network and endpoint security v1.0 (2017)
TRANSCRIPT
![Page 1: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/1.jpg)
Deliveringthebestinzservices,software,hardwareandtraining.Deliveringthebestinzservices,software,hardwareandtraining.
Deliveringthebestinzservices,skills,securityandsoftware.
NetworkandEndpointSecurityRuiMiguelFeio– SeniorTechnicalLead
![Page 2: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/2.jpg)
Agenda• NetworkandEndpointSecurity– whatisit?• Problemsandrisks• Impactandcostofasecuritybreach• HowtoimplementNetworkandEndpointSecurity?• EndpointSecuritymanagement• Challenges• Realexampleofanineffectiveimplementation• OnlineworldandHackers• Networkandendpointsecurityonthemainframe
![Page 3: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/3.jpg)
WhoamI?
RUIMIGUELFEIO
• SeniorTechnicalLeadatRSMPartners• BasedintheUKbuttravelsallovertheworld• 18yearsexperience workingwithmainframes• StartedwithIBMasanMVSSysProgrammer• Specialistinmainframesecurity• Experienceinotherplatforms
![Page 4: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/4.jpg)
TechnologicalandSocialEvolution
• Societyisevermoredependentontechnologytofunction• There’saprevalenceforstoringdataindigitalformat• Globalisationisnotonlyasocial-economicevent,butdigitalaswell
(Internet)
ImageSource:paleoplan.com
![Page 5: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/5.jpg)
Thedigitalnetwork
![Page 6: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/6.jpg)
• Networksecurityreferstotechnologiesandprocessesthatareusedtokeepdigitalnetworksingood,secureworkingorder.
• Endpointsecurityreferstoanydevicethatconnectstothedigitalnetwork,fromserverstodesktops,mobiledevices,andanyotherdevicethatisnetwork-enabled.
• Assuch,NetworkandEndpointSecurityaimstoprotectandensurethenormalfunctioningofthedigitalnetworkanddevicesconnectedtoit.
NetworkandEndpointSecurity
![Page 7: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/7.jpg)
• Wecanonlysecurewhatwe‘control’:– Companydigitalnetwork– Devicesconnectedtothecompany’s
digitalnetwork
• Isthisenough?No,weshouldalsoconsider:– People– Businesspartners– Serviceproviders– Physicalsecurity
Securingourinterests
![Page 8: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/8.jpg)
• Misconfiguredhardware/software• Lackofknowledgeandresources• Defaultsettings• Humanfactor• Cybercriminals• Systemsnotup-to-date• Solutionsnotfitforpurpose• Lackofinterest• Outofsupportsoftware/hardware
Problemsleadtosecurityrisks
![Page 9: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/9.jpg)
• OS/2wasacomputeroperatingsystem,initiallycreatedbyMicrosoftandIBM,thenlaterdevelopedbyIBMexclusively.
• ThefirstversionofOS/2wasreleasedinDecember1987andnewerversionswerereleaseduntilDecember2001.
• OS/2wentoutofsupportinDecember2006.• OS/2isstillusedtodaybyaUKBanktorunone
ofitscriticalapplication.• There’snoplantohaveitmovedintoadifferent
platform.
HaveyoueverheardofOS/2?
![Page 10: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/10.jpg)
• Asecuritybreachcanhavedevastatingeffectstothecompany:– Reputation– Exposureofconfidentialdataand
information– Financial
• Itcanevencompromisetheexistenceofthecompany
ImpactofaSecurityBreach
![Page 11: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/11.jpg)
Costofasecuritybreach
https://www-03.ibm.com/security/infographics/data-breach/
![Page 12: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/12.jpg)
Costofasecuritybreach
https://www-03.ibm.com/security/infographics/data-breach/
![Page 13: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/13.jpg)
Costofasecuritybreach
https://www-03.ibm.com/security/infographics/data-breach/
![Page 14: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/14.jpg)
Costofasecuritybreach
https://www-03.ibm.com/security/infographics/data-breach/
![Page 15: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/15.jpg)
HowtoSecure?
YourLogoYourLogo
SECURITY
Processes
Analysis
Education
Review
Monitor
Alerting
Audit& Testing
Improve
![Page 16: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/16.jpg)
EndpointSecurityManagement
http://cybersec.buzz/endpoint-security-sizzling-however/
![Page 17: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/17.jpg)
TheChallenges
Mentalities
![Page 18: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/18.jpg)
OnaPenTestatoneofthetop5USbanks:• Clientwasconvincedtheyhadatopoftheart
networksecuritysystem.• IdecidedtounplugEthernetcablefromoneof
theterminalsandconnectittomylaptop• Thiswentwithoutdetection• Iwasabletorunaportscanonthemainframe
withoutdetection• Thiswasjustthebeginning!!...
Whenyouthinkyougotitright...
![Page 19: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/19.jpg)
OnaPenTestatoneofthetop5USbanks:• Clientwasconvincedtheyhadatopoftheart
networksecuritysystem.• IdecidedtounplugEthernetcablefromoneof
theterminalsandconnectittomylaptop• Thiswentwithoutdetection• Iwasabletorunaportscanonthemainframe
withoutdetection• Thiswasjustthebeginning!!...
Whenyouthinkyougotitright...
Vulnerabilities24highrisk
25mediumrisk2lowrisk
![Page 20: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/20.jpg)
OffWithTheirHeads!!
![Page 21: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/21.jpg)
• Isitenoughtoprotectthecompany’sdigitalnetworkanddevices?
• Haveyouconsiderinternalbreaches?
• Howabouttheonlineservicesyouuse?
• Isyoursitereallysecure?
• Iseveryonefollowingthesecurityprocedures?
Thebigquestions
![Page 22: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/22.jpg)
• Mostonlineservices(Google,socialmedia,etc)collectdata:– Typeofdevice(OS,Webbrowser,device
type,etc)– Location
• Thisdatacanbeusedto:– Developuser/companyprofiles– Customisedads– Customisedwhatwesee(WYSIWYG)
TheOnline’World’
![Page 23: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/23.jpg)
• CompaniesareaprimetargetforHackers• Socialmediaisasourceofinformation• Datacollectedonlinecanbeusedto
compromiseyoursystems• Hackershavetime,patience,andinmany
cases,resources• It’snotamatterofifyouwillbehacked,it’s
amatterofwhatwillyoudowhenyouare?
TheHackersarecomingforyou
![Page 24: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/24.jpg)
Hackers’resources
![Page 25: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/25.jpg)
Socialengineering
http://www.social-engineer.org/social-engineering/social-engineering-infographic/
![Page 26: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/26.jpg)
Hackers’resources
![Page 27: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/27.jpg)
NetworkandEndpointsecurityonthemainframe• SERVAUTHclass:
– STACK– PORT– NETACCESS
• PolicyAgent• AT-TLS• IPSEC• IPFiltering• IntrusionDetectionServices
![Page 28: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/28.jpg)
• DefenceManagerDaemon• TrafficRegulationManagementDaemon• SyslogDaemon(SyslogD)• SNAenvironment• EnterpriseEdition(EE)connectionsmake
surewhotheyareconnectedtoandwhataccessthe3rd partieshas
• InternalTelnetconnections
NetworkandEndpointsecurityonthemainframe
![Page 29: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/29.jpg)
• Implementalertingsystems(IBMzSecure,Vanguard,…)
• Monitoringsystems• Performonaregularbasis:
– Securityaudits– Penetrationtestings– Securityremediations– Recertification
• Reviewprocessesandprocedures• Educateandtrainyourresources
Mainframe– Whatelse?
![Page 30: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/30.jpg)
• Reviewyoursecuritypoliciesacrosstheboard• Reviewyourtechnologicalestate• Provideregulartrainingandawareness• Keepyoursystemsup-to-date• Segregateanddonotallowdevicesthatdonotmeet
theminimumsecurityrequirements• Performregularsecurityaudits,andpentests• Payspecialattentiontodefaultsettings• Alwaysassumeyou’vealreadybeenhacked!
Beforewego,aquickreview
![Page 31: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/31.jpg)
Questions?
![Page 32: Network and Endpoint Security v1.0 (2017)](https://reader033.vdocuments.net/reader033/viewer/2022042908/58f0f55c1a28ab5d208b45d9/html5/thumbnails/32.jpg)
RuiMiguelFeio,[email protected]:+44(0)7570911459www.rsmpartners.com
Contact
www.linkedin.com/in/rfeio