistics
• Total emails received through our gateway = 3,444,992
• SPAM emails = 1,252,243(36.35%)
• Emails with Virus = 177,858(5.16%)
DDOS
• Intrusion prevention systems
• Prevent your network from being flooded
Phising
Protect own staff• Anti-virus suite• IPS• Education
Protect users• Outsourcing
service
Accepting Risk
• Power– Generator
• Phising– Protecting users
Outsourcing risk
• Outsource to insurance company - fire• Outsource to MSP – phishing, spam
Common Security Misconceptions1. My network is not interesting enough to be
attacked.– Worms attack your network and systems not to
steal information from you. But to create havoc and make your computer as a launching pad to attack other network and systems.
2. If the system is working fine, we have not been cracked yet– Are you sure? Security Assessment is the often a
best way to find out whether that’s true.
3. Installing Firewall (or Antivirus or IDS ..) will solve all our problems– “Security is not a product but a process.”– Do you have a clearly define process?
Common Security Misconceptions4. We can't afford the investments to properly secure
our systems.– Security does not necessary means huge
investment, sometimes it only require changes in user mindset and behaviour to secure systems.
– Security assessment help you to identify where you should spend based on your organization priority
5. This website uses SSL, so it must be secured.– Heard of “Phishing”? Maybank2u.com user details
update
Where do I start?• Totally clueless?
– Speak to a reputable Security Solution provider• (example - KKIPCOM)
• Some Idea.. For DYI1. Identify your processes & assets & threats to them2. Do a security assessment & come up with risk treatment plan3. Implement those plan4. Train up your security team & Educate your users5. Monitor your security baseline (from security assessment)6. Sign up for vulnerability email lists7. Monitor patches and patch them religiously8. Do periodic security assessment
� Alternatively� Consider outsourcing
Resources for DYIRead Up! Subscribe to security mailing lists or RSS logs
�SANS Institute: Articles, resources, and vulnerability listings. http://www.sans.org
�Security Focus: Vulnerability listings and home of the Bugtraq mailing list. http://www.securityfocus.com
�CERT: Vulnerability advisories and security articles. http://www.cert.org
�MyCERT: http://www.mycert.mimos.my
�National ICT Security & Emergency Response Centre: http://www.niser.org.my
KKIP Communications Sdn BhdServices
IT and Security Consultancy
ManagedSecurityServices
SecurityMonitoringServices
Professional Services
Thank you
Everyone is welcome to our boothTo see some of the security appliances
top related