Bytes Security Guide

introduction Safeguarding data and computing resources

has never been more complex. Security offi cials are

responsible for protecting a network of people and

information that extends beyond their control.

Workforces rely on multiple network-connected

devices - many of them easily portable and

extremely powerful to go about their daily business.

Organisations share data with a multifaceted web of

internal and third-party partners. At the same time,

the threat landscape is changing. Virus attacks have

gone underground as their perpetrators, no longer

interested in fame, go after confi dential data that

can lead to fi nancial gain. Theft of sensitive identity

and fi nancial information now is a serious criminal

enterprise, with a corresponding increase in the

sophistication of cyber-attacks. In this environment,

public-sector organisations and corporate enterprises

must constantly be vigilant about protecting their

networks and data to maintain daily operations and

public confi dence.

securityis changing dramatically

02 | best practice guide to business security

BYTES 020 8786 1500 | 03

In this guide, we identify key

security challenges and provide

solutions and best practices to

address them.

On the following pages, you’ll find

practical advice on preventing data loss,

addressing policy compliance, securing

network endpoints, controlling network

access, improving mobile security,

strengthening messaging security and

choosing a managed security provider.

Our aim is to keep you informed with

up-to-date information on the current

threat landscape, plus other trends

affecting security. Knowledge is power.

The first step in improving security is to

understand the risks and vulnerabilities.

In these fast-changing times, that

means gaining knowledge and

implementing the right solutions today.

Mobile Security Management

Cloud Security

Data Loss Prevention

Messaging Security

Endpoint Security

Network & Infrastructure Security

IT Policy & Compliance

Managed Security Services

p6

p12

p16

p20

p24

p28

p32

p36

contents

Performance and Infrastructure

• Load Balancing• WAN Acceleration

Messaging Security

• Email Filtering• Web Filtering

Data and Application Security

• Encryption• Data Loss Prevention (DLP)• Application Control• Alerts

securityis changing dramatically


Compliance

• Monitoring and Data Capture• Policy Management• Dashboards• Reporting Tools• Log Correlation

Network Security

• Firewalls• Intrusion Detection Prevention /

System (IDP / IDS)• Network Access Control• Wi-Fi• Network Access Control (NAC)

Endpoint Security

• Authentication and Tokens• Single Sign-On• Secure Sockets Layer Virtual Private

Network (SSL VPN)• Endpoint Suite (Anti Virus, Spyware,

Malware, etc)

BYTES 020 8786 1500 | 05

More organisations are allowing employees to use

their personal devices to be more productive on the job.

Today’s smartphones provide robust connections and

computing power so are essentially a fl oating version of the

organisation itself. So how do you keep this environment

secure? Organisations must develop new policies that cover

such questions as, “Which apps and services are allowed?

What does the organisation pay for? Which operating

systems will the organisation support?”

security & managementmobile


www.bytes.co.uk | 07

Create a Unifi ed Policy for Wired and WirelessYou should avoid having different policies for various devices, such as laptops, desktops and smartphones. Having one consistent policy across devices and operating systems simplifi es management of security and also reduces the chances of a breach.

Use Mobile Device Management (MDM)Management tools are essential for control over the integrity of smartphones, downloaded applications, and data accessed and stored on mobile devices. MDM software monitors and secures mobile devices, giving an organisation greater control over smartphones, laptops, tablets and more.

Control ApplicationsA growing number of stores are providing applications for mobile devices. This is another opportunity for malware to be distributed. You should have the ability to inventory the applications on devices. You must also ensure that security data from devices can be fed into a correlation system. Generate security logs just like you do for traditional IT equipment.

best practicesCentralise Network Traffi cHave IP traffi c from smartphone devices fl ow into one centralised location for inspection and cleanup. You can also better monitor compliance with requirements for things such as the Health Insurance Portability and Accountability Act (HIPAA) for electronic health records and the Payment Card Industry Data Security Standard (PCI DSS) for credit, debit and other payment cards.

Think about StandardisationOne approach might be to let employees bring their own devices only if they choose from a small list of devices the organisation is willing to support and allow onto the network.

Consider a ConsultantBecause today’s mobility landscape is fairly new and changing so rapidly, it might be benefi cial to bring in an expert who’s steeped in the latest security methodologies for mobility.

Prepare for 4G and LTEThe higher bandwidth that comes with the next generation of wireless technologies will speed the fl ow of information. But it will also attract hackers. Be ready for new challenges.

Chris SwaniHead of Public Sector, BytesChris SwaniHead of Public Sector, Bytes

Mobile Management provides comprehensive visibility and control over all the popular mobile devices such as iPhone®, iPad®, Android™, Windows® Phone, Symbian®, and BlackBerry®.

Vendor:Symantec

Product:Mobile Management 7.1

Connect mobile devices to the enterprise network with the on-device agent. Allow/deny access to users based on directory groups.

Deploy mobile applications over-the-air or recommend apps from the public AppStore with your organisation specific app repository.

Distribute active content like documents and multi-media videos to end-users in the field. Provides a secure enterprise container with near-real-time update and prioritised views.

Allows automated configuration of device settings around email, VPN and Wi-Fi. Eliminates user-errors and costs associated with large-scale deployments.

Advanced security on devices irrespective of ownership. Set, deploy and update settings like passwords, wipe and application/resource restrictions without any user intervention.

Securely wipe the corporate data from a personal device, without touching the personal data, music and apps. Also delete the documents from Content Library.

Comply with corporate and regulatory requirements around encryption, jailbreak detection and policy updates at all times. Allow/deny access to devices based on status.

Extend strong authentication to mobile devices by integrating with PKI infrastructure. Enable secure access to corporate email, web-based applications, VPN and Wi-Fi.

Asset reporting about devices, users and apps arms the IT teams with near-real-time information. Pre-canned reports along with Alerts and Notifications enable efficient operations management.

Create and implement automated processes that link together people, process and technology. Automate regular tasks like device registration and lost devices.

Manage all forms of computing devices from desktops laptops, servers to smartphones and tablets from a single console with integrated endpoint management. Works as an add-on to CMS 7.1

Delivers MDM functionality in a variety of enterprise environments including Microsoft Exchange 2003/2007/2010, Lotus Notes and Gmail.

Integrated mobile devices with existing investments in infrastructure, processes and personnel for strategic alignment and long-term success.

Self-service Activation

Enterprise AppStore

Content Library

Configuration Management

Security Settings

Selective Wipe

Compliance Enforcement

Certificate Distribution

Helpdesk w/Alerts & Notifications

Process Automation

Unified Endpoint Management

Mail-server Agnostic

Enterprise Integration

Capability Description

mobilesecurity & management

Helping enterpises to confidentally enable mobile productivitiy


BYTES 020 8786 1500 | 09

Anti-theft protection: lock, wipe, locate and SIM control

Anti-virus and firewall protection: providing real-time anti-malware scanning of all incoming files and connections, keeping you free of malicious programmes depending on the IP firewall protection level assigned

Anti-spam for calls & SMS: where there are known spam sources, unwanted names, words and phrases can be added to a blacklist blocking their access

Automatic updates: antivirus databases are updated automatically via WAP/HTTP or via a PC

Supported Operating Systems: Android™ 1.5 – 2.3, Symbian S60 9.1 - 9.4, Symbian^3 (Nokia®), BlackBerry® 4.5 - 6.0, Windows Mobile® 5.0 - 6.5.

Kaspersky Endpoint Security 8 for Smartphone protects confidential data on corporate mobile devices from loss, theft, unauthorised access and mobile malware. A powerful and reliable solution for protecting corporate mobile users from malicious programmes, SMS spam and Internet attacks that target mobile platforms. This edition provides protection for confidential data stored on a smartphone if the device is lost or stolen.

Easy to deploy: can be installed from one point by a single system administrator regardless of the number of mobile device users or their location

Flexible administration: if affected or threatened by a virus epidemic, mobile device security parameters can be changed for all users or specific user groups regardless of their location

Complete control: wherever the user might be, they always have total control over their mobile security along with the system administrator

Vendor:Kaspersky

Product:Endpoint Security 8 for Smartphone

Remote Lock & Wipe GPS Find SIM Control

Anti-Virus + Firewall Encryption Anti-Spam for Calls & SMSs

Centralised Deployment and Management

A powerful and reliable solution for protecting corporate users

Good for Enterprise™ is a powerful, easy-to-use mobility suite that supports mobile collaboration with a great end-user experience on popular handhelds – like the iPhone, iPad, and Android devices – without compromising IT security and control. Good for Enterprise is built on a proven security architecture that has been adopted by top Fortune 500 companies and government agencies. Good for Enterprise includes:

Good Mobile Control - All the mobile devices are managed through a single web-based portal, from here IT administrators can lock down device functionality, control application access and remote wipe mobile units.

Good Mobile Messaging - An award-winning user interface combined with a secure, easy to manage mobile messaging solution makes employees more productive and IT more efficient, all with a low total cost of ownership.

Good Mobile Access - Good’s proven and secure architecture can be used to support and track mobile connections to critical data, allowing the mobile workforce to access the information they need.

Good for Enterprise supports a wide range of industry-leading devices across platforms such as iPhone, Android, Windows Mobile, Symbian, and PalmOS and devices from all major manufacturers including Apple, HTC, Motorola, Nokia, Palm, and Samsung.

“Managing these devices will help, but companies should also consider the roles of other technologies and application practices that reduce data exposure and leakage.”

Gartner. Four Architectural Approaches to Limit Business Risk on Consumer Smartphones and Tablets – Dec 2010, John

Girard, Ken Dulaney

Vendor:Good

Product:Good for enterprise™

mobilesecurity & management

Built on a proven security architecture


BYTES 020 8786 1500 | 11

McAfee ePolicy Orchestrator (McAfee ePO) integration• Offers centralised visibility and control• Displays data within the McAfee ePO

dashboard using charts, tables, and other graphics

• McAfee EMM Device Agent data can be presented with data from other McAfee-secured endpoints and mobile devices within a McAfee ePO dashboard for enterprise-wide visibility, with direct drill down for more details.

The McAfee EMM solution simplifies mobile networking. It blends mobile device management with policy-managed endpoint security, network access control, and compliance reporting in a seamless system. This platform integrates smartphones and tablets into enterprise networks and security management with the same level of security protection, convenience, and scale enjoyed by laptops and desktops.

McAfee EMM features:-

McAfee EMM Device Management• Enables OTA provisioning for users and

reduces IT workload• Allows real-time device access and

provides asset information• Reports mobile device information,

including audit logs, device status, and pending actions.

McAfee EMM Audit and Compliance Service• Visualises mobile assets• Identifies and blocks rogue devices• Silent OTA remediation• Reports compliance status and activity.

McAfee EMM Device Agents• Password, PKI, and two-factor

authentication and remote wipe functions• Leverages native device encryption• Supports Wi-Fi and VPN configuration/

management.

Vendor:McAfee

Product:McAfee Enterprise Mobility Management Platform

McAfee Device Agents

Cell Tower

McAfee EMM Audit and Compliance

Service

McAfee EMM Device Management Gateway

McAfee EMM Self-Service Portal

Email

Active Directory

Other McAfee EMM Server Components• Policy Management• Help Desk• System Management• Reporting

CORP

ORAT

E

F

IREW

ALL

CORP

ORAT

E

F

IREW

ALL

Internet

DMZ Internal Network

Simplified mobile networking

The cloud is a unique environment and

organisations must have a solid security plan in

place before venturing into it. Cloud resources are

available via the Internet, so the ports into them

can become a pathway for attackers. The fact that

your resources and data are in a virtual environment

that’s shared with others is a potential concern.

Cloud computing provides pooled resources that are

accessible over a network on a self-service,

on-demand basis, with rapid elasticity. Cloud

computing is often enabled by virtualisation

technologies. The fl exibility of these two

technologies allows for very quick scaling up

and down as needed.

cloudsecurity


Practice Risk ManagementLook at the risks based on what you will do inthe cloud.

Consider What Belongs and the Security RequiredA lot of things can work really well in the cloud, including applications, backup systems, storage, e-mail and Web serving. But not everything belongs there. Consider security concerns when deciding what to put in the cloud.

Encrypt Sensitive DataBecause the cloud is a shared space, you may want to be extra careful with sensitive information. The cloud is potentially accessible to a lot of different entities. Encryption gives you more confi dence that your data is secure.

Think About LocationIf your cloud services provider is in another country, make sure the provider is observing your local laws when it comes to securing sensitive data.

Put Security Requirements Into Cloud ContractsMake sure the cloud service provider can demonstrate compliance and will keep security up to the levels you require. Make sure it’s all in the contract.

Ask a Lot of QuestionsHow is data protected? How separate are you from other entities in the same environment? Analyse the security posture of your cloud provider from an application/data-centric view. Use a cloud provider that has solid application security in place, including application life cycle management.

Add Additional Layers as NeededSome organisations choose to add layers of security for extra protection. These can include more stringent authentication methods or stronger encryption.

Connect the CloudsWith more elements moving to the cloud, eventually clouds will need to connect to other clouds. Perhaps you’ll have an internal cloud for core operations, and a backup cloud through an outside provider. Find out whether cloud technologies will be compatible with one another. Look into security risks that could result from connecting.

Consider a ConsultantAny good cloud service provider will want to ensure that the cloud works well for you. If the provider has a consulting division to help you make the most of the cloud solution you’re purchasing, it may be helpful to include consulting support.

best practicessecurity

John DwyerAccount Director, Bytes


It has somehow become the norm to pass the burden of security from companyto customers.

Installing, maintaining, downloading and updating is somehow your job, while fi nger pointing, blaming and looking the other way is theirs.

We think it’s time for a change. It’s time for security to be the service it is sold as,instead of the burden it becomes. It’s time to prevent problems instead of scrambling to fi x them. It’s time for Webroot.

We work for you, not the other way around.

cloudsecurity


To fi nd out more about Webroot services, please contact your Bytes account manager.

BYTES 020 8786 1500 | 15

An always-on, cloud-based email security solution that reduces the complexity of protecting your organisation from malware, spam and data leakage.

Always-on securityAnti-spam and anti-virus protection, data leak prevention, secure communication and email routing are all delivered as part of a single unifi ed solution. Mimecast’s team of skilled threat experts, and auto-learning technology, ensures that you remain protected against the latest threats.

Increased protectionMimecast’s massively scalable MTA becomes your email bridgehead in the cloud. Email related threats such as malware, spam, phishing attacks, denial of service and directory harvest attacks are all stopped before they reach your network. This not only reduces risk to your network but also improves the performance of your Exchange server.

Enhanced visibility and controlOrganisation-wide email security policies are managed from a single interface and can be applied with immediate effect, enabling you to respond rapidly to evolving situations. Advanced monitoring functionality gives you real-time views of your SMTP traffi c and offers online queue management and advanced routing capability, to ensure that you stay in control.

Unifi ed Email ManagementMimecast Email Security is just one component of Mimecast’s suite of services for email management- you have the fl exibility to easily add email continuity and archiving services either now or in the future, all managed from a single administration console.

Vendor:Mimecast

Product:Mimecast Email Security

Protecting your business with a cloud based security solution

data lossprevention

Data loss prevention is still a hot topic these days.

With security breaches being widely reported in the

media, increasing numbers of endpoints and increasing

information sharing among workers, the need to secure all

kinds of data is becoming more important. With the rapidly

growing number of mobile devices being used, people have

become the endpoints. The workers themselves, not the

computers, are the new security perimeter.


Protect All DataThat is data stored on USBs and smartphones, and within e-mails and instant messages. Employees use many tools and devices, and they all should be addressed. It’s about protecting the data, wherever it’s stored or used.

Always Go for AccuracyOrganisations need to accurately detect every possible threat to their data. There should be no false positives. The security system should accurately monitor and detect issues for all data types, data endpoints and network protocols.

Have Solid Reporting in PlaceReporting is very important. It’s a valuable tool for fi nding broken business processes. It helps educate both higher-level managers and employees in general. Good reporting can ultimately reduce the number of security incidents. Some organisations have seen risk reduced by 90 percent after turning on automated notifi cation.

Designate Various Classifi cations of DataAll data should be categorised to designate what type of data it is, where it is, how it can be used and where it can be sent.

Control Data at the EndpointOrganisations should be able to discover sensitive data stored on endpoints and then prevent the data from being inappropriately used, sent out or copied to storage devices, such as USB drives, CDs or DVDs.

Maximise EncryptionIt’s best to use encryption only when necessary, for sensitive data. It can be wasteful and costly to encrypt everything. A lot of information is fi ne just the way it is.

Secure All DatabasesAnalyse all data accessed from databases, and check for unauthorised access to sensitive data. Have an audit trail in place for database activities. Look for anomalous database activity from both authorised and unauthorised users.

Scan and Monitor Laptop DataThis can be a challenge because laptops are offl ine much of the time. That can be done, however, by automatically scanning e-mail archives and disk backup fi les to fi nd confi dential data that was previously pulled from the network to a laptop.

best practices

Emma YatesOperations Support Manager, Bytes


• Comprehensive coverage - RSA DLP prevents loss of sensitive data through many risk vectors. It covers email, webmail, social media, FTP, web, Web 2.0, PCs, virtual machines, smartphones, SharePoint, file servers, NAS/SAN, databases, USB devices and more

• Accurate Classification - RSA DLP offers the highest accuracy in identifying sensitive data, achieved through a combination of cognitive sciences-based content classification, machine-based fingerprinting, rich metadata analysis, and purpose-built expert policies

• User education - RSA DLP monitors the actions performed by users on sensitive data and educates them in real-time on policy violations. This improves risk awareness among end users influencing their behavior in dealing with sensitive data

• DLP Ecosystem - RSA DLP is deeply integrated with many enterprise platforms to maximise utilisation of your current infrastructure for DLP projects. These include platforms from vendors such as Microsoft, Cisco, EMC, VMware, Citrix, McAfee, Symantec, and Blue Coat

• People- and Process-Centric - RSA DLP offers automated workflow for policy management, incident remediation, and reports management. This automation is highly people- and process-centric and enables better DLP project management for enterprises.

Vendor:RSA

Product:RSA Data Loss Prevention (DLP) Suite

Websense Data Security Suite includes four integrated modules, managed under a single policy framework:

• Websense Data Monitor: Monitors for data loss on network (Web, email, FTP, other)

• Websense Data Protect: (includes Websense Data Monitor) Enforces automated, policy-based controls to block, quarantine, route to encryption gateway, audit and log, or notify users of violations

• Websense Data Endpoint: Monitors and enforces automated, policy-based controls for data in use via applications and peripheral devices on endpoints; local discovery and classification of confidential data

• Websense Data Discover: Discovers and classifies confidential data stored in enterprise repositories, with customisable remediation action including file removal.

Websense Data Security Suite is the only solution with native enforcement of Web (HTTP), secure Web (HTTPS), and email (SMTP) traffic, eliminating the need for additional expensive third-party proxy solutions.

Vendor:Websense

Product:Websense Data Security Suite

data lossprevention


BYTES 020 8786 1500 | 19

Better endpoint protection• Application File Access Control monitors

and blocks sensitive fi les accessed by any application, including encrypted protocols. Now you can protect sensitive data without restricting access to applications like iTunes®, Skype™ and WebEx™

• Trusted Devices support ensures that sensitive data can be copied to approved external storage devices, while nonsensitive data can be copied to other devices. Leverage the convenience of USB devices that automatically encrypt fi les

• FlexResponse automatically protects sensitive data stored on PCs with encryption and Enterprise Rights Management.

Protect email and Web in the cloud• Hybrid Network Prevent lets you co-locate

Data Loss Prevention with your hosted service provider. Now you can extend the leading enterprise Data Loss Prevention capability into the cloud to lower your risk of data loss.

Data Loss Prevention 11 builds on Symantec’s experience of making data loss prevention work – additional new features across the entire suite help you stay ahead of threats to your customers, brand and information assets with the most advanced solution available.

Simplify the implementation of Data Loss Prevention• Vector Machine Learning (VML) is a new

detection technology for unstructured data that learns how to recognise sensitive data based on samples. Creating policies using VML to protect unstructured data like source code, product formulas and other intellectual property is more accurate than describing the data, and is less time consuming than fi ngerprinting all your sensitive data.

Streamline remediation of data at rest• Risk Scoring assesses each network folder

and highlights those at greatest risk based on the amount of sensitive data in the folder and who has access to it. With risk scoring, Symantec gives you a way to zero in on where to start your data clean-up efforts

• Data Owner Remediation leverages Symantec™ Data Insight to identify the most frequent user of a fi le and automatically sends them a notifi cation that their data may be at risk. Data Owner Remediation helps change the way people think about managing their sensitive information.

Vendor:Symantec

Product:Symantec™ Data Loss Prevention 11

Simplify the protection of unstructured data and streamline the process of data clean up

With e-mail, instant messaging (IM) and Web

collaboration rapidly gaining importance in the daily

work world, it’s more vital than ever for organisations to

keep the data within these messages secure. Much of an

organisation’s critical information travels through e-mail.

IM is increasingly used for business. Online collaboration

too is becoming more popular. These messaging tools

have become essential for day-to-day operations.

security messaging


security Take a Multi-Tiered ApproachIt’s crucial to have security in several tiers throughout a network. This works well because it attacks the security problem in several different places. The perimeter is just as important as the inner workings. From endpoints through gateways and into servers, there should be security at every point.

Fit Messaging Security Into the Big PictureIt is best to have a holistic security system that seamlessly fi ts messaging security within the larger protection system. The big picture should cover antispam, antivirus and compliance for all messaging, not just e-mail.

Integration Is BestWith just one interface, administrators can go in and easily create policies that will be consistent over e-mail, IM and the Web. This saves time in managing messaging security, which results in lower costs.

Accurate Intelligence Is a MustAttackers have their own SMTP servers, they create bots to do their bidding, and are smarter about staying “under the radar” and not causing suspicious traffi c peaks. It’s more important than ever for

organisations to have an accurate view of the current threat landscape at all times.

Use IP Reputation AnalysisAnalysis of IP reputation is a powerful aid. Security experts can determine whether the reputation of an e-mail’s source is good or bad. If a particular sender has a bad reputation, its attempts to connect to a network should be rejected at an early stage.

Have Solid Compliance PoliciesIn addition to cutting down on viruses, spyware and spam, solid security will also help tremendously with enforcing compliance policies. Organisations should stop unauthorised data exchanges, both internally and externally. The system should have numerous options for how to deal with each instance.

Create Internal Content FiltersInternal issues should be addressed by messaging security. Content fi lters can be set up to eliminate employees’ exposure to objectionable content, such as racially insensitive or other infl ammatory material, blocking negative content from reaching employees and going beyond its boundaries.

best practices

Matt ComptonSymantec Business Manager, BytesMatt ComptonSymantec Business Manager, Bytes


messagingsecurity


BYTES 020 8786 1500 | 23

Endpoint securityMore than antivirus, with new built-in software-based network access control

Messaging and Web securityAntispam, messaging, and Web security protection

Backup and recoveryFull system and data recovery

Protection Suite Enterprise Edition is an unparalleled combination of award-winning technologies from the world leader in security and data protection that enables you to completely protect, easily manage, and automatically control the assets most crucial to your business.

Symantec™ Protection Suite Enterprise Edition creates a protected endpoint, messaging, and Web environment that is secure against today’s complex malware, data loss and spam threats, and is quickly recoverable in the event of failure.

Reduce the cost of securing your environment using Symantec™ Protection Center, a single sign-on Web console, and more effectively manage the inherent risks of today’s IT infrastructures with proven Symantec endpoint security, messaging security, and system recovery technologies.

Vendor:Symantec

Product:Symantec™ Protection Suite Enterprise Edition

Protection for Sophisticated IT

Premium Mail Security

Centralised Management

Mobile Security

Desktop Backup & Recovery

Endpoint Protection Web 2.0 Security

Network Access Control

SymantecTM Protection Suite Enterprise Edition

Trusted protection for endpoint, messaging and web environments

endpointsecurity The number of endpoints has exploded. That,

combined with increased data sharing and more mobile

devices, makes endpoint security more important and

more diffi cult, than ever before. The challenge now is to

allow more workers, even those outside organisational

boundaries, to have more access to information while

providing greater security. As the threat landscape

continues to become more complex, managing endpoint

security becomes more expensive and time-consuming.

Endpoints include servers, desktops, laptops and other

mobile devices, such as smartphones and PDAs. To protect

those endpoints, organisations need a solid framework

of security measures. This should include antivirus,

antispyware, desktop fi rewall, intrusion prevention and

application and device control.


Look to ConsolidateIt’s best to consolidate your endpoint security where possible. With several different solutions, management becomes ineffi cient and time-consuming. And the increased complexity leads to higher costs.

Look for a Solution That Combines Core TechnologiesAntivirus, antispyware, fi rewall, intrusion detection and intrusion prevention as well as device and application control - ideally managed from a single console allowing enforcement of security policies across the business.

Use Behavioural-Based MethodsSecurity techniques are always evolving, and this new method studies and reacts to the behaviour of potential threats.

Advanced Threat PreventionIt’s important to have advanced tools that can protect against the most sophisticated attacks that evade traditional security measures, such as rootkits, zero-day attacks and mutating spyware.

Deny Specifi c ActivitiesAn organisation’s endpoint protection should allow it to deny specifi c high-risk device and application activities with the ability to block certain actions based on the user’s location.

Take a Proactive Approach OverallWith the increasing number of endpoints and attackers fi nding more complex ways of getting into a system, it’s vital to have proactive security. This is the best defence against new attacks.

best practices

Adam ThorntonSales Manager, Mid Market, BytesAdam ThorntonSales Manager, Mid Market, Bytes


Key Features

Accelerate Virtualisation, VDI, and Cloud ROI- Provides a lighter, more manageable way to secure VMs with the industry’s first and only

agentless security platform - anti-malware, intrusion prevention, and integrity monitoring built for VMware environments

- NEW! Offers agentless integrity monitoring for greater virtual server security without added footprint

- Delivers 11X more efficient resource utilisation and supports 3X the VM densities of traditional anti-malware solutions

- Improves the manageability of security in VMware environments- Secures VMware View virtual desktops while in local mode with an optional agent- Coordinates protection with virtual appliance and agents to allow continuous and optimised

protection of virtual servers as they move between data center and public cloud.

Maximise Operational Cost Reductions- Optimises the savings of virtualisation or cloud computing by allowing greater virtual

machine consolidation- Reduces complexity with tight integrations to management consoles from Trend Micro,

VMware, and enterprise directories- Provides vulnerability protection to prioritise secure coding and cost-effective implementation

of unscheduled patching- Eliminates the cost of deploying multiple software clients with a centrally managed, multi-

purpose software agent or virtual appliance- Reduces management costs by automating repetitive and resource intensive security tasks,

reducing false-positive security alerts, and enabling workflow of security incident response- NEW! Significantly reduces the complexity of managing file integrity monitoring with cloud-

based event white listing and trusted events.

Prevent Data Breaches and Business Disruptions- Detects and removes malware from virtual servers in real time with minimal impact- Blocks malware that attempts to evade detection- Shields known and unknown vulnerabilities in web and enterprise applications and operating

systems- Detects and alerts suspicious or malicious activity to trigger proactive, preventative actions- NEW! Leverages the web reputation capabilities of one of the largest domain-reputation

databasesin the world to track credibility of websites and protect users from accessing infected sites

- NEW! Provides hypervisor integrity monitoring for VMware vSphere utilising Intel TPM/TXT technology.

Vendor:Trend Micro

Product:Trend Micro™ Deep Security 8.0

endpointsecurity

Comprehensive security platform for physical, virtual, & cloud servers


BYTES 020 8786 1500 | 27

Data Loss Prevention (DLP) We’ll help you monitor data transfers so you can control what users do with sensitive data.

Encryption We make compliance easier. Our SafeGuard encryption secures your computers and removable media.

Network Access Control (NAC) We’ll help you keep your managed and guest computers in line with your security policies and patches.

Support Industry leading tech support and automatic updates, now up to 41% faster, are part of the package.

Learn more and request a free trial at www.sophos.com/endpoint

Get what you need to stop malware on all your users’ computers and prevent data loss. Our single scanning engine is the fastest and most effective in the business - and it won’t stretch your budget.

Key features

Antivirus Our tools scan your systems fast - now up to 15% faster. And practical intrusion prevention comes standard.

Live protection We use cloud technology to block threats and infected URLs.

Management You can protect Windows, Mac, Linux, UNIX and virtualised platforms - all from one console.

Reporting Get the detailed security information you need, whenever you need it, using whatever tools you like. And now we’ve made it even easier to find computers that need to be scanned and that aren’t reporting status.

Application control We’ll help block the use of unauthorised applications. You’ll cut down on infection and data loss, plus help user productivity.

Device control Get a handle on removable storage devices with policies to reduce your risks of malware and data loss.

Vendor:Sophos

Product:Endpoint Security and Data Protection

Vendor:Trend Micro

Product:Trend Micro™ Deep Security 8.0

Comprehensive security platform for physical, virtual, & cloud servers A fast and effective single scanning engine

With the signifi cant increase in the numbers

and types of endpoints accessing an organisation’s

network, providing security for the entire network

has never been more challenging than it is today.

Networks consist of an organisation’s managed

systems, in addition to contractor systems, guest

systems, public kiosks and partner systems.

network& infrastructure security


& infrastructure security Defi ne Correct User Rights for the Correct Task Ensure that your users have the appropriate privilege level for the task at hand, and limit the number of users that have administrator usernames and passwords.

Download Files from Trusted Sites Only Ensure your users only download from trusted sites, which are often main source websites rather than fi le-sharing or generic websites. Also consider who in the company needs to download fi les and applications from a website.

Undertake an Audit of Network Shares A lot of malware can spread via networks. This is commonly due to there being little or no security on network shares. Remove unnecessary shares and secure the others and their contents.

Control Network Connections Consider restricting users from connecting computers to unapproved domains or networks - in most instances, most users need only connect to the main corporate network.

Change the Default IP Range for Your Network Networks often use standard IP ranges, such as 10.1.x.x or 192.168.x.x. This standardisation means machines confi gured to look for this range may accidentally connect to a network outside your control.

Audit the Open Ports on Your Network Regularly and Block Unused Ones Ports are like windows in a house. If you leave them open for long periods of time without surveying them, you increase the chance of letting in uninvited intruders. Disable unused USB ports.

Regularly Audit the Entry Points into Your Network Networks change shape and size all the time, so it is important to look into all the routes into your organisation on a regular basis. Be aware of all entry points. Consider how to best secure the routes to stop unwanted fi les and applications entering undetected or sensitive information leaking out.

Consider Placing Business Critical Systems on a Different NetworkWhen business critical systems are affected, they can slow business processes signifi cantly. To help protect them, consider having them on a different network from the one used for day-to-day activities.

Test New Software on a Virtual Network before you DeployTo ensure that a new installation or update does not cause any problems, test it on a virtual system and check its effects before deploying to the real live network.

best practices

Teja DinningSales Executive, Bytes


Vendor:Check Point

Product:Security Appliances

Next-generation appliances support downloading of security signature updates, and administer them across the network with the click of a button. These can also dispatch updates across the network, ensuring that every corner of the corporate computing environment has the latest protection against threats. In many cases, the gateways automatically keep endpoints (laptops etc) up to date, forcing downloads of the latest protections by quarantining users until they comply. This makes life for administrators easier.

While appliances used to be perceived as a compromise between security and ease-of-use, the latest generation of solutions mix proven, best-of-breed security with a variety of flexible features. These features enable you to integrate the 3 critical dimensions of security – policies, enforcement and users – to help you protect your businesses assets.

network& infrastructure security

The Ins and Outs of Securing Your Network


No matter where a security attack comes from, it’s still a threat to your network and data. So you need to protect against both external threats – hacking attempts, phishing, malware, unpatched vulnerabilities – and internal issues, such as accidental data loss, managing use of Web and social media resources, and more. Securing against this growing range of threats can mean having to use multiple different products, multiplying management complexity and overheads.

The solution to this issue is an integrated security appliance, which can include the key elements needed to secure your network against the widest range of threats, in a single device that also scales to suit your needs. This means you can apply 3D Security across your network, combining policies and enforcement to all your users.

To choose the right appliance for your business, you should look for features beyond the ones needed to maintain basic security – for example, you may need firewalling, IPS, VPN, anti-virus and anti-malware, URL filtering, anti-spam and email security software. Also make sure the appliance includes a centralised management console - this will make keeping control over all the components, and updating them, easier as networks expand.

BYTES 020 8786 1500 | 31

Forefront helps make your network more secure - the configurations are correct, security is deployed where it is needed, and management and reporting are simplified.

Microsoft offers Forefront security products individually, as well as in four different licensing suites:

• The Forefront Protection Suite• The Core Client Access License (CAL)

Suite• The Enterprise Client Access License (CAL)

Suite• The Exchange Enterprise Client Access

License (CAL) with Services Suite.

For further details on licensing Microsoft Forefront contact your Bytes account manager.

Microsoft Forefront delivers comprehensive, end-to-end solutions, both on-premises and in the cloud, to help protect users and enable secure access virtually anywhere. With an integrated portfolio of protection, identity, and access products, you can help secure your environment and manage access across data, users, and systems.

Multi-layered ProtectionAcross endpoints, messaging and collaboration application servers, and the network edge.

• Forefront Endpoint Protection 2010• Forefront Protection 2010 for

Exchange Server• Forefront Online Protection for

Exchange• Forefront Protection 2010 for

SharePoint• Forefront Threat Management

Gateway 2010.

Identity-based Access Built upon Active Directory’s infrastructure to enable policy-based user access to applications, devices, and information.

• Microsoft Forefront Identity Manager 2010

• Forefront Unified Access Gateway 2010.

Simplified Management Integrating with your existing environment to make it easier to deploy and manage your enterprise protections and maintain compliance.

• Forefront Protection Server Management Console 2010.

Vendor:Microsoft

Product:Forefront

A comprehensive family of highly effective security products

it policy& compliance

By practicing good policy compliance,

organisations adhere to both internal policies and

external regulations set up to keep networks and data

secure. Proper compliance results in a more secure,

better-managed IT environment. Policy compliance

involves creating and managing IT policies, assessing

controls and looking for vulnerabilities. It also deals

with prioritising, monitoring and responding to

security events properly, and reporting on security and

compliance status. Compliance is about measuring

overall security against internal and external standards.


Have a Compliance MindsetPolicies don’t enforce themselves. Everyone involved must do his or her part and realise the value of good compliance practices that go well beyond minimum requirements. The result can be a more secure environment and more control of the organisation’s assets.

Link Compliance to Delivery onYour MissionThe organisations most successful with compliance are those that fi nd a way to tie compliance directives to their business goals. Keeping these closely linked improves the chances for successful projects and in getting more funding for future projects.

Have Infrastructure That Lets You AutomateTry to drive the human cost out of compliance efforts. They should try to automate as many tasks as possible. That can lead to more effi ciency and lower costs.

Know Which Regulatory Mandates Relate to Your OrganisationThere are numerous laws requiring IT security compliance. Do you know which apply to your organisation?

Be Able to Demonstrate Compliancee Some fi nd that although they’re complying with everything in the proper manner, they don’t really have the data to prove it. There are three key parts to demonstrating compliance: 1) show you have a good, thorough policy in place; 2) collect data over time to show you’re complying uniformly and regularly; and 3) demonstrate that the policy is effective.

Constantly Evaluate Risks to Your MissionThreats are always evolving. Hackers never stop trying new ways to get around security. Every organisation should be aware of the latest trends within the threat landscape and have a process that’s constantly evaluating the risks to its particular mission.

best practices

Mike WinkworthOperations Manager, BytesMike WinkworthOperations Manager, Bytes


Trusted Client is a self contained encrypted environment that allows employees to connect to an organisation’s network and data whilst preventing data loss and leakage. This secure isolated environment provides access to a corporation’s existing VPN infrastructure as well as backend applications such as Windows desktops and Microsoft applications.

Trusted Client is fully configurable to each organisation’s individual requirements and works with your existing corporate environment with little to no modification to existing systems - this is achieved through support for multiple third party remote access technologies. It can also be used in

Vendor:Becrypt

Business Continuity scenarios, making it an invaluable tool that supports and enforces a comprehensive Information Assurance strategy.

Trusted Client Bootable (Secure access from an ‘unmanaged’ home PC)

Trusted Client Portable (Secure low cost access from a managed device)

Under CESG guidelines, Trusted Client Portable is classified as a managed device.

Protect your confidential data and reduce the risk of a data breach

More than 25,000 customers across commercial enterprises and government agencies trust SafeNet to protect and control access to sensitive data, manage risk, ensure compliance, and secure virtual and cloud environments.

SafeNet’s technology secures your confidential data, enabling you to:• Protect your customers’ Personal Identifiable Information (PII) stored in Microsoft and Oracle

databases• Secure online payments and transactions• Maintain authorised access to corporate resources on laptops, servers and in the Cloud.

SafeNet’s team of experts provide practical advice and guidelines to address your top data security concerns across: • The authentication and defining of role based authorisation of Smartphone and tablets

within your organisation• How to centrally secure and manage your cryptographic keys for data control and

encryption throughout your entire enterprise • How to maintain corporate security policies and achieve regulatory compliance whilst

moving your data to the Cloud.

Vendor:SafeNet

Trusted Client is a self contained encrypted environment

it policysecurity & management


BYTES 020 8786 1500 | 35

Vendor:RSA

RSA Archer eGRC PlatformProvide a repository of threat and security-risk data and a platform for managing security incidents. Enable VMware security-policy implementation and management, security and compliance measurement, issue remediation, and reporting all based on the RSA Archer eGRC Platform.

RSA enVisionProvide security information and event management (SIEM). RSA enVision collects, analyses, and reports on log data, and issues alerts, in the context of threats, vulnerabilities, IT assets, and other data.

RSA NetWitnessProvide precise networking monitoring with understanding of everything happening on the network.

RSA Data Loss Prevention (DLP)Monitor and respond to suspicious activity tied to sensitive data.

Security Operations StrategyProvide a strategic assessment and recommendations based on best practices and use cases.

Security Operations Analysis and DesignCombine requirements gathering and analysis with a design and operational framework. Our lead, fi xed-price offering.

Security Operations ManagementFocus on operational requirements, including data integration, process workfl ows, and operational run book.

RSA will help you build your solution with the following products & services

Managing security, risk and compliance

managedsecurity services

servicesservices

Bytes Security Partnerships is dedicated to

delivering network security services that meet

the needs of our customers. At all stages in the

relationship our account managers and engineers

focus on understanding our customers’ underlying

business drivers and objectives to ensure that

we provide the appropriate solution to meet

these needs. Our experienced IT engineers act as

an extension of our clients’ IT teams providing

security project planning, audit and healthcheck

services, 24x7 on call technical support and

knowledge transfer and training services.


• Sparc Support – a direct-to-engineer telephone support service designed to offer clients quick response times and fast resolution of technical issues.

• Sparc Monitor – an early warning and alerting service to notify clients of potential system outages ahead of downtime.

• Sparc Implement – on-site and remote implementation services that cater for all design, policy development, deployment and documentation requirements.

• Sparc Audit – a selection of health check and assessment services to assist with compliance, general system improvement, performance enhancement and security best practices.

• Sparc Training – “real world” based training services around market leading security technologies. Service offerings specifi cally cater for the client’s environment and background experience levels of the IT team.

• Sparc Strategy – business focused workshops to assist the IT organisation in aligning the security strategy to the overall IT and business strategies.

Aatish PattniSales Manager, Bytes

servicesservices

We pride ourselves on providing IT consultancy, advice & support which enables our clients to get the most out of every security solution we recommend. Our services include:

Aatish PattniSales Manager, Bytes

servicesservices


solution

sEmail and Web Security Web and email content security solutions provide policy-based controls designed to secure, monitor, fi lter, and block threats from messaging (email & instant messaging) and Web traffi c. In doing so, organisations can protect against inbound threats such as spam, fraudulent emails (phishing attacks), viruses, worms, trojans, spyware, and offensive material.Our web and email solutions are also designed to protect against outbound threats such as loss of confi dential data, customer records, intellectual property, and offensive content leaving an organisation.We provide market leading content security solutions for email, Web and instant messaging usage either as in-house appliance based solutions or as a fully managed service.

Network Security Network Security is all about securing the perimeter, which appears to grow into ever increasing circles as the boundary of a network is constantly changing. You need to control access to your valuable data assets and resources, whilst implementing a network security policy that enables the business to compete.

security sevicesmanaged

We offer a wide-ranging portfolio of connectivity, security, communications, governance, risk, and compliance solutions. Instead of supplying an out-of-the-box solution, we consult with clients to understand their current & future security needs and business objectives.

We combine this information with our long-standing market expertise to recommend and implement the most appropriate technologies from the most respected and effective technology partners on the market to deliver on both the business and security needs of our customers.

Our implementation and support sets us apart from other suppliers, from training internal IT teams on systems, to providing 24x7 technical support, to providing market and security information and updates to clients. Our solutions are based around these 5 key areas:


solution

s Call us on 0118 936 4650 for a no obligation discussion about your security services requirements

Every Bytes Security Partnerships network security client can count upon direct contact with highly trained engineers, 24x7 security solutions support both via telephone and online, complete neutrality from us in seeking the best technology partner for their needs and the most cost-effi cient, speedy and smooth rollout of IT products and services possible.

Data Security IT Security has traditionally been focused on the perimeter, however most modern networks have no discernible perimeter and the security focus has now shifted to understanding an organisation’s data and how best to secure it. We can aid in the implementation of an End Point strategy that will ensure the application of unifi ed security controls on every endpoint whilst simplifying management and costs across the organisation.

Mobile SecurityTo remain competitive organisations need to access information, applications and data from anywhere in the world at any time and increasingly from

multiple devices. Bytes Security Partnerships’ mobile security solutions can help you do all of this securely.We offer a range of mobile security solutions including clientless VPN’s with all of the benefi ts opening up the enterprise whilst still retaining stringent policy control. We will identify what solution fi ts with your feature, security and infrastructure needs, and build a project plan to roll out, manage and support you smoothly and cost effi ciently.

Audit and ComplianceWhether you require a full security audit, want to look at your processes or policy, infrastructure technology, potential leakage points or just an audit to streamline your fi rewall rulebase, we can design an audit programme and deliverables to meet your needs.Choose from an array of services that are tailored to meet your individual requirements:• Infrastructure Audit • Vulnerability Assesment• Policy & Procedure Audit • Technology Healthcheck• Granular Firewall Rulebase Audit.

security sevicesmanaged solu

tions

solution

s Call us on 0118 936 4650 for a no obligation discussion about your security services requirements

Dominique Hudson,Internal Sales Team, Bytes


Gold Partner

Gold Partner

Solution Provider

Enterprise Partner

Premier Partner

Business Partner

Elite Partner

Gold Partner

Affi nity One Partner

Platinum Partner

Gold Competency: Volume Licensing, Software Asset

Management

Gold Partner

Authorised Partner

Authorised Partner

Authorised Partner

Silver Partner

Authorised Partner

Gold Partner

UK Head Offi ce15-17 Chessington RoadEwell, Surrey, KT17 1TSphone - 020 8786 1500 fax - 020 8393 6622

Surrey6-7 Market Parade, Ewell Surrey, KT17 1SLphone - 020 8786 1500 fax - 020 8393 6622

YorkSuite G5, Apollo HouseHeworth GreenYork, YO31 7REphone - 01904 428 730

OREGA Manchester3 Piccadilly PlaceManchester, M1 3BNphone - 0161 242 1290fax - 0161 662 7733

IrelandDouglas Business Centre Old Carrigaline Road, DouglasCork, Irelandphone - +353 21 4367090 fax - +353 21 4898636

Security PartnershipsUnit 5, Winnersh Fields, Gazelle Close, Winnersh, Reading RG41 5QSphone - 0118 936 4650fax - 0870 238 6312

Documents

Bytes Security Guide