Upload
others
View
5
Download
0
Embed Size (px)
Citation preview
GUARDING AGAINST THE BREACHCDW SECURITY PRACTICE
Securing your organization is a constant process that involves protection
detection and reaction We have the solutions services and partners to help
you develop this process so that you can remain poised against todayrsquos dangers
and whatever threats the future might bring
DETECTION
PROTECTION REACTION
TODAYrsquoS TOP FOUR CHALLENGES
Persistent Pervasive Th reat Evolution mdash Th e email worms
and phishing scams of yesteryear havenrsquot vanished Th eyrsquove only
morphed growing more sophisticated and insidious while getting
lost in a horde of newer more diverse threats Does a month go
by anymore without some large group suff ering a breach that
compromises millions of user records Implementing the right
security tools processes and policies holistically has never been
more critical
Mobility amp Access Control mdash Th e Bring Your Own Device (BYOD)
concerns of fi ve years ago have also shifted and multiplied In a
completely connected world data must be secured across the full
range of apps and services running on all devices Today old-school
fi rewall and access policies arenrsquot enough Authenticated access with
the right permissions is just as important for mobile devices as it is
for corporate notebooks workstations and third-party devices
Compliance mdash With compliance breach fi nes often ranging from
$5000 to $50000 per instance IT leaders continue their struggle
for eff ective ways to automate adherence to industry regulations
and drive down compliance costs
Staying Current mdash In just one year the total number of mobile malware
samples has grown by 167 (McAfee Labs Th reat Report June 2014)
Th e exploding number of stealth attacks mdash meaning non-detectable
malware and advanced persistent threats mdash was impossible to tally
Th e threat landscape evolves and expands constantly making the
construction of a sound security strategy and allocation of security
budgets immensely diffi cult for many IT departments
STAND READY AGAINST ALL THREATS
2
LOCK IT DOWN
For nearly as long as computers have been in service system managers have fought a running battle against those who steal digital assets and
wreak havoc From preteen pranksters to organized crime to disgruntled employees the number variety and sophistication of threats continually
climb Th e more data you have and the higher that datarsquos value the more enticing a target your organization becomes Unfortunately perpetrators
donrsquot have to reach within your walls to succeed You have mobile workers cloud resources and other vulnerabilities
CDW can help We understand that security is not a product mdash itrsquos a process We have the alliances skills and strategies to build a solution that keeps
your organization protected
AT A GLANCE
1
2
3
4
of US organizations polled in 2013 lost
$1 million or more to cybercrime incidents27 of respondents noted cybercrime losses
between $50000 and $1 million219 2 PricewaterhouseCoopers 2014 Global Economic Crime Survey
Th e average organization cost of a
breach in 2014 up 15 from 20131$35 millionof US breaches are caused by
malicious or criminal attacks1 441 IBMPonemon Institute 2014 Cost of Data Breach Study
Page 3 Our PeopleEvery security deployment is unique and it
takes experts to know how to tailor a solution
for each diverse organization Our security
teams can guide you from early planning to
post-deployment assessments
Page 4 Our SolutionsSecurity can and should address many facets
of everyday operation from data management
to network access to safe mobile computing
Our solution groups will understand your security
needs from a holistic perspective and guide you
into an optimal security stance
Page 9 Our ServicesTh e process of creating and maintaining security
requires a range of teams devoted to uncovering
weaknesses and building strength Our security
teams deliver services from assessments to
confi guration to make sure that your security
vision becomes a secure reality
Page 12 CDW Advantages and PartnersWe have the experience and certifi cations to
prove that CDW knows security and our roster
of premier security partner vendors means
that we have the right resources for any occasion
TABLE OF CONTENTS WHAT YOUrsquoLL FIND INSIDE
bull GIAC Security Essentials Certifi cation (GSEC)
bull GIAC Certifi ed Incident Handler (GCIH)
bull Certifi ed Ethical Hacker (CEH)
bull Certifi ed Information Systems Security Professional (CISSP)
bull Certifi ed in Risk and Information Systems Control (CRISC)
bull Cisco Certifi ed Internetworking Expert ndash Security (CCIE Security)
bull Cisco Certifi ed Security Professional (CCSP)
bull Cisco Security Master
bull Expert Partner - Symantec Data Security Competency
In 2013 the average number of security events detected
per polled organization was 135 An incalculable number
of additional security incidents went undetected For
those who could estimate the fi nancial liability of security
breaches the annual loss was approximately $4150003
$415000
Education combined with countless hours of fi eld experience forms the backbone of CDWrsquos security
qualifi cations We know that products are a necessary part of IT security but at the same time we understand
that process matters at least as much as any security application or appliance For example a data loss
prevention system canrsquot do any good if IT doesnrsquot keep adapting it to your workersrsquo changing habits and the
services they use Security is dynamic It requires practice and vigilance and never-ending improvement
By understanding todayrsquos threat landscape and the emerging risks of tomorrow we can help safeguard
your organizationrsquos entire IT ecosystem from network to mobile devices and local data to cloud resources
We do this by crafting a security process that focuses on protection detection and response
From security assessments to consultative design services to solution implementation we can help
organizations with each unique need and make sure that the resulting security process will be as durable
for the long term as it is eff ective wherever needed
Our position as one of the nationrsquos premier security solution providers relies on continually updating
our knowledge Many top partners in the public and private spaces off er coursework and training
embodying the latest security advances requirements and procedures and CDW takes great care
to master these We have earned many security credentials including
Security is not a fi eld in which experts can aff ord to get comfortable and calcify At CDW we push ourselves
every day to master new information and skill sets because thatrsquos exactly what the cybercriminals are doing
Th e enemy is always growing more subtle and adept Th ose who donrsquot stay in step roll the cyber-incursion
dice with ever-worsening odds
OUR PEOPLE
WE KNOW SECURITY
3 PricewaterhouseCoopers report US Cybercrime Rising Risks Reduced Readiness
Get security news analysis andadvice straight from our experts
Check out CDWrsquos security blog at
CDWsolutionsblogcomsecurity
CDWcomsecurity | 8008004239
OUR SOLUTIONS
of surveyed organizations reported that
their endpoints had been the subject
of an advanced persistent threat (APT)
a type of network attack in which an
unauthorized person gains data access
and may remain undetected on the
network for a long period of time4
54
5 McAfee Labs Th reats Report June 20144 Ponemon Institute 2013 State of the Endpoint
CDWrsquoS DATA SECURITY SOLUTIONS
DATA LOSS PREVENTION (DLP)
For IT life gets decidedly riskier beyond the fi rewallrsquos familiar protection
DLP is both a strategy and a type of software for determining which
data needs to be kept within your walls and enforcing limits on that
datarsquos freedom of movement CDW off ers DLP solutions that also help
enforce security policies while identifying those trying to handle data
in unsanctioned ways
ENCRYPTION
Applying encryption to data renders fi les incomprehensible to any
unauthorized interceptor without impairing that datarsquos utility to
authorized users CDW off ers encryption solutions for applications
storage and network traffi c so that data stays protected everywhere
and at all times
ENDPOINT PROTECTION
Desktops have long been malware targets but now phones and tablets
are also at risk More endpoints leave organizations increasingly
vulnerable When malware can morph into hundreds mdash even thousands mdash
of variants seep into networks through multiple entryways and
propagate in minutes the damage can range from wasted productivity
all the way to data loss or content interception
1
2
3
Data is every organizationrsquos lifeblood It needs to flow easily but not be spilled
Increasingly mobile workers require ready access to sensitive data beyond the
bounds of IT supervision yet IT must keep control over where data resides
who can see it and whether sharing it poses a risk to the organizationrsquos interests
Misuse doesnrsquot even have to be malicious Accidental deletion corruption and
sharing of data happen all the time
Our experts can help you build a strategy that keeps your data where it ought to
be across your entire ecosystem intact and in the right hands This may involve
any of several technologies designed for increasing ITrsquos control over your valued
ones and zeroes
DATA SECURITY
Q1 2014 witnessed a new record in
novel malware created mdash over 30
million mdash bringing the total of known
malware to more than 225 million5
+ 225 million
4
Today the traditional LAN is only a beginning It may dovetail with the storage area
network multiple Wi-Fi systems and now carrier-fueled cellular routers Across these
users must maintain secure data tunnels between their offi ce systems mobile devices
and cloud resources Where does one network begin and another end How can IT erect
borders when the data landscape is so shadowed and shifting
Th e only way to control a modern network is to proactively embrace a comprehensive
risk-management strategy As with data security a large part of success revolves around
controlling who has the authority to use resources Rogue devices should be blocked as
should unwanted traffi c and unauthorized users CDW can help establish a chain of authority
throughout your network to protect your organizationrsquos resources and data
CDWrsquoS NETWORK SECURITY SOLUTIONS
NEXT-GENERATION FIREWALL
Next-generation fi rewall solutions off er more visibility and control
than ever by integrating multiple security technologies in a single
platform CDW off ers NGFW solutions that combine features of stateful
inspection fi rewalls IPS content fi ltering and application control mdash all on
a single platform to protect your organization from sophisticated threats
NEXT-GENERATION INTRUSION PREVENTIONSYSTEM (IPS)
Malware and illicit data activity can reveal themselves through atypical
network activity and event application traffi c A capable IPS will spot
such anomalies and help lock them down before they can run rampant
Moreover next-generation solutions can help IT better understand their
users and device activity as well as daily network conditions Th is helps
organizations spot potential problems faster and respond immediately
ADVANCED THREAT DETECTION
For even more demanding security environments advanced threat
detection appliances can assess network traffi c according to deeper
criteria such as source reputation threat-level protocols and
executable analysis Th e object is to detect analyze block and
respond to advanced hidden attacks in real time
NETWORK ACCESS CONTROL (NAC)
An NAC process regulates device and user access to the network
according to set policies based on client confi guration andor
end-user authentication With extensive logging and reporting
capabilities an NAC solution will keep unwanted elements off the
network and IT informed of any repeated access attempts
1 3
2 4
NETWORK SECURITY
OUR SOLUTIONS
Years ago segmenting internal and external hosts made for
a reasonably secure network mdash but not anymore More
sophisticated malware must be met with added layers of
defense even behind the fi rst fi rewall CDW security architects
can craft additional internal network segmentation with
secondary fi rewalls to bolster total network protection
FEATURED SERVICE NETWORK SEGMENTATION
Learn more about next-generation
fi rewalls and their enhanced feature
sets in our NGFW white paper at
CDWcomnextgen-wp
CDWcomsecurity | 8008004239
For many organizations mobility means supporting multiple platforms and form factors and
extending management and security policies to both corporate-liable and employee-owned
devices Mobility doesnrsquot function in a silo Customers need to ensure that networks are
properly secured and initiatives such as endpoint security encryption and authentication
are appropriately integrated
We approach mobile security holistically That means crafting every solution to fit each
organizationrsquos unique business needs Our team of experts can discuss the right tools
and strategies to meet your objectives and build a mobile security solution thatrsquos flexible
and comprehensive
MOBILE DEVICE MANAGEMENT (MDM)
Keep the sprawl of user devices and all of their attendant apps under
control An MDM platform will protect manage and control devices with
security profi les and enforceable policies including giving IT remote control
over security rights locking wiping and centralized activity visibility
MOBILE APPLICATION MANAGEMENT (MAM)
End users should not have the fi nal say on apps when sensitive data is
in play MAM platforms give IT the ability to distribute and manage apps
securely while reporting on app usage managing access and identifying
potentially harmful software
MOBILE CONTENT MANAGEMENT (MCM)
Organizations may want to control how their data fl ows to mobile
users both in terms of rights restriction and on-demand distribution
MCM options will protect data in transit as well as at device and cloud
endpoints while also improving the effi ciency of spreading information
and functionality to mobile workers and partners
SECURE REMOTE ACCESSVPN
Long a fi xture for notebook users needing a secure path through
the public Internet VPNs can now safeguard handheld device data
traffi c as well CDW can also help implement web security and
content controls for your devices on the go
1 3
2 4
Make peace with mobility
Check out our webinar Achieving Complete
Security Endpoint Mobile and NAC to learn C
more about keeping a leash on datarsquos free-
ranging data CDWcomendpoint-web
When MDM masters BYOD
Find out how law firm Dowling Aaron
implemented a mobile data strategy that
also keeps client information secure
Watch our video CDWcombyod-security
MOBILE SECURITY
OUR SOLUTIONS
of new mobile malware incorporates some way for the attacker
to make money off the mobile device user6886 F-Securecom ldquoMobile Th reat Reportrdquo Q1 2014
6
CDWrsquoS MOBILE SECURITY SOLUTIONS
CDW DLP RISK ASSESSMENT
Our DLP RA team can help you better understand where your data resides in your infrastructure who has access to it what potential
threats and vulnerabilities exist and how to best protect your cloud environment from exploitation before you invest in cloud solutions
Assessments can be used before and after a cloud migration to understand how the move might have changed the organizationrsquos risk
profi le and compliance status
Not that long ago the biggest question in adopting cloud technology was whether to
go with a public or private model Today the situation is more complex All cloud models
pose delicate security challenges and IT should be able to address public private
and hybrid options as conditions change and your organization may need (perhaps
repeatedly) to transition from one model to another This is no reason to back away
from the cloud Rather itrsquos an opportunity to seize the cloudrsquos potential in a more secure
fashion that will help protect your operations and earn end-user appreciation
CLOUD SECURITY
CDWrsquoS CLOUD SECURITY SOLUTIONS
DATA LOSS PREVENTION (DLP)
Just because your data lives outside your walls doesnrsquot mean yoursquove
lost the ability to manage it DLP within a cloud environment helps
ensure that sensitive data stays within its intended application
AUTHENTICATION
You canrsquot open your IT gates for everyone who comes knocking
CDW cloud experts can help craft user authentication and identity
management solutions so yoursquore able to control who has remote
access to your organizationrsquos data applications and processes
ENCRYPTION
Keeping data encrypted on your local servers is step one Now
make sure that your cloud-based assets are equally protected
both in transit and at rest
NEXT-GENERATION FIREWALLS
Next-generation fi rewalls provide a single point of visibility into multiple
areas of security functionality in a single platform Th ey combine the
features of stateful inspection fi rewalls intrusion prevention systems
content fi ltering and application control on a single piece of hardware
allowing those components to communicate with each other
SECURITY INFORMATION AND EVENT
MANAGEMENT (SIEM)
We off er SIEM technologies that unify log management anomaly
detection incident forensics and confi guration and vulnerability
management Th ese solutions give you a consolidated view of your
IT data so you can understand identify and stop cyber threats and
attacks while reducing the impact of breaches
1
2
4
3
5
OUR SOLUTIONS
of surveyed organizations possess
a centralized cloud security policy7Only 40 7 Ponemon Institute 2013 State of Endpoint Security
CDWcomsecurity | 8008004239
All vertical markets enforce their own respective industry state and federal regulations
(eg HIPAA SOX and PCI compliance) While no one disputes the ultimate benefi ts of such
regulations the paperwork and potential fi nes for noncompliance are infamous Fortunately
there are ways to streamline and partially automate the compliance process
Being compliant can retain trust and loyalty by demonstrating your ability to protect sensitive
information However pursuing compliance can be mind-numbingly complex and cumbersome
and it should be addressed only after taking steps to fully safeguard the organizationrsquos primary
data and network security You want an expert at your elbow able to spot potential compliance
problem areas and guide you through the most effi cient ways of resolving any gaps
CDW architects have the training and experiencenecessary to help prepare you for bull PCI DSS Compliance
bull HIPAA Compliance
bull FISMA Compliance
bull SOX Compliance
bull Gramm-Leach-Bliley Act (GLBA) Compliance
COMPLIANCE
OUR SOLUTIONS
COMPLIANCE GAP ASSESSMENTS
Do you need help with achieving or maintaining compliance with
the PCI DSS HIPAA HITECH or other standards CDW can help
As your trusted security advisor we can identify compliance
data security shortfalls and make conservative cost-eff ective
recommendations to help resolve problems and help
you meet regulatory requirements
Evolving Security Eff ortsto Meet PCI DSSTh e latest version of the payment card industry(PCI) standard includes new requirements thatorganizations must meet by the end of 2014Find out more in our white paper at
CDWcompci-wp
of organizations that suffered a data breach in 2013
were compliant with PCI DSS Requirement 18
identities were exposed via breaches in 2013 mdash more than
doubling the 232M of 20119
Only 125
Over 552M
8 F-Securecom ldquoMobile Th reat Reportrdquo Q1 2014
9 Symanteccom ldquoInternet Security Th reat Reportrdquo 2014
8
Sick Security System mdash SolvedFor one of the many real-life examples of howCDW helps steer organizations into regulatorycompliance check out our video on howone hospital system leveraged our securityassessments to heal its HIPAA ailments
CDWcomcompliance-video
The right technology isnrsquot always enough The difference between security and vulnerability
comes down to the right people mdash people who assess deploy and manage that technology
to fit the way you do business
We have the people with the expertise and experience to understand which technologies
address current security concerns From design to implementation and management our
people know how to build a solution that fits your needs and prepares your IT infrastructure
for future threats
OUR SERVICES
BEST-OF-BREED SECURITY SERVICES
SOME OF OUR TOP SECURITY GROUPS
SECURITY ASSESSMENT TEAM
Assessment is the backbone of security planning and ongoing
maintenance Our consulting specialists perform many types
of vendor-neutral assessments such as
bull Penetration testing (ldquowhite hatrdquo hacking)
bull Deep vulnerability scans
bull Internal and mandated policy compliance
bull Forensics and incident response
bull Policy and procedure work
FIELD SECURITY SOLUTION ARCHITECTS
Our fi eld security team members are in-market resources
who can consult on Cisco security architecture and design
an appropriate solution to meet your business objectives
CDW THREAT CHECK (CTC) TEAM
Last yearrsquos malware assessment is already out of date Th e CTC
specialist team scours an organization for all manner of malware
using the latest tools and methods Our dedicated team off ers a
zero-dollar threat check to help you get started
INSIDE SECURITY SOLUTION ARCHITECTS
Security spans from deep within client system platforms to far beyond
the networkrsquos edge CDWrsquos complete spectrum of security solutions
encompasses hundreds of products from over 50 major security
vendors Our inside architects can assist in everything from solution
design to Bill of Materials confi guration
SECURITY DELIVERY ENGINEERS
Our security delivery engineers will work with you to implement
security solutions into your environments while giving you a full
understanding of their functionality through training
DATA LOSS PREVENTION (DLP) SOLUTIONARCHITECT TEAM
Our DLP solution group specializes in pinpointing where data could
be or is slipping from your organizationrsquos control
1
2
3
4
5
6
IBM notes that human factors account for roughly 80 of all data vulnerabilities
Th ese factors break down like so10
6 Vulnerable code
31 Undetermined
6 End-user error
42 Misconfi gured system or application 15 Targeted attack exploited
10 IBMcom ldquo2013 IBM Cyber Security Intelligence Indexrdquo
To Err Is Human
CDWcomsecurity | 8008004239
Senior CDW security experts have the knowledge and resources needed to perform both external and internal assessments on your
IT systems networks and applications Th ey will unearth security exposures and potential vectors through which all manner of threats
can enter and execute future exploits Since the 1990s CDW has conducted more than 1000 security assessments including
bull ExternalPerimeter Testing
bull Internal Assessment
bull Wireless Assessment
bull Application-specifi c Penetration Testing
bull Social Engineering Testing
SECURITY ASSESSMENTS AND VULNERABILITY TESTINGA security solution built to meet your business objectives and fit the way you work starts with a comprehensive
assessment Our testing services start from square one evaluating your IT systems networks and applications
to identify current vulnerabilities and how current threats could exploit them
VULNERABILITY ASSESSMENT mdash Our vulnerability
assessments are designed to help you keep pace with evolving
threats by evaluating current IT systems to determine and categorize
present vulnerabilities that could be exploited by a sophisticated
adversary Our teams will classify and rank vulnerabilities so you
can prioritize risks and take on the most destructive threats fi rst
A thorough assessment provides you with a customized report with
cost-eff ective concise recommendations to tackle specifi c security
problems or threats that may require penetration testing
PENETRATION TESTING mdash If the results of a vulnerability
assessment merit it organizations may gain a clearer view of
their security stance with penetration testing Unlike vulnerability
assessment penetration testing begins at an organizationrsquos network
edge phones and lobby examining everything from password
strength to policy adherence Th e engineerrsquos job is to fi nd at least
one way to perform a breach mdash ldquohacking for goodrdquo mdash in order to test
existing security controls Penetration test results allow CDW experts
to refi ne their recommendations and off er organizations specifi c
strategic plans for optimizing their IT protection
Analyses of external and internal threats will overlap but both must be
examined in the context of vulnerability assessments and penetration testing
OUR SERVICES
10
11 PwC report US Cybercrime Rising Risks Reduced Readiness
NATURE OF CYBERSECURITY INCIDENTS11
For more information about CDWrsquos security
assessment services check out our
overview at CDWcomriskassessment72 external
28 internal
CONFIGURATION SERVICES
Security deployment doesnrsquot have to be disruptive We can
send security engineers onsite to deploy and confi gure security
solutions with or without participation from your IT staff
All solutions receive thorough testing before deployment
concludes to ensure that software assets and the network
remain protected
SECURITY PROFESSIONAL SERVICES
CDWrsquos consultant team works around the clock with
organizations to provide the best security advice services and
expertise available We keep abreast of cutting-edge solutions
and on which threat trends our clients should keep a wary eye
Our mission is to communicate educate and guide you through
the process of implementing a successful security solution
throughout your organization
CDWcomsecurity | 8008004239
SECURITY PROFESSIONAL SERVICES
How long does it take for insidermisuse to be discovered12
Verizonrsquos 2014 Data Breach Investigations Report offers some fascinating insights into the
difference between cybersecurity incidents (63437 total for 2013 from the 50 public and
private global organizations surveyed) and actual breaches (1367) For example crimeware
accounted for 20 of all incidents but only 4 of actual breaches indicating that enterprise
security is doing a decent job of thwarting this particular threat genre On the other hand
web app attacks comprised 6 of all incidents but 35 of all breaches showing an area of
opportunity in enterprise security readiness on this front
These breach weaknesses and disparities are well known among security veterans such
as CDWrsquos security groups We can surgically evaluate each layer of your organizationrsquos
current protection to determine if appropriate hardware software and services are in
place The objective is to make sure that you donrsquot become part of next yearrsquos security
statistics and leave you operating with organization-wide security that is flexible
formidable and scalable
12 Verizon Wireless ldquo2014 Data Breach Investigations Reportrdquo
Specifically across 50 organizations 70 insider incidentstook years to discover Thatrsquos chilling
18 Hours
22 Weeks
2 Years
11 Months
34 Days
OUR SERVICES
CDW ADVANTAGES AND PARTNERS
12
151594
Th e terms and conditions of product sales are limited to those contained on CDWrsquos website at CDWcom notice of objection to and rejection of any additional or diff erent terms in any form delivered by customer is hereby given CDWreg CDWbullGreg and PEOPLE WHO GET ITtrade are trademarks of CDW LLC all other trademarks and registered trademarks are the sole property of their respective owners
To learn more about CDWrsquos security offeringscall 8008004239 contact your account manageror visit CDWcomsecurity
Anyone can say they do security CDW has the pedigree the people and the roster of protected satisfied clients to declare
We do it right We have mastered the discipline of the security process
This is not some empty boast While there are few industry standards concerning how to implement IT security the gold standard
for enterprise security readiness guidelines is the NIST Cybersecurity Framework drafted by the US Commerce Departmentrsquos
National Institute of Standards and Technology in an effort to help organizations identify and enhance their IT security positions
The five key functions outlined in the Framework Core are identification protection detection response and recovery mdash all
elements addressed by CDW in its solutions and services
CDWcomsecurity | 8008004239
CDW has the resources and experience necessary to help remedy any organizationrsquos IT security shortcomings
Many organizations can make this promise but only CDW can deliver
WErsquoVE GOT THE PROOF
AWARDS
bull Highest partner level and highest partner certifications
with most major vendors
bull Average of three ldquoSecurity Partner of the Yearrdquo awards
every year since 2005
bull A dedicated full-time security team since 1998
bull 1500+ security assessments
bull 3500+ firewall designs
bull 150 solution architects and engineers
focused on security
We partner with the most advanced industry leaders in security giving you access to the latest and best
solutions for your needs whether they come from a single vendor or a combination of many
PARTNERS WHO GET IT
TODAYrsquoS TOP FOUR CHALLENGES
Persistent Pervasive Th reat Evolution mdash Th e email worms
and phishing scams of yesteryear havenrsquot vanished Th eyrsquove only
morphed growing more sophisticated and insidious while getting
lost in a horde of newer more diverse threats Does a month go
by anymore without some large group suff ering a breach that
compromises millions of user records Implementing the right
security tools processes and policies holistically has never been
more critical
Mobility amp Access Control mdash Th e Bring Your Own Device (BYOD)
concerns of fi ve years ago have also shifted and multiplied In a
completely connected world data must be secured across the full
range of apps and services running on all devices Today old-school
fi rewall and access policies arenrsquot enough Authenticated access with
the right permissions is just as important for mobile devices as it is
for corporate notebooks workstations and third-party devices
Compliance mdash With compliance breach fi nes often ranging from
$5000 to $50000 per instance IT leaders continue their struggle
for eff ective ways to automate adherence to industry regulations
and drive down compliance costs
Staying Current mdash In just one year the total number of mobile malware
samples has grown by 167 (McAfee Labs Th reat Report June 2014)
Th e exploding number of stealth attacks mdash meaning non-detectable
malware and advanced persistent threats mdash was impossible to tally
Th e threat landscape evolves and expands constantly making the
construction of a sound security strategy and allocation of security
budgets immensely diffi cult for many IT departments
STAND READY AGAINST ALL THREATS
2
LOCK IT DOWN
For nearly as long as computers have been in service system managers have fought a running battle against those who steal digital assets and
wreak havoc From preteen pranksters to organized crime to disgruntled employees the number variety and sophistication of threats continually
climb Th e more data you have and the higher that datarsquos value the more enticing a target your organization becomes Unfortunately perpetrators
donrsquot have to reach within your walls to succeed You have mobile workers cloud resources and other vulnerabilities
CDW can help We understand that security is not a product mdash itrsquos a process We have the alliances skills and strategies to build a solution that keeps
your organization protected
AT A GLANCE
1
2
3
4
of US organizations polled in 2013 lost
$1 million or more to cybercrime incidents27 of respondents noted cybercrime losses
between $50000 and $1 million219 2 PricewaterhouseCoopers 2014 Global Economic Crime Survey
Th e average organization cost of a
breach in 2014 up 15 from 20131$35 millionof US breaches are caused by
malicious or criminal attacks1 441 IBMPonemon Institute 2014 Cost of Data Breach Study
Page 3 Our PeopleEvery security deployment is unique and it
takes experts to know how to tailor a solution
for each diverse organization Our security
teams can guide you from early planning to
post-deployment assessments
Page 4 Our SolutionsSecurity can and should address many facets
of everyday operation from data management
to network access to safe mobile computing
Our solution groups will understand your security
needs from a holistic perspective and guide you
into an optimal security stance
Page 9 Our ServicesTh e process of creating and maintaining security
requires a range of teams devoted to uncovering
weaknesses and building strength Our security
teams deliver services from assessments to
confi guration to make sure that your security
vision becomes a secure reality
Page 12 CDW Advantages and PartnersWe have the experience and certifi cations to
prove that CDW knows security and our roster
of premier security partner vendors means
that we have the right resources for any occasion
TABLE OF CONTENTS WHAT YOUrsquoLL FIND INSIDE
bull GIAC Security Essentials Certifi cation (GSEC)
bull GIAC Certifi ed Incident Handler (GCIH)
bull Certifi ed Ethical Hacker (CEH)
bull Certifi ed Information Systems Security Professional (CISSP)
bull Certifi ed in Risk and Information Systems Control (CRISC)
bull Cisco Certifi ed Internetworking Expert ndash Security (CCIE Security)
bull Cisco Certifi ed Security Professional (CCSP)
bull Cisco Security Master
bull Expert Partner - Symantec Data Security Competency
In 2013 the average number of security events detected
per polled organization was 135 An incalculable number
of additional security incidents went undetected For
those who could estimate the fi nancial liability of security
breaches the annual loss was approximately $4150003
$415000
Education combined with countless hours of fi eld experience forms the backbone of CDWrsquos security
qualifi cations We know that products are a necessary part of IT security but at the same time we understand
that process matters at least as much as any security application or appliance For example a data loss
prevention system canrsquot do any good if IT doesnrsquot keep adapting it to your workersrsquo changing habits and the
services they use Security is dynamic It requires practice and vigilance and never-ending improvement
By understanding todayrsquos threat landscape and the emerging risks of tomorrow we can help safeguard
your organizationrsquos entire IT ecosystem from network to mobile devices and local data to cloud resources
We do this by crafting a security process that focuses on protection detection and response
From security assessments to consultative design services to solution implementation we can help
organizations with each unique need and make sure that the resulting security process will be as durable
for the long term as it is eff ective wherever needed
Our position as one of the nationrsquos premier security solution providers relies on continually updating
our knowledge Many top partners in the public and private spaces off er coursework and training
embodying the latest security advances requirements and procedures and CDW takes great care
to master these We have earned many security credentials including
Security is not a fi eld in which experts can aff ord to get comfortable and calcify At CDW we push ourselves
every day to master new information and skill sets because thatrsquos exactly what the cybercriminals are doing
Th e enemy is always growing more subtle and adept Th ose who donrsquot stay in step roll the cyber-incursion
dice with ever-worsening odds
OUR PEOPLE
WE KNOW SECURITY
3 PricewaterhouseCoopers report US Cybercrime Rising Risks Reduced Readiness
Get security news analysis andadvice straight from our experts
Check out CDWrsquos security blog at
CDWsolutionsblogcomsecurity
CDWcomsecurity | 8008004239
OUR SOLUTIONS
of surveyed organizations reported that
their endpoints had been the subject
of an advanced persistent threat (APT)
a type of network attack in which an
unauthorized person gains data access
and may remain undetected on the
network for a long period of time4
54
5 McAfee Labs Th reats Report June 20144 Ponemon Institute 2013 State of the Endpoint
CDWrsquoS DATA SECURITY SOLUTIONS
DATA LOSS PREVENTION (DLP)
For IT life gets decidedly riskier beyond the fi rewallrsquos familiar protection
DLP is both a strategy and a type of software for determining which
data needs to be kept within your walls and enforcing limits on that
datarsquos freedom of movement CDW off ers DLP solutions that also help
enforce security policies while identifying those trying to handle data
in unsanctioned ways
ENCRYPTION
Applying encryption to data renders fi les incomprehensible to any
unauthorized interceptor without impairing that datarsquos utility to
authorized users CDW off ers encryption solutions for applications
storage and network traffi c so that data stays protected everywhere
and at all times
ENDPOINT PROTECTION
Desktops have long been malware targets but now phones and tablets
are also at risk More endpoints leave organizations increasingly
vulnerable When malware can morph into hundreds mdash even thousands mdash
of variants seep into networks through multiple entryways and
propagate in minutes the damage can range from wasted productivity
all the way to data loss or content interception
1
2
3
Data is every organizationrsquos lifeblood It needs to flow easily but not be spilled
Increasingly mobile workers require ready access to sensitive data beyond the
bounds of IT supervision yet IT must keep control over where data resides
who can see it and whether sharing it poses a risk to the organizationrsquos interests
Misuse doesnrsquot even have to be malicious Accidental deletion corruption and
sharing of data happen all the time
Our experts can help you build a strategy that keeps your data where it ought to
be across your entire ecosystem intact and in the right hands This may involve
any of several technologies designed for increasing ITrsquos control over your valued
ones and zeroes
DATA SECURITY
Q1 2014 witnessed a new record in
novel malware created mdash over 30
million mdash bringing the total of known
malware to more than 225 million5
+ 225 million
4
Today the traditional LAN is only a beginning It may dovetail with the storage area
network multiple Wi-Fi systems and now carrier-fueled cellular routers Across these
users must maintain secure data tunnels between their offi ce systems mobile devices
and cloud resources Where does one network begin and another end How can IT erect
borders when the data landscape is so shadowed and shifting
Th e only way to control a modern network is to proactively embrace a comprehensive
risk-management strategy As with data security a large part of success revolves around
controlling who has the authority to use resources Rogue devices should be blocked as
should unwanted traffi c and unauthorized users CDW can help establish a chain of authority
throughout your network to protect your organizationrsquos resources and data
CDWrsquoS NETWORK SECURITY SOLUTIONS
NEXT-GENERATION FIREWALL
Next-generation fi rewall solutions off er more visibility and control
than ever by integrating multiple security technologies in a single
platform CDW off ers NGFW solutions that combine features of stateful
inspection fi rewalls IPS content fi ltering and application control mdash all on
a single platform to protect your organization from sophisticated threats
NEXT-GENERATION INTRUSION PREVENTIONSYSTEM (IPS)
Malware and illicit data activity can reveal themselves through atypical
network activity and event application traffi c A capable IPS will spot
such anomalies and help lock them down before they can run rampant
Moreover next-generation solutions can help IT better understand their
users and device activity as well as daily network conditions Th is helps
organizations spot potential problems faster and respond immediately
ADVANCED THREAT DETECTION
For even more demanding security environments advanced threat
detection appliances can assess network traffi c according to deeper
criteria such as source reputation threat-level protocols and
executable analysis Th e object is to detect analyze block and
respond to advanced hidden attacks in real time
NETWORK ACCESS CONTROL (NAC)
An NAC process regulates device and user access to the network
according to set policies based on client confi guration andor
end-user authentication With extensive logging and reporting
capabilities an NAC solution will keep unwanted elements off the
network and IT informed of any repeated access attempts
1 3
2 4
NETWORK SECURITY
OUR SOLUTIONS
Years ago segmenting internal and external hosts made for
a reasonably secure network mdash but not anymore More
sophisticated malware must be met with added layers of
defense even behind the fi rst fi rewall CDW security architects
can craft additional internal network segmentation with
secondary fi rewalls to bolster total network protection
FEATURED SERVICE NETWORK SEGMENTATION
Learn more about next-generation
fi rewalls and their enhanced feature
sets in our NGFW white paper at
CDWcomnextgen-wp
CDWcomsecurity | 8008004239
For many organizations mobility means supporting multiple platforms and form factors and
extending management and security policies to both corporate-liable and employee-owned
devices Mobility doesnrsquot function in a silo Customers need to ensure that networks are
properly secured and initiatives such as endpoint security encryption and authentication
are appropriately integrated
We approach mobile security holistically That means crafting every solution to fit each
organizationrsquos unique business needs Our team of experts can discuss the right tools
and strategies to meet your objectives and build a mobile security solution thatrsquos flexible
and comprehensive
MOBILE DEVICE MANAGEMENT (MDM)
Keep the sprawl of user devices and all of their attendant apps under
control An MDM platform will protect manage and control devices with
security profi les and enforceable policies including giving IT remote control
over security rights locking wiping and centralized activity visibility
MOBILE APPLICATION MANAGEMENT (MAM)
End users should not have the fi nal say on apps when sensitive data is
in play MAM platforms give IT the ability to distribute and manage apps
securely while reporting on app usage managing access and identifying
potentially harmful software
MOBILE CONTENT MANAGEMENT (MCM)
Organizations may want to control how their data fl ows to mobile
users both in terms of rights restriction and on-demand distribution
MCM options will protect data in transit as well as at device and cloud
endpoints while also improving the effi ciency of spreading information
and functionality to mobile workers and partners
SECURE REMOTE ACCESSVPN
Long a fi xture for notebook users needing a secure path through
the public Internet VPNs can now safeguard handheld device data
traffi c as well CDW can also help implement web security and
content controls for your devices on the go
1 3
2 4
Make peace with mobility
Check out our webinar Achieving Complete
Security Endpoint Mobile and NAC to learn C
more about keeping a leash on datarsquos free-
ranging data CDWcomendpoint-web
When MDM masters BYOD
Find out how law firm Dowling Aaron
implemented a mobile data strategy that
also keeps client information secure
Watch our video CDWcombyod-security
MOBILE SECURITY
OUR SOLUTIONS
of new mobile malware incorporates some way for the attacker
to make money off the mobile device user6886 F-Securecom ldquoMobile Th reat Reportrdquo Q1 2014
6
CDWrsquoS MOBILE SECURITY SOLUTIONS
CDW DLP RISK ASSESSMENT
Our DLP RA team can help you better understand where your data resides in your infrastructure who has access to it what potential
threats and vulnerabilities exist and how to best protect your cloud environment from exploitation before you invest in cloud solutions
Assessments can be used before and after a cloud migration to understand how the move might have changed the organizationrsquos risk
profi le and compliance status
Not that long ago the biggest question in adopting cloud technology was whether to
go with a public or private model Today the situation is more complex All cloud models
pose delicate security challenges and IT should be able to address public private
and hybrid options as conditions change and your organization may need (perhaps
repeatedly) to transition from one model to another This is no reason to back away
from the cloud Rather itrsquos an opportunity to seize the cloudrsquos potential in a more secure
fashion that will help protect your operations and earn end-user appreciation
CLOUD SECURITY
CDWrsquoS CLOUD SECURITY SOLUTIONS
DATA LOSS PREVENTION (DLP)
Just because your data lives outside your walls doesnrsquot mean yoursquove
lost the ability to manage it DLP within a cloud environment helps
ensure that sensitive data stays within its intended application
AUTHENTICATION
You canrsquot open your IT gates for everyone who comes knocking
CDW cloud experts can help craft user authentication and identity
management solutions so yoursquore able to control who has remote
access to your organizationrsquos data applications and processes
ENCRYPTION
Keeping data encrypted on your local servers is step one Now
make sure that your cloud-based assets are equally protected
both in transit and at rest
NEXT-GENERATION FIREWALLS
Next-generation fi rewalls provide a single point of visibility into multiple
areas of security functionality in a single platform Th ey combine the
features of stateful inspection fi rewalls intrusion prevention systems
content fi ltering and application control on a single piece of hardware
allowing those components to communicate with each other
SECURITY INFORMATION AND EVENT
MANAGEMENT (SIEM)
We off er SIEM technologies that unify log management anomaly
detection incident forensics and confi guration and vulnerability
management Th ese solutions give you a consolidated view of your
IT data so you can understand identify and stop cyber threats and
attacks while reducing the impact of breaches
1
2
4
3
5
OUR SOLUTIONS
of surveyed organizations possess
a centralized cloud security policy7Only 40 7 Ponemon Institute 2013 State of Endpoint Security
CDWcomsecurity | 8008004239
All vertical markets enforce their own respective industry state and federal regulations
(eg HIPAA SOX and PCI compliance) While no one disputes the ultimate benefi ts of such
regulations the paperwork and potential fi nes for noncompliance are infamous Fortunately
there are ways to streamline and partially automate the compliance process
Being compliant can retain trust and loyalty by demonstrating your ability to protect sensitive
information However pursuing compliance can be mind-numbingly complex and cumbersome
and it should be addressed only after taking steps to fully safeguard the organizationrsquos primary
data and network security You want an expert at your elbow able to spot potential compliance
problem areas and guide you through the most effi cient ways of resolving any gaps
CDW architects have the training and experiencenecessary to help prepare you for bull PCI DSS Compliance
bull HIPAA Compliance
bull FISMA Compliance
bull SOX Compliance
bull Gramm-Leach-Bliley Act (GLBA) Compliance
COMPLIANCE
OUR SOLUTIONS
COMPLIANCE GAP ASSESSMENTS
Do you need help with achieving or maintaining compliance with
the PCI DSS HIPAA HITECH or other standards CDW can help
As your trusted security advisor we can identify compliance
data security shortfalls and make conservative cost-eff ective
recommendations to help resolve problems and help
you meet regulatory requirements
Evolving Security Eff ortsto Meet PCI DSSTh e latest version of the payment card industry(PCI) standard includes new requirements thatorganizations must meet by the end of 2014Find out more in our white paper at
CDWcompci-wp
of organizations that suffered a data breach in 2013
were compliant with PCI DSS Requirement 18
identities were exposed via breaches in 2013 mdash more than
doubling the 232M of 20119
Only 125
Over 552M
8 F-Securecom ldquoMobile Th reat Reportrdquo Q1 2014
9 Symanteccom ldquoInternet Security Th reat Reportrdquo 2014
8
Sick Security System mdash SolvedFor one of the many real-life examples of howCDW helps steer organizations into regulatorycompliance check out our video on howone hospital system leveraged our securityassessments to heal its HIPAA ailments
CDWcomcompliance-video
The right technology isnrsquot always enough The difference between security and vulnerability
comes down to the right people mdash people who assess deploy and manage that technology
to fit the way you do business
We have the people with the expertise and experience to understand which technologies
address current security concerns From design to implementation and management our
people know how to build a solution that fits your needs and prepares your IT infrastructure
for future threats
OUR SERVICES
BEST-OF-BREED SECURITY SERVICES
SOME OF OUR TOP SECURITY GROUPS
SECURITY ASSESSMENT TEAM
Assessment is the backbone of security planning and ongoing
maintenance Our consulting specialists perform many types
of vendor-neutral assessments such as
bull Penetration testing (ldquowhite hatrdquo hacking)
bull Deep vulnerability scans
bull Internal and mandated policy compliance
bull Forensics and incident response
bull Policy and procedure work
FIELD SECURITY SOLUTION ARCHITECTS
Our fi eld security team members are in-market resources
who can consult on Cisco security architecture and design
an appropriate solution to meet your business objectives
CDW THREAT CHECK (CTC) TEAM
Last yearrsquos malware assessment is already out of date Th e CTC
specialist team scours an organization for all manner of malware
using the latest tools and methods Our dedicated team off ers a
zero-dollar threat check to help you get started
INSIDE SECURITY SOLUTION ARCHITECTS
Security spans from deep within client system platforms to far beyond
the networkrsquos edge CDWrsquos complete spectrum of security solutions
encompasses hundreds of products from over 50 major security
vendors Our inside architects can assist in everything from solution
design to Bill of Materials confi guration
SECURITY DELIVERY ENGINEERS
Our security delivery engineers will work with you to implement
security solutions into your environments while giving you a full
understanding of their functionality through training
DATA LOSS PREVENTION (DLP) SOLUTIONARCHITECT TEAM
Our DLP solution group specializes in pinpointing where data could
be or is slipping from your organizationrsquos control
1
2
3
4
5
6
IBM notes that human factors account for roughly 80 of all data vulnerabilities
Th ese factors break down like so10
6 Vulnerable code
31 Undetermined
6 End-user error
42 Misconfi gured system or application 15 Targeted attack exploited
10 IBMcom ldquo2013 IBM Cyber Security Intelligence Indexrdquo
To Err Is Human
CDWcomsecurity | 8008004239
Senior CDW security experts have the knowledge and resources needed to perform both external and internal assessments on your
IT systems networks and applications Th ey will unearth security exposures and potential vectors through which all manner of threats
can enter and execute future exploits Since the 1990s CDW has conducted more than 1000 security assessments including
bull ExternalPerimeter Testing
bull Internal Assessment
bull Wireless Assessment
bull Application-specifi c Penetration Testing
bull Social Engineering Testing
SECURITY ASSESSMENTS AND VULNERABILITY TESTINGA security solution built to meet your business objectives and fit the way you work starts with a comprehensive
assessment Our testing services start from square one evaluating your IT systems networks and applications
to identify current vulnerabilities and how current threats could exploit them
VULNERABILITY ASSESSMENT mdash Our vulnerability
assessments are designed to help you keep pace with evolving
threats by evaluating current IT systems to determine and categorize
present vulnerabilities that could be exploited by a sophisticated
adversary Our teams will classify and rank vulnerabilities so you
can prioritize risks and take on the most destructive threats fi rst
A thorough assessment provides you with a customized report with
cost-eff ective concise recommendations to tackle specifi c security
problems or threats that may require penetration testing
PENETRATION TESTING mdash If the results of a vulnerability
assessment merit it organizations may gain a clearer view of
their security stance with penetration testing Unlike vulnerability
assessment penetration testing begins at an organizationrsquos network
edge phones and lobby examining everything from password
strength to policy adherence Th e engineerrsquos job is to fi nd at least
one way to perform a breach mdash ldquohacking for goodrdquo mdash in order to test
existing security controls Penetration test results allow CDW experts
to refi ne their recommendations and off er organizations specifi c
strategic plans for optimizing their IT protection
Analyses of external and internal threats will overlap but both must be
examined in the context of vulnerability assessments and penetration testing
OUR SERVICES
10
11 PwC report US Cybercrime Rising Risks Reduced Readiness
NATURE OF CYBERSECURITY INCIDENTS11
For more information about CDWrsquos security
assessment services check out our
overview at CDWcomriskassessment72 external
28 internal
CONFIGURATION SERVICES
Security deployment doesnrsquot have to be disruptive We can
send security engineers onsite to deploy and confi gure security
solutions with or without participation from your IT staff
All solutions receive thorough testing before deployment
concludes to ensure that software assets and the network
remain protected
SECURITY PROFESSIONAL SERVICES
CDWrsquos consultant team works around the clock with
organizations to provide the best security advice services and
expertise available We keep abreast of cutting-edge solutions
and on which threat trends our clients should keep a wary eye
Our mission is to communicate educate and guide you through
the process of implementing a successful security solution
throughout your organization
CDWcomsecurity | 8008004239
SECURITY PROFESSIONAL SERVICES
How long does it take for insidermisuse to be discovered12
Verizonrsquos 2014 Data Breach Investigations Report offers some fascinating insights into the
difference between cybersecurity incidents (63437 total for 2013 from the 50 public and
private global organizations surveyed) and actual breaches (1367) For example crimeware
accounted for 20 of all incidents but only 4 of actual breaches indicating that enterprise
security is doing a decent job of thwarting this particular threat genre On the other hand
web app attacks comprised 6 of all incidents but 35 of all breaches showing an area of
opportunity in enterprise security readiness on this front
These breach weaknesses and disparities are well known among security veterans such
as CDWrsquos security groups We can surgically evaluate each layer of your organizationrsquos
current protection to determine if appropriate hardware software and services are in
place The objective is to make sure that you donrsquot become part of next yearrsquos security
statistics and leave you operating with organization-wide security that is flexible
formidable and scalable
12 Verizon Wireless ldquo2014 Data Breach Investigations Reportrdquo
Specifically across 50 organizations 70 insider incidentstook years to discover Thatrsquos chilling
18 Hours
22 Weeks
2 Years
11 Months
34 Days
OUR SERVICES
CDW ADVANTAGES AND PARTNERS
12
151594
Th e terms and conditions of product sales are limited to those contained on CDWrsquos website at CDWcom notice of objection to and rejection of any additional or diff erent terms in any form delivered by customer is hereby given CDWreg CDWbullGreg and PEOPLE WHO GET ITtrade are trademarks of CDW LLC all other trademarks and registered trademarks are the sole property of their respective owners
To learn more about CDWrsquos security offeringscall 8008004239 contact your account manageror visit CDWcomsecurity
Anyone can say they do security CDW has the pedigree the people and the roster of protected satisfied clients to declare
We do it right We have mastered the discipline of the security process
This is not some empty boast While there are few industry standards concerning how to implement IT security the gold standard
for enterprise security readiness guidelines is the NIST Cybersecurity Framework drafted by the US Commerce Departmentrsquos
National Institute of Standards and Technology in an effort to help organizations identify and enhance their IT security positions
The five key functions outlined in the Framework Core are identification protection detection response and recovery mdash all
elements addressed by CDW in its solutions and services
CDWcomsecurity | 8008004239
CDW has the resources and experience necessary to help remedy any organizationrsquos IT security shortcomings
Many organizations can make this promise but only CDW can deliver
WErsquoVE GOT THE PROOF
AWARDS
bull Highest partner level and highest partner certifications
with most major vendors
bull Average of three ldquoSecurity Partner of the Yearrdquo awards
every year since 2005
bull A dedicated full-time security team since 1998
bull 1500+ security assessments
bull 3500+ firewall designs
bull 150 solution architects and engineers
focused on security
We partner with the most advanced industry leaders in security giving you access to the latest and best
solutions for your needs whether they come from a single vendor or a combination of many
PARTNERS WHO GET IT
bull GIAC Security Essentials Certifi cation (GSEC)
bull GIAC Certifi ed Incident Handler (GCIH)
bull Certifi ed Ethical Hacker (CEH)
bull Certifi ed Information Systems Security Professional (CISSP)
bull Certifi ed in Risk and Information Systems Control (CRISC)
bull Cisco Certifi ed Internetworking Expert ndash Security (CCIE Security)
bull Cisco Certifi ed Security Professional (CCSP)
bull Cisco Security Master
bull Expert Partner - Symantec Data Security Competency
In 2013 the average number of security events detected
per polled organization was 135 An incalculable number
of additional security incidents went undetected For
those who could estimate the fi nancial liability of security
breaches the annual loss was approximately $4150003
$415000
Education combined with countless hours of fi eld experience forms the backbone of CDWrsquos security
qualifi cations We know that products are a necessary part of IT security but at the same time we understand
that process matters at least as much as any security application or appliance For example a data loss
prevention system canrsquot do any good if IT doesnrsquot keep adapting it to your workersrsquo changing habits and the
services they use Security is dynamic It requires practice and vigilance and never-ending improvement
By understanding todayrsquos threat landscape and the emerging risks of tomorrow we can help safeguard
your organizationrsquos entire IT ecosystem from network to mobile devices and local data to cloud resources
We do this by crafting a security process that focuses on protection detection and response
From security assessments to consultative design services to solution implementation we can help
organizations with each unique need and make sure that the resulting security process will be as durable
for the long term as it is eff ective wherever needed
Our position as one of the nationrsquos premier security solution providers relies on continually updating
our knowledge Many top partners in the public and private spaces off er coursework and training
embodying the latest security advances requirements and procedures and CDW takes great care
to master these We have earned many security credentials including
Security is not a fi eld in which experts can aff ord to get comfortable and calcify At CDW we push ourselves
every day to master new information and skill sets because thatrsquos exactly what the cybercriminals are doing
Th e enemy is always growing more subtle and adept Th ose who donrsquot stay in step roll the cyber-incursion
dice with ever-worsening odds
OUR PEOPLE
WE KNOW SECURITY
3 PricewaterhouseCoopers report US Cybercrime Rising Risks Reduced Readiness
Get security news analysis andadvice straight from our experts
Check out CDWrsquos security blog at
CDWsolutionsblogcomsecurity
CDWcomsecurity | 8008004239
OUR SOLUTIONS
of surveyed organizations reported that
their endpoints had been the subject
of an advanced persistent threat (APT)
a type of network attack in which an
unauthorized person gains data access
and may remain undetected on the
network for a long period of time4
54
5 McAfee Labs Th reats Report June 20144 Ponemon Institute 2013 State of the Endpoint
CDWrsquoS DATA SECURITY SOLUTIONS
DATA LOSS PREVENTION (DLP)
For IT life gets decidedly riskier beyond the fi rewallrsquos familiar protection
DLP is both a strategy and a type of software for determining which
data needs to be kept within your walls and enforcing limits on that
datarsquos freedom of movement CDW off ers DLP solutions that also help
enforce security policies while identifying those trying to handle data
in unsanctioned ways
ENCRYPTION
Applying encryption to data renders fi les incomprehensible to any
unauthorized interceptor without impairing that datarsquos utility to
authorized users CDW off ers encryption solutions for applications
storage and network traffi c so that data stays protected everywhere
and at all times
ENDPOINT PROTECTION
Desktops have long been malware targets but now phones and tablets
are also at risk More endpoints leave organizations increasingly
vulnerable When malware can morph into hundreds mdash even thousands mdash
of variants seep into networks through multiple entryways and
propagate in minutes the damage can range from wasted productivity
all the way to data loss or content interception
1
2
3
Data is every organizationrsquos lifeblood It needs to flow easily but not be spilled
Increasingly mobile workers require ready access to sensitive data beyond the
bounds of IT supervision yet IT must keep control over where data resides
who can see it and whether sharing it poses a risk to the organizationrsquos interests
Misuse doesnrsquot even have to be malicious Accidental deletion corruption and
sharing of data happen all the time
Our experts can help you build a strategy that keeps your data where it ought to
be across your entire ecosystem intact and in the right hands This may involve
any of several technologies designed for increasing ITrsquos control over your valued
ones and zeroes
DATA SECURITY
Q1 2014 witnessed a new record in
novel malware created mdash over 30
million mdash bringing the total of known
malware to more than 225 million5
+ 225 million
4
Today the traditional LAN is only a beginning It may dovetail with the storage area
network multiple Wi-Fi systems and now carrier-fueled cellular routers Across these
users must maintain secure data tunnels between their offi ce systems mobile devices
and cloud resources Where does one network begin and another end How can IT erect
borders when the data landscape is so shadowed and shifting
Th e only way to control a modern network is to proactively embrace a comprehensive
risk-management strategy As with data security a large part of success revolves around
controlling who has the authority to use resources Rogue devices should be blocked as
should unwanted traffi c and unauthorized users CDW can help establish a chain of authority
throughout your network to protect your organizationrsquos resources and data
CDWrsquoS NETWORK SECURITY SOLUTIONS
NEXT-GENERATION FIREWALL
Next-generation fi rewall solutions off er more visibility and control
than ever by integrating multiple security technologies in a single
platform CDW off ers NGFW solutions that combine features of stateful
inspection fi rewalls IPS content fi ltering and application control mdash all on
a single platform to protect your organization from sophisticated threats
NEXT-GENERATION INTRUSION PREVENTIONSYSTEM (IPS)
Malware and illicit data activity can reveal themselves through atypical
network activity and event application traffi c A capable IPS will spot
such anomalies and help lock them down before they can run rampant
Moreover next-generation solutions can help IT better understand their
users and device activity as well as daily network conditions Th is helps
organizations spot potential problems faster and respond immediately
ADVANCED THREAT DETECTION
For even more demanding security environments advanced threat
detection appliances can assess network traffi c according to deeper
criteria such as source reputation threat-level protocols and
executable analysis Th e object is to detect analyze block and
respond to advanced hidden attacks in real time
NETWORK ACCESS CONTROL (NAC)
An NAC process regulates device and user access to the network
according to set policies based on client confi guration andor
end-user authentication With extensive logging and reporting
capabilities an NAC solution will keep unwanted elements off the
network and IT informed of any repeated access attempts
1 3
2 4
NETWORK SECURITY
OUR SOLUTIONS
Years ago segmenting internal and external hosts made for
a reasonably secure network mdash but not anymore More
sophisticated malware must be met with added layers of
defense even behind the fi rst fi rewall CDW security architects
can craft additional internal network segmentation with
secondary fi rewalls to bolster total network protection
FEATURED SERVICE NETWORK SEGMENTATION
Learn more about next-generation
fi rewalls and their enhanced feature
sets in our NGFW white paper at
CDWcomnextgen-wp
CDWcomsecurity | 8008004239
For many organizations mobility means supporting multiple platforms and form factors and
extending management and security policies to both corporate-liable and employee-owned
devices Mobility doesnrsquot function in a silo Customers need to ensure that networks are
properly secured and initiatives such as endpoint security encryption and authentication
are appropriately integrated
We approach mobile security holistically That means crafting every solution to fit each
organizationrsquos unique business needs Our team of experts can discuss the right tools
and strategies to meet your objectives and build a mobile security solution thatrsquos flexible
and comprehensive
MOBILE DEVICE MANAGEMENT (MDM)
Keep the sprawl of user devices and all of their attendant apps under
control An MDM platform will protect manage and control devices with
security profi les and enforceable policies including giving IT remote control
over security rights locking wiping and centralized activity visibility
MOBILE APPLICATION MANAGEMENT (MAM)
End users should not have the fi nal say on apps when sensitive data is
in play MAM platforms give IT the ability to distribute and manage apps
securely while reporting on app usage managing access and identifying
potentially harmful software
MOBILE CONTENT MANAGEMENT (MCM)
Organizations may want to control how their data fl ows to mobile
users both in terms of rights restriction and on-demand distribution
MCM options will protect data in transit as well as at device and cloud
endpoints while also improving the effi ciency of spreading information
and functionality to mobile workers and partners
SECURE REMOTE ACCESSVPN
Long a fi xture for notebook users needing a secure path through
the public Internet VPNs can now safeguard handheld device data
traffi c as well CDW can also help implement web security and
content controls for your devices on the go
1 3
2 4
Make peace with mobility
Check out our webinar Achieving Complete
Security Endpoint Mobile and NAC to learn C
more about keeping a leash on datarsquos free-
ranging data CDWcomendpoint-web
When MDM masters BYOD
Find out how law firm Dowling Aaron
implemented a mobile data strategy that
also keeps client information secure
Watch our video CDWcombyod-security
MOBILE SECURITY
OUR SOLUTIONS
of new mobile malware incorporates some way for the attacker
to make money off the mobile device user6886 F-Securecom ldquoMobile Th reat Reportrdquo Q1 2014
6
CDWrsquoS MOBILE SECURITY SOLUTIONS
CDW DLP RISK ASSESSMENT
Our DLP RA team can help you better understand where your data resides in your infrastructure who has access to it what potential
threats and vulnerabilities exist and how to best protect your cloud environment from exploitation before you invest in cloud solutions
Assessments can be used before and after a cloud migration to understand how the move might have changed the organizationrsquos risk
profi le and compliance status
Not that long ago the biggest question in adopting cloud technology was whether to
go with a public or private model Today the situation is more complex All cloud models
pose delicate security challenges and IT should be able to address public private
and hybrid options as conditions change and your organization may need (perhaps
repeatedly) to transition from one model to another This is no reason to back away
from the cloud Rather itrsquos an opportunity to seize the cloudrsquos potential in a more secure
fashion that will help protect your operations and earn end-user appreciation
CLOUD SECURITY
CDWrsquoS CLOUD SECURITY SOLUTIONS
DATA LOSS PREVENTION (DLP)
Just because your data lives outside your walls doesnrsquot mean yoursquove
lost the ability to manage it DLP within a cloud environment helps
ensure that sensitive data stays within its intended application
AUTHENTICATION
You canrsquot open your IT gates for everyone who comes knocking
CDW cloud experts can help craft user authentication and identity
management solutions so yoursquore able to control who has remote
access to your organizationrsquos data applications and processes
ENCRYPTION
Keeping data encrypted on your local servers is step one Now
make sure that your cloud-based assets are equally protected
both in transit and at rest
NEXT-GENERATION FIREWALLS
Next-generation fi rewalls provide a single point of visibility into multiple
areas of security functionality in a single platform Th ey combine the
features of stateful inspection fi rewalls intrusion prevention systems
content fi ltering and application control on a single piece of hardware
allowing those components to communicate with each other
SECURITY INFORMATION AND EVENT
MANAGEMENT (SIEM)
We off er SIEM technologies that unify log management anomaly
detection incident forensics and confi guration and vulnerability
management Th ese solutions give you a consolidated view of your
IT data so you can understand identify and stop cyber threats and
attacks while reducing the impact of breaches
1
2
4
3
5
OUR SOLUTIONS
of surveyed organizations possess
a centralized cloud security policy7Only 40 7 Ponemon Institute 2013 State of Endpoint Security
CDWcomsecurity | 8008004239
All vertical markets enforce their own respective industry state and federal regulations
(eg HIPAA SOX and PCI compliance) While no one disputes the ultimate benefi ts of such
regulations the paperwork and potential fi nes for noncompliance are infamous Fortunately
there are ways to streamline and partially automate the compliance process
Being compliant can retain trust and loyalty by demonstrating your ability to protect sensitive
information However pursuing compliance can be mind-numbingly complex and cumbersome
and it should be addressed only after taking steps to fully safeguard the organizationrsquos primary
data and network security You want an expert at your elbow able to spot potential compliance
problem areas and guide you through the most effi cient ways of resolving any gaps
CDW architects have the training and experiencenecessary to help prepare you for bull PCI DSS Compliance
bull HIPAA Compliance
bull FISMA Compliance
bull SOX Compliance
bull Gramm-Leach-Bliley Act (GLBA) Compliance
COMPLIANCE
OUR SOLUTIONS
COMPLIANCE GAP ASSESSMENTS
Do you need help with achieving or maintaining compliance with
the PCI DSS HIPAA HITECH or other standards CDW can help
As your trusted security advisor we can identify compliance
data security shortfalls and make conservative cost-eff ective
recommendations to help resolve problems and help
you meet regulatory requirements
Evolving Security Eff ortsto Meet PCI DSSTh e latest version of the payment card industry(PCI) standard includes new requirements thatorganizations must meet by the end of 2014Find out more in our white paper at
CDWcompci-wp
of organizations that suffered a data breach in 2013
were compliant with PCI DSS Requirement 18
identities were exposed via breaches in 2013 mdash more than
doubling the 232M of 20119
Only 125
Over 552M
8 F-Securecom ldquoMobile Th reat Reportrdquo Q1 2014
9 Symanteccom ldquoInternet Security Th reat Reportrdquo 2014
8
Sick Security System mdash SolvedFor one of the many real-life examples of howCDW helps steer organizations into regulatorycompliance check out our video on howone hospital system leveraged our securityassessments to heal its HIPAA ailments
CDWcomcompliance-video
The right technology isnrsquot always enough The difference between security and vulnerability
comes down to the right people mdash people who assess deploy and manage that technology
to fit the way you do business
We have the people with the expertise and experience to understand which technologies
address current security concerns From design to implementation and management our
people know how to build a solution that fits your needs and prepares your IT infrastructure
for future threats
OUR SERVICES
BEST-OF-BREED SECURITY SERVICES
SOME OF OUR TOP SECURITY GROUPS
SECURITY ASSESSMENT TEAM
Assessment is the backbone of security planning and ongoing
maintenance Our consulting specialists perform many types
of vendor-neutral assessments such as
bull Penetration testing (ldquowhite hatrdquo hacking)
bull Deep vulnerability scans
bull Internal and mandated policy compliance
bull Forensics and incident response
bull Policy and procedure work
FIELD SECURITY SOLUTION ARCHITECTS
Our fi eld security team members are in-market resources
who can consult on Cisco security architecture and design
an appropriate solution to meet your business objectives
CDW THREAT CHECK (CTC) TEAM
Last yearrsquos malware assessment is already out of date Th e CTC
specialist team scours an organization for all manner of malware
using the latest tools and methods Our dedicated team off ers a
zero-dollar threat check to help you get started
INSIDE SECURITY SOLUTION ARCHITECTS
Security spans from deep within client system platforms to far beyond
the networkrsquos edge CDWrsquos complete spectrum of security solutions
encompasses hundreds of products from over 50 major security
vendors Our inside architects can assist in everything from solution
design to Bill of Materials confi guration
SECURITY DELIVERY ENGINEERS
Our security delivery engineers will work with you to implement
security solutions into your environments while giving you a full
understanding of their functionality through training
DATA LOSS PREVENTION (DLP) SOLUTIONARCHITECT TEAM
Our DLP solution group specializes in pinpointing where data could
be or is slipping from your organizationrsquos control
1
2
3
4
5
6
IBM notes that human factors account for roughly 80 of all data vulnerabilities
Th ese factors break down like so10
6 Vulnerable code
31 Undetermined
6 End-user error
42 Misconfi gured system or application 15 Targeted attack exploited
10 IBMcom ldquo2013 IBM Cyber Security Intelligence Indexrdquo
To Err Is Human
CDWcomsecurity | 8008004239
Senior CDW security experts have the knowledge and resources needed to perform both external and internal assessments on your
IT systems networks and applications Th ey will unearth security exposures and potential vectors through which all manner of threats
can enter and execute future exploits Since the 1990s CDW has conducted more than 1000 security assessments including
bull ExternalPerimeter Testing
bull Internal Assessment
bull Wireless Assessment
bull Application-specifi c Penetration Testing
bull Social Engineering Testing
SECURITY ASSESSMENTS AND VULNERABILITY TESTINGA security solution built to meet your business objectives and fit the way you work starts with a comprehensive
assessment Our testing services start from square one evaluating your IT systems networks and applications
to identify current vulnerabilities and how current threats could exploit them
VULNERABILITY ASSESSMENT mdash Our vulnerability
assessments are designed to help you keep pace with evolving
threats by evaluating current IT systems to determine and categorize
present vulnerabilities that could be exploited by a sophisticated
adversary Our teams will classify and rank vulnerabilities so you
can prioritize risks and take on the most destructive threats fi rst
A thorough assessment provides you with a customized report with
cost-eff ective concise recommendations to tackle specifi c security
problems or threats that may require penetration testing
PENETRATION TESTING mdash If the results of a vulnerability
assessment merit it organizations may gain a clearer view of
their security stance with penetration testing Unlike vulnerability
assessment penetration testing begins at an organizationrsquos network
edge phones and lobby examining everything from password
strength to policy adherence Th e engineerrsquos job is to fi nd at least
one way to perform a breach mdash ldquohacking for goodrdquo mdash in order to test
existing security controls Penetration test results allow CDW experts
to refi ne their recommendations and off er organizations specifi c
strategic plans for optimizing their IT protection
Analyses of external and internal threats will overlap but both must be
examined in the context of vulnerability assessments and penetration testing
OUR SERVICES
10
11 PwC report US Cybercrime Rising Risks Reduced Readiness
NATURE OF CYBERSECURITY INCIDENTS11
For more information about CDWrsquos security
assessment services check out our
overview at CDWcomriskassessment72 external
28 internal
CONFIGURATION SERVICES
Security deployment doesnrsquot have to be disruptive We can
send security engineers onsite to deploy and confi gure security
solutions with or without participation from your IT staff
All solutions receive thorough testing before deployment
concludes to ensure that software assets and the network
remain protected
SECURITY PROFESSIONAL SERVICES
CDWrsquos consultant team works around the clock with
organizations to provide the best security advice services and
expertise available We keep abreast of cutting-edge solutions
and on which threat trends our clients should keep a wary eye
Our mission is to communicate educate and guide you through
the process of implementing a successful security solution
throughout your organization
CDWcomsecurity | 8008004239
SECURITY PROFESSIONAL SERVICES
How long does it take for insidermisuse to be discovered12
Verizonrsquos 2014 Data Breach Investigations Report offers some fascinating insights into the
difference between cybersecurity incidents (63437 total for 2013 from the 50 public and
private global organizations surveyed) and actual breaches (1367) For example crimeware
accounted for 20 of all incidents but only 4 of actual breaches indicating that enterprise
security is doing a decent job of thwarting this particular threat genre On the other hand
web app attacks comprised 6 of all incidents but 35 of all breaches showing an area of
opportunity in enterprise security readiness on this front
These breach weaknesses and disparities are well known among security veterans such
as CDWrsquos security groups We can surgically evaluate each layer of your organizationrsquos
current protection to determine if appropriate hardware software and services are in
place The objective is to make sure that you donrsquot become part of next yearrsquos security
statistics and leave you operating with organization-wide security that is flexible
formidable and scalable
12 Verizon Wireless ldquo2014 Data Breach Investigations Reportrdquo
Specifically across 50 organizations 70 insider incidentstook years to discover Thatrsquos chilling
18 Hours
22 Weeks
2 Years
11 Months
34 Days
OUR SERVICES
CDW ADVANTAGES AND PARTNERS
12
151594
Th e terms and conditions of product sales are limited to those contained on CDWrsquos website at CDWcom notice of objection to and rejection of any additional or diff erent terms in any form delivered by customer is hereby given CDWreg CDWbullGreg and PEOPLE WHO GET ITtrade are trademarks of CDW LLC all other trademarks and registered trademarks are the sole property of their respective owners
To learn more about CDWrsquos security offeringscall 8008004239 contact your account manageror visit CDWcomsecurity
Anyone can say they do security CDW has the pedigree the people and the roster of protected satisfied clients to declare
We do it right We have mastered the discipline of the security process
This is not some empty boast While there are few industry standards concerning how to implement IT security the gold standard
for enterprise security readiness guidelines is the NIST Cybersecurity Framework drafted by the US Commerce Departmentrsquos
National Institute of Standards and Technology in an effort to help organizations identify and enhance their IT security positions
The five key functions outlined in the Framework Core are identification protection detection response and recovery mdash all
elements addressed by CDW in its solutions and services
CDWcomsecurity | 8008004239
CDW has the resources and experience necessary to help remedy any organizationrsquos IT security shortcomings
Many organizations can make this promise but only CDW can deliver
WErsquoVE GOT THE PROOF
AWARDS
bull Highest partner level and highest partner certifications
with most major vendors
bull Average of three ldquoSecurity Partner of the Yearrdquo awards
every year since 2005
bull A dedicated full-time security team since 1998
bull 1500+ security assessments
bull 3500+ firewall designs
bull 150 solution architects and engineers
focused on security
We partner with the most advanced industry leaders in security giving you access to the latest and best
solutions for your needs whether they come from a single vendor or a combination of many
PARTNERS WHO GET IT
OUR SOLUTIONS
of surveyed organizations reported that
their endpoints had been the subject
of an advanced persistent threat (APT)
a type of network attack in which an
unauthorized person gains data access
and may remain undetected on the
network for a long period of time4
54
5 McAfee Labs Th reats Report June 20144 Ponemon Institute 2013 State of the Endpoint
CDWrsquoS DATA SECURITY SOLUTIONS
DATA LOSS PREVENTION (DLP)
For IT life gets decidedly riskier beyond the fi rewallrsquos familiar protection
DLP is both a strategy and a type of software for determining which
data needs to be kept within your walls and enforcing limits on that
datarsquos freedom of movement CDW off ers DLP solutions that also help
enforce security policies while identifying those trying to handle data
in unsanctioned ways
ENCRYPTION
Applying encryption to data renders fi les incomprehensible to any
unauthorized interceptor without impairing that datarsquos utility to
authorized users CDW off ers encryption solutions for applications
storage and network traffi c so that data stays protected everywhere
and at all times
ENDPOINT PROTECTION
Desktops have long been malware targets but now phones and tablets
are also at risk More endpoints leave organizations increasingly
vulnerable When malware can morph into hundreds mdash even thousands mdash
of variants seep into networks through multiple entryways and
propagate in minutes the damage can range from wasted productivity
all the way to data loss or content interception
1
2
3
Data is every organizationrsquos lifeblood It needs to flow easily but not be spilled
Increasingly mobile workers require ready access to sensitive data beyond the
bounds of IT supervision yet IT must keep control over where data resides
who can see it and whether sharing it poses a risk to the organizationrsquos interests
Misuse doesnrsquot even have to be malicious Accidental deletion corruption and
sharing of data happen all the time
Our experts can help you build a strategy that keeps your data where it ought to
be across your entire ecosystem intact and in the right hands This may involve
any of several technologies designed for increasing ITrsquos control over your valued
ones and zeroes
DATA SECURITY
Q1 2014 witnessed a new record in
novel malware created mdash over 30
million mdash bringing the total of known
malware to more than 225 million5
+ 225 million
4
Today the traditional LAN is only a beginning It may dovetail with the storage area
network multiple Wi-Fi systems and now carrier-fueled cellular routers Across these
users must maintain secure data tunnels between their offi ce systems mobile devices
and cloud resources Where does one network begin and another end How can IT erect
borders when the data landscape is so shadowed and shifting
Th e only way to control a modern network is to proactively embrace a comprehensive
risk-management strategy As with data security a large part of success revolves around
controlling who has the authority to use resources Rogue devices should be blocked as
should unwanted traffi c and unauthorized users CDW can help establish a chain of authority
throughout your network to protect your organizationrsquos resources and data
CDWrsquoS NETWORK SECURITY SOLUTIONS
NEXT-GENERATION FIREWALL
Next-generation fi rewall solutions off er more visibility and control
than ever by integrating multiple security technologies in a single
platform CDW off ers NGFW solutions that combine features of stateful
inspection fi rewalls IPS content fi ltering and application control mdash all on
a single platform to protect your organization from sophisticated threats
NEXT-GENERATION INTRUSION PREVENTIONSYSTEM (IPS)
Malware and illicit data activity can reveal themselves through atypical
network activity and event application traffi c A capable IPS will spot
such anomalies and help lock them down before they can run rampant
Moreover next-generation solutions can help IT better understand their
users and device activity as well as daily network conditions Th is helps
organizations spot potential problems faster and respond immediately
ADVANCED THREAT DETECTION
For even more demanding security environments advanced threat
detection appliances can assess network traffi c according to deeper
criteria such as source reputation threat-level protocols and
executable analysis Th e object is to detect analyze block and
respond to advanced hidden attacks in real time
NETWORK ACCESS CONTROL (NAC)
An NAC process regulates device and user access to the network
according to set policies based on client confi guration andor
end-user authentication With extensive logging and reporting
capabilities an NAC solution will keep unwanted elements off the
network and IT informed of any repeated access attempts
1 3
2 4
NETWORK SECURITY
OUR SOLUTIONS
Years ago segmenting internal and external hosts made for
a reasonably secure network mdash but not anymore More
sophisticated malware must be met with added layers of
defense even behind the fi rst fi rewall CDW security architects
can craft additional internal network segmentation with
secondary fi rewalls to bolster total network protection
FEATURED SERVICE NETWORK SEGMENTATION
Learn more about next-generation
fi rewalls and their enhanced feature
sets in our NGFW white paper at
CDWcomnextgen-wp
CDWcomsecurity | 8008004239
For many organizations mobility means supporting multiple platforms and form factors and
extending management and security policies to both corporate-liable and employee-owned
devices Mobility doesnrsquot function in a silo Customers need to ensure that networks are
properly secured and initiatives such as endpoint security encryption and authentication
are appropriately integrated
We approach mobile security holistically That means crafting every solution to fit each
organizationrsquos unique business needs Our team of experts can discuss the right tools
and strategies to meet your objectives and build a mobile security solution thatrsquos flexible
and comprehensive
MOBILE DEVICE MANAGEMENT (MDM)
Keep the sprawl of user devices and all of their attendant apps under
control An MDM platform will protect manage and control devices with
security profi les and enforceable policies including giving IT remote control
over security rights locking wiping and centralized activity visibility
MOBILE APPLICATION MANAGEMENT (MAM)
End users should not have the fi nal say on apps when sensitive data is
in play MAM platforms give IT the ability to distribute and manage apps
securely while reporting on app usage managing access and identifying
potentially harmful software
MOBILE CONTENT MANAGEMENT (MCM)
Organizations may want to control how their data fl ows to mobile
users both in terms of rights restriction and on-demand distribution
MCM options will protect data in transit as well as at device and cloud
endpoints while also improving the effi ciency of spreading information
and functionality to mobile workers and partners
SECURE REMOTE ACCESSVPN
Long a fi xture for notebook users needing a secure path through
the public Internet VPNs can now safeguard handheld device data
traffi c as well CDW can also help implement web security and
content controls for your devices on the go
1 3
2 4
Make peace with mobility
Check out our webinar Achieving Complete
Security Endpoint Mobile and NAC to learn C
more about keeping a leash on datarsquos free-
ranging data CDWcomendpoint-web
When MDM masters BYOD
Find out how law firm Dowling Aaron
implemented a mobile data strategy that
also keeps client information secure
Watch our video CDWcombyod-security
MOBILE SECURITY
OUR SOLUTIONS
of new mobile malware incorporates some way for the attacker
to make money off the mobile device user6886 F-Securecom ldquoMobile Th reat Reportrdquo Q1 2014
6
CDWrsquoS MOBILE SECURITY SOLUTIONS
CDW DLP RISK ASSESSMENT
Our DLP RA team can help you better understand where your data resides in your infrastructure who has access to it what potential
threats and vulnerabilities exist and how to best protect your cloud environment from exploitation before you invest in cloud solutions
Assessments can be used before and after a cloud migration to understand how the move might have changed the organizationrsquos risk
profi le and compliance status
Not that long ago the biggest question in adopting cloud technology was whether to
go with a public or private model Today the situation is more complex All cloud models
pose delicate security challenges and IT should be able to address public private
and hybrid options as conditions change and your organization may need (perhaps
repeatedly) to transition from one model to another This is no reason to back away
from the cloud Rather itrsquos an opportunity to seize the cloudrsquos potential in a more secure
fashion that will help protect your operations and earn end-user appreciation
CLOUD SECURITY
CDWrsquoS CLOUD SECURITY SOLUTIONS
DATA LOSS PREVENTION (DLP)
Just because your data lives outside your walls doesnrsquot mean yoursquove
lost the ability to manage it DLP within a cloud environment helps
ensure that sensitive data stays within its intended application
AUTHENTICATION
You canrsquot open your IT gates for everyone who comes knocking
CDW cloud experts can help craft user authentication and identity
management solutions so yoursquore able to control who has remote
access to your organizationrsquos data applications and processes
ENCRYPTION
Keeping data encrypted on your local servers is step one Now
make sure that your cloud-based assets are equally protected
both in transit and at rest
NEXT-GENERATION FIREWALLS
Next-generation fi rewalls provide a single point of visibility into multiple
areas of security functionality in a single platform Th ey combine the
features of stateful inspection fi rewalls intrusion prevention systems
content fi ltering and application control on a single piece of hardware
allowing those components to communicate with each other
SECURITY INFORMATION AND EVENT
MANAGEMENT (SIEM)
We off er SIEM technologies that unify log management anomaly
detection incident forensics and confi guration and vulnerability
management Th ese solutions give you a consolidated view of your
IT data so you can understand identify and stop cyber threats and
attacks while reducing the impact of breaches
1
2
4
3
5
OUR SOLUTIONS
of surveyed organizations possess
a centralized cloud security policy7Only 40 7 Ponemon Institute 2013 State of Endpoint Security
CDWcomsecurity | 8008004239
All vertical markets enforce their own respective industry state and federal regulations
(eg HIPAA SOX and PCI compliance) While no one disputes the ultimate benefi ts of such
regulations the paperwork and potential fi nes for noncompliance are infamous Fortunately
there are ways to streamline and partially automate the compliance process
Being compliant can retain trust and loyalty by demonstrating your ability to protect sensitive
information However pursuing compliance can be mind-numbingly complex and cumbersome
and it should be addressed only after taking steps to fully safeguard the organizationrsquos primary
data and network security You want an expert at your elbow able to spot potential compliance
problem areas and guide you through the most effi cient ways of resolving any gaps
CDW architects have the training and experiencenecessary to help prepare you for bull PCI DSS Compliance
bull HIPAA Compliance
bull FISMA Compliance
bull SOX Compliance
bull Gramm-Leach-Bliley Act (GLBA) Compliance
COMPLIANCE
OUR SOLUTIONS
COMPLIANCE GAP ASSESSMENTS
Do you need help with achieving or maintaining compliance with
the PCI DSS HIPAA HITECH or other standards CDW can help
As your trusted security advisor we can identify compliance
data security shortfalls and make conservative cost-eff ective
recommendations to help resolve problems and help
you meet regulatory requirements
Evolving Security Eff ortsto Meet PCI DSSTh e latest version of the payment card industry(PCI) standard includes new requirements thatorganizations must meet by the end of 2014Find out more in our white paper at
CDWcompci-wp
of organizations that suffered a data breach in 2013
were compliant with PCI DSS Requirement 18
identities were exposed via breaches in 2013 mdash more than
doubling the 232M of 20119
Only 125
Over 552M
8 F-Securecom ldquoMobile Th reat Reportrdquo Q1 2014
9 Symanteccom ldquoInternet Security Th reat Reportrdquo 2014
8
Sick Security System mdash SolvedFor one of the many real-life examples of howCDW helps steer organizations into regulatorycompliance check out our video on howone hospital system leveraged our securityassessments to heal its HIPAA ailments
CDWcomcompliance-video
The right technology isnrsquot always enough The difference between security and vulnerability
comes down to the right people mdash people who assess deploy and manage that technology
to fit the way you do business
We have the people with the expertise and experience to understand which technologies
address current security concerns From design to implementation and management our
people know how to build a solution that fits your needs and prepares your IT infrastructure
for future threats
OUR SERVICES
BEST-OF-BREED SECURITY SERVICES
SOME OF OUR TOP SECURITY GROUPS
SECURITY ASSESSMENT TEAM
Assessment is the backbone of security planning and ongoing
maintenance Our consulting specialists perform many types
of vendor-neutral assessments such as
bull Penetration testing (ldquowhite hatrdquo hacking)
bull Deep vulnerability scans
bull Internal and mandated policy compliance
bull Forensics and incident response
bull Policy and procedure work
FIELD SECURITY SOLUTION ARCHITECTS
Our fi eld security team members are in-market resources
who can consult on Cisco security architecture and design
an appropriate solution to meet your business objectives
CDW THREAT CHECK (CTC) TEAM
Last yearrsquos malware assessment is already out of date Th e CTC
specialist team scours an organization for all manner of malware
using the latest tools and methods Our dedicated team off ers a
zero-dollar threat check to help you get started
INSIDE SECURITY SOLUTION ARCHITECTS
Security spans from deep within client system platforms to far beyond
the networkrsquos edge CDWrsquos complete spectrum of security solutions
encompasses hundreds of products from over 50 major security
vendors Our inside architects can assist in everything from solution
design to Bill of Materials confi guration
SECURITY DELIVERY ENGINEERS
Our security delivery engineers will work with you to implement
security solutions into your environments while giving you a full
understanding of their functionality through training
DATA LOSS PREVENTION (DLP) SOLUTIONARCHITECT TEAM
Our DLP solution group specializes in pinpointing where data could
be or is slipping from your organizationrsquos control
1
2
3
4
5
6
IBM notes that human factors account for roughly 80 of all data vulnerabilities
Th ese factors break down like so10
6 Vulnerable code
31 Undetermined
6 End-user error
42 Misconfi gured system or application 15 Targeted attack exploited
10 IBMcom ldquo2013 IBM Cyber Security Intelligence Indexrdquo
To Err Is Human
CDWcomsecurity | 8008004239
Senior CDW security experts have the knowledge and resources needed to perform both external and internal assessments on your
IT systems networks and applications Th ey will unearth security exposures and potential vectors through which all manner of threats
can enter and execute future exploits Since the 1990s CDW has conducted more than 1000 security assessments including
bull ExternalPerimeter Testing
bull Internal Assessment
bull Wireless Assessment
bull Application-specifi c Penetration Testing
bull Social Engineering Testing
SECURITY ASSESSMENTS AND VULNERABILITY TESTINGA security solution built to meet your business objectives and fit the way you work starts with a comprehensive
assessment Our testing services start from square one evaluating your IT systems networks and applications
to identify current vulnerabilities and how current threats could exploit them
VULNERABILITY ASSESSMENT mdash Our vulnerability
assessments are designed to help you keep pace with evolving
threats by evaluating current IT systems to determine and categorize
present vulnerabilities that could be exploited by a sophisticated
adversary Our teams will classify and rank vulnerabilities so you
can prioritize risks and take on the most destructive threats fi rst
A thorough assessment provides you with a customized report with
cost-eff ective concise recommendations to tackle specifi c security
problems or threats that may require penetration testing
PENETRATION TESTING mdash If the results of a vulnerability
assessment merit it organizations may gain a clearer view of
their security stance with penetration testing Unlike vulnerability
assessment penetration testing begins at an organizationrsquos network
edge phones and lobby examining everything from password
strength to policy adherence Th e engineerrsquos job is to fi nd at least
one way to perform a breach mdash ldquohacking for goodrdquo mdash in order to test
existing security controls Penetration test results allow CDW experts
to refi ne their recommendations and off er organizations specifi c
strategic plans for optimizing their IT protection
Analyses of external and internal threats will overlap but both must be
examined in the context of vulnerability assessments and penetration testing
OUR SERVICES
10
11 PwC report US Cybercrime Rising Risks Reduced Readiness
NATURE OF CYBERSECURITY INCIDENTS11
For more information about CDWrsquos security
assessment services check out our
overview at CDWcomriskassessment72 external
28 internal
CONFIGURATION SERVICES
Security deployment doesnrsquot have to be disruptive We can
send security engineers onsite to deploy and confi gure security
solutions with or without participation from your IT staff
All solutions receive thorough testing before deployment
concludes to ensure that software assets and the network
remain protected
SECURITY PROFESSIONAL SERVICES
CDWrsquos consultant team works around the clock with
organizations to provide the best security advice services and
expertise available We keep abreast of cutting-edge solutions
and on which threat trends our clients should keep a wary eye
Our mission is to communicate educate and guide you through
the process of implementing a successful security solution
throughout your organization
CDWcomsecurity | 8008004239
SECURITY PROFESSIONAL SERVICES
How long does it take for insidermisuse to be discovered12
Verizonrsquos 2014 Data Breach Investigations Report offers some fascinating insights into the
difference between cybersecurity incidents (63437 total for 2013 from the 50 public and
private global organizations surveyed) and actual breaches (1367) For example crimeware
accounted for 20 of all incidents but only 4 of actual breaches indicating that enterprise
security is doing a decent job of thwarting this particular threat genre On the other hand
web app attacks comprised 6 of all incidents but 35 of all breaches showing an area of
opportunity in enterprise security readiness on this front
These breach weaknesses and disparities are well known among security veterans such
as CDWrsquos security groups We can surgically evaluate each layer of your organizationrsquos
current protection to determine if appropriate hardware software and services are in
place The objective is to make sure that you donrsquot become part of next yearrsquos security
statistics and leave you operating with organization-wide security that is flexible
formidable and scalable
12 Verizon Wireless ldquo2014 Data Breach Investigations Reportrdquo
Specifically across 50 organizations 70 insider incidentstook years to discover Thatrsquos chilling
18 Hours
22 Weeks
2 Years
11 Months
34 Days
OUR SERVICES
CDW ADVANTAGES AND PARTNERS
12
151594
Th e terms and conditions of product sales are limited to those contained on CDWrsquos website at CDWcom notice of objection to and rejection of any additional or diff erent terms in any form delivered by customer is hereby given CDWreg CDWbullGreg and PEOPLE WHO GET ITtrade are trademarks of CDW LLC all other trademarks and registered trademarks are the sole property of their respective owners
To learn more about CDWrsquos security offeringscall 8008004239 contact your account manageror visit CDWcomsecurity
Anyone can say they do security CDW has the pedigree the people and the roster of protected satisfied clients to declare
We do it right We have mastered the discipline of the security process
This is not some empty boast While there are few industry standards concerning how to implement IT security the gold standard
for enterprise security readiness guidelines is the NIST Cybersecurity Framework drafted by the US Commerce Departmentrsquos
National Institute of Standards and Technology in an effort to help organizations identify and enhance their IT security positions
The five key functions outlined in the Framework Core are identification protection detection response and recovery mdash all
elements addressed by CDW in its solutions and services
CDWcomsecurity | 8008004239
CDW has the resources and experience necessary to help remedy any organizationrsquos IT security shortcomings
Many organizations can make this promise but only CDW can deliver
WErsquoVE GOT THE PROOF
AWARDS
bull Highest partner level and highest partner certifications
with most major vendors
bull Average of three ldquoSecurity Partner of the Yearrdquo awards
every year since 2005
bull A dedicated full-time security team since 1998
bull 1500+ security assessments
bull 3500+ firewall designs
bull 150 solution architects and engineers
focused on security
We partner with the most advanced industry leaders in security giving you access to the latest and best
solutions for your needs whether they come from a single vendor or a combination of many
PARTNERS WHO GET IT
Today the traditional LAN is only a beginning It may dovetail with the storage area
network multiple Wi-Fi systems and now carrier-fueled cellular routers Across these
users must maintain secure data tunnels between their offi ce systems mobile devices
and cloud resources Where does one network begin and another end How can IT erect
borders when the data landscape is so shadowed and shifting
Th e only way to control a modern network is to proactively embrace a comprehensive
risk-management strategy As with data security a large part of success revolves around
controlling who has the authority to use resources Rogue devices should be blocked as
should unwanted traffi c and unauthorized users CDW can help establish a chain of authority
throughout your network to protect your organizationrsquos resources and data
CDWrsquoS NETWORK SECURITY SOLUTIONS
NEXT-GENERATION FIREWALL
Next-generation fi rewall solutions off er more visibility and control
than ever by integrating multiple security technologies in a single
platform CDW off ers NGFW solutions that combine features of stateful
inspection fi rewalls IPS content fi ltering and application control mdash all on
a single platform to protect your organization from sophisticated threats
NEXT-GENERATION INTRUSION PREVENTIONSYSTEM (IPS)
Malware and illicit data activity can reveal themselves through atypical
network activity and event application traffi c A capable IPS will spot
such anomalies and help lock them down before they can run rampant
Moreover next-generation solutions can help IT better understand their
users and device activity as well as daily network conditions Th is helps
organizations spot potential problems faster and respond immediately
ADVANCED THREAT DETECTION
For even more demanding security environments advanced threat
detection appliances can assess network traffi c according to deeper
criteria such as source reputation threat-level protocols and
executable analysis Th e object is to detect analyze block and
respond to advanced hidden attacks in real time
NETWORK ACCESS CONTROL (NAC)
An NAC process regulates device and user access to the network
according to set policies based on client confi guration andor
end-user authentication With extensive logging and reporting
capabilities an NAC solution will keep unwanted elements off the
network and IT informed of any repeated access attempts
1 3
2 4
NETWORK SECURITY
OUR SOLUTIONS
Years ago segmenting internal and external hosts made for
a reasonably secure network mdash but not anymore More
sophisticated malware must be met with added layers of
defense even behind the fi rst fi rewall CDW security architects
can craft additional internal network segmentation with
secondary fi rewalls to bolster total network protection
FEATURED SERVICE NETWORK SEGMENTATION
Learn more about next-generation
fi rewalls and their enhanced feature
sets in our NGFW white paper at
CDWcomnextgen-wp
CDWcomsecurity | 8008004239
For many organizations mobility means supporting multiple platforms and form factors and
extending management and security policies to both corporate-liable and employee-owned
devices Mobility doesnrsquot function in a silo Customers need to ensure that networks are
properly secured and initiatives such as endpoint security encryption and authentication
are appropriately integrated
We approach mobile security holistically That means crafting every solution to fit each
organizationrsquos unique business needs Our team of experts can discuss the right tools
and strategies to meet your objectives and build a mobile security solution thatrsquos flexible
and comprehensive
MOBILE DEVICE MANAGEMENT (MDM)
Keep the sprawl of user devices and all of their attendant apps under
control An MDM platform will protect manage and control devices with
security profi les and enforceable policies including giving IT remote control
over security rights locking wiping and centralized activity visibility
MOBILE APPLICATION MANAGEMENT (MAM)
End users should not have the fi nal say on apps when sensitive data is
in play MAM platforms give IT the ability to distribute and manage apps
securely while reporting on app usage managing access and identifying
potentially harmful software
MOBILE CONTENT MANAGEMENT (MCM)
Organizations may want to control how their data fl ows to mobile
users both in terms of rights restriction and on-demand distribution
MCM options will protect data in transit as well as at device and cloud
endpoints while also improving the effi ciency of spreading information
and functionality to mobile workers and partners
SECURE REMOTE ACCESSVPN
Long a fi xture for notebook users needing a secure path through
the public Internet VPNs can now safeguard handheld device data
traffi c as well CDW can also help implement web security and
content controls for your devices on the go
1 3
2 4
Make peace with mobility
Check out our webinar Achieving Complete
Security Endpoint Mobile and NAC to learn C
more about keeping a leash on datarsquos free-
ranging data CDWcomendpoint-web
When MDM masters BYOD
Find out how law firm Dowling Aaron
implemented a mobile data strategy that
also keeps client information secure
Watch our video CDWcombyod-security
MOBILE SECURITY
OUR SOLUTIONS
of new mobile malware incorporates some way for the attacker
to make money off the mobile device user6886 F-Securecom ldquoMobile Th reat Reportrdquo Q1 2014
6
CDWrsquoS MOBILE SECURITY SOLUTIONS
CDW DLP RISK ASSESSMENT
Our DLP RA team can help you better understand where your data resides in your infrastructure who has access to it what potential
threats and vulnerabilities exist and how to best protect your cloud environment from exploitation before you invest in cloud solutions
Assessments can be used before and after a cloud migration to understand how the move might have changed the organizationrsquos risk
profi le and compliance status
Not that long ago the biggest question in adopting cloud technology was whether to
go with a public or private model Today the situation is more complex All cloud models
pose delicate security challenges and IT should be able to address public private
and hybrid options as conditions change and your organization may need (perhaps
repeatedly) to transition from one model to another This is no reason to back away
from the cloud Rather itrsquos an opportunity to seize the cloudrsquos potential in a more secure
fashion that will help protect your operations and earn end-user appreciation
CLOUD SECURITY
CDWrsquoS CLOUD SECURITY SOLUTIONS
DATA LOSS PREVENTION (DLP)
Just because your data lives outside your walls doesnrsquot mean yoursquove
lost the ability to manage it DLP within a cloud environment helps
ensure that sensitive data stays within its intended application
AUTHENTICATION
You canrsquot open your IT gates for everyone who comes knocking
CDW cloud experts can help craft user authentication and identity
management solutions so yoursquore able to control who has remote
access to your organizationrsquos data applications and processes
ENCRYPTION
Keeping data encrypted on your local servers is step one Now
make sure that your cloud-based assets are equally protected
both in transit and at rest
NEXT-GENERATION FIREWALLS
Next-generation fi rewalls provide a single point of visibility into multiple
areas of security functionality in a single platform Th ey combine the
features of stateful inspection fi rewalls intrusion prevention systems
content fi ltering and application control on a single piece of hardware
allowing those components to communicate with each other
SECURITY INFORMATION AND EVENT
MANAGEMENT (SIEM)
We off er SIEM technologies that unify log management anomaly
detection incident forensics and confi guration and vulnerability
management Th ese solutions give you a consolidated view of your
IT data so you can understand identify and stop cyber threats and
attacks while reducing the impact of breaches
1
2
4
3
5
OUR SOLUTIONS
of surveyed organizations possess
a centralized cloud security policy7Only 40 7 Ponemon Institute 2013 State of Endpoint Security
CDWcomsecurity | 8008004239
All vertical markets enforce their own respective industry state and federal regulations
(eg HIPAA SOX and PCI compliance) While no one disputes the ultimate benefi ts of such
regulations the paperwork and potential fi nes for noncompliance are infamous Fortunately
there are ways to streamline and partially automate the compliance process
Being compliant can retain trust and loyalty by demonstrating your ability to protect sensitive
information However pursuing compliance can be mind-numbingly complex and cumbersome
and it should be addressed only after taking steps to fully safeguard the organizationrsquos primary
data and network security You want an expert at your elbow able to spot potential compliance
problem areas and guide you through the most effi cient ways of resolving any gaps
CDW architects have the training and experiencenecessary to help prepare you for bull PCI DSS Compliance
bull HIPAA Compliance
bull FISMA Compliance
bull SOX Compliance
bull Gramm-Leach-Bliley Act (GLBA) Compliance
COMPLIANCE
OUR SOLUTIONS
COMPLIANCE GAP ASSESSMENTS
Do you need help with achieving or maintaining compliance with
the PCI DSS HIPAA HITECH or other standards CDW can help
As your trusted security advisor we can identify compliance
data security shortfalls and make conservative cost-eff ective
recommendations to help resolve problems and help
you meet regulatory requirements
Evolving Security Eff ortsto Meet PCI DSSTh e latest version of the payment card industry(PCI) standard includes new requirements thatorganizations must meet by the end of 2014Find out more in our white paper at
CDWcompci-wp
of organizations that suffered a data breach in 2013
were compliant with PCI DSS Requirement 18
identities were exposed via breaches in 2013 mdash more than
doubling the 232M of 20119
Only 125
Over 552M
8 F-Securecom ldquoMobile Th reat Reportrdquo Q1 2014
9 Symanteccom ldquoInternet Security Th reat Reportrdquo 2014
8
Sick Security System mdash SolvedFor one of the many real-life examples of howCDW helps steer organizations into regulatorycompliance check out our video on howone hospital system leveraged our securityassessments to heal its HIPAA ailments
CDWcomcompliance-video
The right technology isnrsquot always enough The difference between security and vulnerability
comes down to the right people mdash people who assess deploy and manage that technology
to fit the way you do business
We have the people with the expertise and experience to understand which technologies
address current security concerns From design to implementation and management our
people know how to build a solution that fits your needs and prepares your IT infrastructure
for future threats
OUR SERVICES
BEST-OF-BREED SECURITY SERVICES
SOME OF OUR TOP SECURITY GROUPS
SECURITY ASSESSMENT TEAM
Assessment is the backbone of security planning and ongoing
maintenance Our consulting specialists perform many types
of vendor-neutral assessments such as
bull Penetration testing (ldquowhite hatrdquo hacking)
bull Deep vulnerability scans
bull Internal and mandated policy compliance
bull Forensics and incident response
bull Policy and procedure work
FIELD SECURITY SOLUTION ARCHITECTS
Our fi eld security team members are in-market resources
who can consult on Cisco security architecture and design
an appropriate solution to meet your business objectives
CDW THREAT CHECK (CTC) TEAM
Last yearrsquos malware assessment is already out of date Th e CTC
specialist team scours an organization for all manner of malware
using the latest tools and methods Our dedicated team off ers a
zero-dollar threat check to help you get started
INSIDE SECURITY SOLUTION ARCHITECTS
Security spans from deep within client system platforms to far beyond
the networkrsquos edge CDWrsquos complete spectrum of security solutions
encompasses hundreds of products from over 50 major security
vendors Our inside architects can assist in everything from solution
design to Bill of Materials confi guration
SECURITY DELIVERY ENGINEERS
Our security delivery engineers will work with you to implement
security solutions into your environments while giving you a full
understanding of their functionality through training
DATA LOSS PREVENTION (DLP) SOLUTIONARCHITECT TEAM
Our DLP solution group specializes in pinpointing where data could
be or is slipping from your organizationrsquos control
1
2
3
4
5
6
IBM notes that human factors account for roughly 80 of all data vulnerabilities
Th ese factors break down like so10
6 Vulnerable code
31 Undetermined
6 End-user error
42 Misconfi gured system or application 15 Targeted attack exploited
10 IBMcom ldquo2013 IBM Cyber Security Intelligence Indexrdquo
To Err Is Human
CDWcomsecurity | 8008004239
Senior CDW security experts have the knowledge and resources needed to perform both external and internal assessments on your
IT systems networks and applications Th ey will unearth security exposures and potential vectors through which all manner of threats
can enter and execute future exploits Since the 1990s CDW has conducted more than 1000 security assessments including
bull ExternalPerimeter Testing
bull Internal Assessment
bull Wireless Assessment
bull Application-specifi c Penetration Testing
bull Social Engineering Testing
SECURITY ASSESSMENTS AND VULNERABILITY TESTINGA security solution built to meet your business objectives and fit the way you work starts with a comprehensive
assessment Our testing services start from square one evaluating your IT systems networks and applications
to identify current vulnerabilities and how current threats could exploit them
VULNERABILITY ASSESSMENT mdash Our vulnerability
assessments are designed to help you keep pace with evolving
threats by evaluating current IT systems to determine and categorize
present vulnerabilities that could be exploited by a sophisticated
adversary Our teams will classify and rank vulnerabilities so you
can prioritize risks and take on the most destructive threats fi rst
A thorough assessment provides you with a customized report with
cost-eff ective concise recommendations to tackle specifi c security
problems or threats that may require penetration testing
PENETRATION TESTING mdash If the results of a vulnerability
assessment merit it organizations may gain a clearer view of
their security stance with penetration testing Unlike vulnerability
assessment penetration testing begins at an organizationrsquos network
edge phones and lobby examining everything from password
strength to policy adherence Th e engineerrsquos job is to fi nd at least
one way to perform a breach mdash ldquohacking for goodrdquo mdash in order to test
existing security controls Penetration test results allow CDW experts
to refi ne their recommendations and off er organizations specifi c
strategic plans for optimizing their IT protection
Analyses of external and internal threats will overlap but both must be
examined in the context of vulnerability assessments and penetration testing
OUR SERVICES
10
11 PwC report US Cybercrime Rising Risks Reduced Readiness
NATURE OF CYBERSECURITY INCIDENTS11
For more information about CDWrsquos security
assessment services check out our
overview at CDWcomriskassessment72 external
28 internal
CONFIGURATION SERVICES
Security deployment doesnrsquot have to be disruptive We can
send security engineers onsite to deploy and confi gure security
solutions with or without participation from your IT staff
All solutions receive thorough testing before deployment
concludes to ensure that software assets and the network
remain protected
SECURITY PROFESSIONAL SERVICES
CDWrsquos consultant team works around the clock with
organizations to provide the best security advice services and
expertise available We keep abreast of cutting-edge solutions
and on which threat trends our clients should keep a wary eye
Our mission is to communicate educate and guide you through
the process of implementing a successful security solution
throughout your organization
CDWcomsecurity | 8008004239
SECURITY PROFESSIONAL SERVICES
How long does it take for insidermisuse to be discovered12
Verizonrsquos 2014 Data Breach Investigations Report offers some fascinating insights into the
difference between cybersecurity incidents (63437 total for 2013 from the 50 public and
private global organizations surveyed) and actual breaches (1367) For example crimeware
accounted for 20 of all incidents but only 4 of actual breaches indicating that enterprise
security is doing a decent job of thwarting this particular threat genre On the other hand
web app attacks comprised 6 of all incidents but 35 of all breaches showing an area of
opportunity in enterprise security readiness on this front
These breach weaknesses and disparities are well known among security veterans such
as CDWrsquos security groups We can surgically evaluate each layer of your organizationrsquos
current protection to determine if appropriate hardware software and services are in
place The objective is to make sure that you donrsquot become part of next yearrsquos security
statistics and leave you operating with organization-wide security that is flexible
formidable and scalable
12 Verizon Wireless ldquo2014 Data Breach Investigations Reportrdquo
Specifically across 50 organizations 70 insider incidentstook years to discover Thatrsquos chilling
18 Hours
22 Weeks
2 Years
11 Months
34 Days
OUR SERVICES
CDW ADVANTAGES AND PARTNERS
12
151594
Th e terms and conditions of product sales are limited to those contained on CDWrsquos website at CDWcom notice of objection to and rejection of any additional or diff erent terms in any form delivered by customer is hereby given CDWreg CDWbullGreg and PEOPLE WHO GET ITtrade are trademarks of CDW LLC all other trademarks and registered trademarks are the sole property of their respective owners
To learn more about CDWrsquos security offeringscall 8008004239 contact your account manageror visit CDWcomsecurity
Anyone can say they do security CDW has the pedigree the people and the roster of protected satisfied clients to declare
We do it right We have mastered the discipline of the security process
This is not some empty boast While there are few industry standards concerning how to implement IT security the gold standard
for enterprise security readiness guidelines is the NIST Cybersecurity Framework drafted by the US Commerce Departmentrsquos
National Institute of Standards and Technology in an effort to help organizations identify and enhance their IT security positions
The five key functions outlined in the Framework Core are identification protection detection response and recovery mdash all
elements addressed by CDW in its solutions and services
CDWcomsecurity | 8008004239
CDW has the resources and experience necessary to help remedy any organizationrsquos IT security shortcomings
Many organizations can make this promise but only CDW can deliver
WErsquoVE GOT THE PROOF
AWARDS
bull Highest partner level and highest partner certifications
with most major vendors
bull Average of three ldquoSecurity Partner of the Yearrdquo awards
every year since 2005
bull A dedicated full-time security team since 1998
bull 1500+ security assessments
bull 3500+ firewall designs
bull 150 solution architects and engineers
focused on security
We partner with the most advanced industry leaders in security giving you access to the latest and best
solutions for your needs whether they come from a single vendor or a combination of many
PARTNERS WHO GET IT
For many organizations mobility means supporting multiple platforms and form factors and
extending management and security policies to both corporate-liable and employee-owned
devices Mobility doesnrsquot function in a silo Customers need to ensure that networks are
properly secured and initiatives such as endpoint security encryption and authentication
are appropriately integrated
We approach mobile security holistically That means crafting every solution to fit each
organizationrsquos unique business needs Our team of experts can discuss the right tools
and strategies to meet your objectives and build a mobile security solution thatrsquos flexible
and comprehensive
MOBILE DEVICE MANAGEMENT (MDM)
Keep the sprawl of user devices and all of their attendant apps under
control An MDM platform will protect manage and control devices with
security profi les and enforceable policies including giving IT remote control
over security rights locking wiping and centralized activity visibility
MOBILE APPLICATION MANAGEMENT (MAM)
End users should not have the fi nal say on apps when sensitive data is
in play MAM platforms give IT the ability to distribute and manage apps
securely while reporting on app usage managing access and identifying
potentially harmful software
MOBILE CONTENT MANAGEMENT (MCM)
Organizations may want to control how their data fl ows to mobile
users both in terms of rights restriction and on-demand distribution
MCM options will protect data in transit as well as at device and cloud
endpoints while also improving the effi ciency of spreading information
and functionality to mobile workers and partners
SECURE REMOTE ACCESSVPN
Long a fi xture for notebook users needing a secure path through
the public Internet VPNs can now safeguard handheld device data
traffi c as well CDW can also help implement web security and
content controls for your devices on the go
1 3
2 4
Make peace with mobility
Check out our webinar Achieving Complete
Security Endpoint Mobile and NAC to learn C
more about keeping a leash on datarsquos free-
ranging data CDWcomendpoint-web
When MDM masters BYOD
Find out how law firm Dowling Aaron
implemented a mobile data strategy that
also keeps client information secure
Watch our video CDWcombyod-security
MOBILE SECURITY
OUR SOLUTIONS
of new mobile malware incorporates some way for the attacker
to make money off the mobile device user6886 F-Securecom ldquoMobile Th reat Reportrdquo Q1 2014
6
CDWrsquoS MOBILE SECURITY SOLUTIONS
CDW DLP RISK ASSESSMENT
Our DLP RA team can help you better understand where your data resides in your infrastructure who has access to it what potential
threats and vulnerabilities exist and how to best protect your cloud environment from exploitation before you invest in cloud solutions
Assessments can be used before and after a cloud migration to understand how the move might have changed the organizationrsquos risk
profi le and compliance status
Not that long ago the biggest question in adopting cloud technology was whether to
go with a public or private model Today the situation is more complex All cloud models
pose delicate security challenges and IT should be able to address public private
and hybrid options as conditions change and your organization may need (perhaps
repeatedly) to transition from one model to another This is no reason to back away
from the cloud Rather itrsquos an opportunity to seize the cloudrsquos potential in a more secure
fashion that will help protect your operations and earn end-user appreciation
CLOUD SECURITY
CDWrsquoS CLOUD SECURITY SOLUTIONS
DATA LOSS PREVENTION (DLP)
Just because your data lives outside your walls doesnrsquot mean yoursquove
lost the ability to manage it DLP within a cloud environment helps
ensure that sensitive data stays within its intended application
AUTHENTICATION
You canrsquot open your IT gates for everyone who comes knocking
CDW cloud experts can help craft user authentication and identity
management solutions so yoursquore able to control who has remote
access to your organizationrsquos data applications and processes
ENCRYPTION
Keeping data encrypted on your local servers is step one Now
make sure that your cloud-based assets are equally protected
both in transit and at rest
NEXT-GENERATION FIREWALLS
Next-generation fi rewalls provide a single point of visibility into multiple
areas of security functionality in a single platform Th ey combine the
features of stateful inspection fi rewalls intrusion prevention systems
content fi ltering and application control on a single piece of hardware
allowing those components to communicate with each other
SECURITY INFORMATION AND EVENT
MANAGEMENT (SIEM)
We off er SIEM technologies that unify log management anomaly
detection incident forensics and confi guration and vulnerability
management Th ese solutions give you a consolidated view of your
IT data so you can understand identify and stop cyber threats and
attacks while reducing the impact of breaches
1
2
4
3
5
OUR SOLUTIONS
of surveyed organizations possess
a centralized cloud security policy7Only 40 7 Ponemon Institute 2013 State of Endpoint Security
CDWcomsecurity | 8008004239
All vertical markets enforce their own respective industry state and federal regulations
(eg HIPAA SOX and PCI compliance) While no one disputes the ultimate benefi ts of such
regulations the paperwork and potential fi nes for noncompliance are infamous Fortunately
there are ways to streamline and partially automate the compliance process
Being compliant can retain trust and loyalty by demonstrating your ability to protect sensitive
information However pursuing compliance can be mind-numbingly complex and cumbersome
and it should be addressed only after taking steps to fully safeguard the organizationrsquos primary
data and network security You want an expert at your elbow able to spot potential compliance
problem areas and guide you through the most effi cient ways of resolving any gaps
CDW architects have the training and experiencenecessary to help prepare you for bull PCI DSS Compliance
bull HIPAA Compliance
bull FISMA Compliance
bull SOX Compliance
bull Gramm-Leach-Bliley Act (GLBA) Compliance
COMPLIANCE
OUR SOLUTIONS
COMPLIANCE GAP ASSESSMENTS
Do you need help with achieving or maintaining compliance with
the PCI DSS HIPAA HITECH or other standards CDW can help
As your trusted security advisor we can identify compliance
data security shortfalls and make conservative cost-eff ective
recommendations to help resolve problems and help
you meet regulatory requirements
Evolving Security Eff ortsto Meet PCI DSSTh e latest version of the payment card industry(PCI) standard includes new requirements thatorganizations must meet by the end of 2014Find out more in our white paper at
CDWcompci-wp
of organizations that suffered a data breach in 2013
were compliant with PCI DSS Requirement 18
identities were exposed via breaches in 2013 mdash more than
doubling the 232M of 20119
Only 125
Over 552M
8 F-Securecom ldquoMobile Th reat Reportrdquo Q1 2014
9 Symanteccom ldquoInternet Security Th reat Reportrdquo 2014
8
Sick Security System mdash SolvedFor one of the many real-life examples of howCDW helps steer organizations into regulatorycompliance check out our video on howone hospital system leveraged our securityassessments to heal its HIPAA ailments
CDWcomcompliance-video
The right technology isnrsquot always enough The difference between security and vulnerability
comes down to the right people mdash people who assess deploy and manage that technology
to fit the way you do business
We have the people with the expertise and experience to understand which technologies
address current security concerns From design to implementation and management our
people know how to build a solution that fits your needs and prepares your IT infrastructure
for future threats
OUR SERVICES
BEST-OF-BREED SECURITY SERVICES
SOME OF OUR TOP SECURITY GROUPS
SECURITY ASSESSMENT TEAM
Assessment is the backbone of security planning and ongoing
maintenance Our consulting specialists perform many types
of vendor-neutral assessments such as
bull Penetration testing (ldquowhite hatrdquo hacking)
bull Deep vulnerability scans
bull Internal and mandated policy compliance
bull Forensics and incident response
bull Policy and procedure work
FIELD SECURITY SOLUTION ARCHITECTS
Our fi eld security team members are in-market resources
who can consult on Cisco security architecture and design
an appropriate solution to meet your business objectives
CDW THREAT CHECK (CTC) TEAM
Last yearrsquos malware assessment is already out of date Th e CTC
specialist team scours an organization for all manner of malware
using the latest tools and methods Our dedicated team off ers a
zero-dollar threat check to help you get started
INSIDE SECURITY SOLUTION ARCHITECTS
Security spans from deep within client system platforms to far beyond
the networkrsquos edge CDWrsquos complete spectrum of security solutions
encompasses hundreds of products from over 50 major security
vendors Our inside architects can assist in everything from solution
design to Bill of Materials confi guration
SECURITY DELIVERY ENGINEERS
Our security delivery engineers will work with you to implement
security solutions into your environments while giving you a full
understanding of their functionality through training
DATA LOSS PREVENTION (DLP) SOLUTIONARCHITECT TEAM
Our DLP solution group specializes in pinpointing where data could
be or is slipping from your organizationrsquos control
1
2
3
4
5
6
IBM notes that human factors account for roughly 80 of all data vulnerabilities
Th ese factors break down like so10
6 Vulnerable code
31 Undetermined
6 End-user error
42 Misconfi gured system or application 15 Targeted attack exploited
10 IBMcom ldquo2013 IBM Cyber Security Intelligence Indexrdquo
To Err Is Human
CDWcomsecurity | 8008004239
Senior CDW security experts have the knowledge and resources needed to perform both external and internal assessments on your
IT systems networks and applications Th ey will unearth security exposures and potential vectors through which all manner of threats
can enter and execute future exploits Since the 1990s CDW has conducted more than 1000 security assessments including
bull ExternalPerimeter Testing
bull Internal Assessment
bull Wireless Assessment
bull Application-specifi c Penetration Testing
bull Social Engineering Testing
SECURITY ASSESSMENTS AND VULNERABILITY TESTINGA security solution built to meet your business objectives and fit the way you work starts with a comprehensive
assessment Our testing services start from square one evaluating your IT systems networks and applications
to identify current vulnerabilities and how current threats could exploit them
VULNERABILITY ASSESSMENT mdash Our vulnerability
assessments are designed to help you keep pace with evolving
threats by evaluating current IT systems to determine and categorize
present vulnerabilities that could be exploited by a sophisticated
adversary Our teams will classify and rank vulnerabilities so you
can prioritize risks and take on the most destructive threats fi rst
A thorough assessment provides you with a customized report with
cost-eff ective concise recommendations to tackle specifi c security
problems or threats that may require penetration testing
PENETRATION TESTING mdash If the results of a vulnerability
assessment merit it organizations may gain a clearer view of
their security stance with penetration testing Unlike vulnerability
assessment penetration testing begins at an organizationrsquos network
edge phones and lobby examining everything from password
strength to policy adherence Th e engineerrsquos job is to fi nd at least
one way to perform a breach mdash ldquohacking for goodrdquo mdash in order to test
existing security controls Penetration test results allow CDW experts
to refi ne their recommendations and off er organizations specifi c
strategic plans for optimizing their IT protection
Analyses of external and internal threats will overlap but both must be
examined in the context of vulnerability assessments and penetration testing
OUR SERVICES
10
11 PwC report US Cybercrime Rising Risks Reduced Readiness
NATURE OF CYBERSECURITY INCIDENTS11
For more information about CDWrsquos security
assessment services check out our
overview at CDWcomriskassessment72 external
28 internal
CONFIGURATION SERVICES
Security deployment doesnrsquot have to be disruptive We can
send security engineers onsite to deploy and confi gure security
solutions with or without participation from your IT staff
All solutions receive thorough testing before deployment
concludes to ensure that software assets and the network
remain protected
SECURITY PROFESSIONAL SERVICES
CDWrsquos consultant team works around the clock with
organizations to provide the best security advice services and
expertise available We keep abreast of cutting-edge solutions
and on which threat trends our clients should keep a wary eye
Our mission is to communicate educate and guide you through
the process of implementing a successful security solution
throughout your organization
CDWcomsecurity | 8008004239
SECURITY PROFESSIONAL SERVICES
How long does it take for insidermisuse to be discovered12
Verizonrsquos 2014 Data Breach Investigations Report offers some fascinating insights into the
difference between cybersecurity incidents (63437 total for 2013 from the 50 public and
private global organizations surveyed) and actual breaches (1367) For example crimeware
accounted for 20 of all incidents but only 4 of actual breaches indicating that enterprise
security is doing a decent job of thwarting this particular threat genre On the other hand
web app attacks comprised 6 of all incidents but 35 of all breaches showing an area of
opportunity in enterprise security readiness on this front
These breach weaknesses and disparities are well known among security veterans such
as CDWrsquos security groups We can surgically evaluate each layer of your organizationrsquos
current protection to determine if appropriate hardware software and services are in
place The objective is to make sure that you donrsquot become part of next yearrsquos security
statistics and leave you operating with organization-wide security that is flexible
formidable and scalable
12 Verizon Wireless ldquo2014 Data Breach Investigations Reportrdquo
Specifically across 50 organizations 70 insider incidentstook years to discover Thatrsquos chilling
18 Hours
22 Weeks
2 Years
11 Months
34 Days
OUR SERVICES
CDW ADVANTAGES AND PARTNERS
12
151594
Th e terms and conditions of product sales are limited to those contained on CDWrsquos website at CDWcom notice of objection to and rejection of any additional or diff erent terms in any form delivered by customer is hereby given CDWreg CDWbullGreg and PEOPLE WHO GET ITtrade are trademarks of CDW LLC all other trademarks and registered trademarks are the sole property of their respective owners
To learn more about CDWrsquos security offeringscall 8008004239 contact your account manageror visit CDWcomsecurity
Anyone can say they do security CDW has the pedigree the people and the roster of protected satisfied clients to declare
We do it right We have mastered the discipline of the security process
This is not some empty boast While there are few industry standards concerning how to implement IT security the gold standard
for enterprise security readiness guidelines is the NIST Cybersecurity Framework drafted by the US Commerce Departmentrsquos
National Institute of Standards and Technology in an effort to help organizations identify and enhance their IT security positions
The five key functions outlined in the Framework Core are identification protection detection response and recovery mdash all
elements addressed by CDW in its solutions and services
CDWcomsecurity | 8008004239
CDW has the resources and experience necessary to help remedy any organizationrsquos IT security shortcomings
Many organizations can make this promise but only CDW can deliver
WErsquoVE GOT THE PROOF
AWARDS
bull Highest partner level and highest partner certifications
with most major vendors
bull Average of three ldquoSecurity Partner of the Yearrdquo awards
every year since 2005
bull A dedicated full-time security team since 1998
bull 1500+ security assessments
bull 3500+ firewall designs
bull 150 solution architects and engineers
focused on security
We partner with the most advanced industry leaders in security giving you access to the latest and best
solutions for your needs whether they come from a single vendor or a combination of many
PARTNERS WHO GET IT
CDW DLP RISK ASSESSMENT
Our DLP RA team can help you better understand where your data resides in your infrastructure who has access to it what potential
threats and vulnerabilities exist and how to best protect your cloud environment from exploitation before you invest in cloud solutions
Assessments can be used before and after a cloud migration to understand how the move might have changed the organizationrsquos risk
profi le and compliance status
Not that long ago the biggest question in adopting cloud technology was whether to
go with a public or private model Today the situation is more complex All cloud models
pose delicate security challenges and IT should be able to address public private
and hybrid options as conditions change and your organization may need (perhaps
repeatedly) to transition from one model to another This is no reason to back away
from the cloud Rather itrsquos an opportunity to seize the cloudrsquos potential in a more secure
fashion that will help protect your operations and earn end-user appreciation
CLOUD SECURITY
CDWrsquoS CLOUD SECURITY SOLUTIONS
DATA LOSS PREVENTION (DLP)
Just because your data lives outside your walls doesnrsquot mean yoursquove
lost the ability to manage it DLP within a cloud environment helps
ensure that sensitive data stays within its intended application
AUTHENTICATION
You canrsquot open your IT gates for everyone who comes knocking
CDW cloud experts can help craft user authentication and identity
management solutions so yoursquore able to control who has remote
access to your organizationrsquos data applications and processes
ENCRYPTION
Keeping data encrypted on your local servers is step one Now
make sure that your cloud-based assets are equally protected
both in transit and at rest
NEXT-GENERATION FIREWALLS
Next-generation fi rewalls provide a single point of visibility into multiple
areas of security functionality in a single platform Th ey combine the
features of stateful inspection fi rewalls intrusion prevention systems
content fi ltering and application control on a single piece of hardware
allowing those components to communicate with each other
SECURITY INFORMATION AND EVENT
MANAGEMENT (SIEM)
We off er SIEM technologies that unify log management anomaly
detection incident forensics and confi guration and vulnerability
management Th ese solutions give you a consolidated view of your
IT data so you can understand identify and stop cyber threats and
attacks while reducing the impact of breaches
1
2
4
3
5
OUR SOLUTIONS
of surveyed organizations possess
a centralized cloud security policy7Only 40 7 Ponemon Institute 2013 State of Endpoint Security
CDWcomsecurity | 8008004239
All vertical markets enforce their own respective industry state and federal regulations
(eg HIPAA SOX and PCI compliance) While no one disputes the ultimate benefi ts of such
regulations the paperwork and potential fi nes for noncompliance are infamous Fortunately
there are ways to streamline and partially automate the compliance process
Being compliant can retain trust and loyalty by demonstrating your ability to protect sensitive
information However pursuing compliance can be mind-numbingly complex and cumbersome
and it should be addressed only after taking steps to fully safeguard the organizationrsquos primary
data and network security You want an expert at your elbow able to spot potential compliance
problem areas and guide you through the most effi cient ways of resolving any gaps
CDW architects have the training and experiencenecessary to help prepare you for bull PCI DSS Compliance
bull HIPAA Compliance
bull FISMA Compliance
bull SOX Compliance
bull Gramm-Leach-Bliley Act (GLBA) Compliance
COMPLIANCE
OUR SOLUTIONS
COMPLIANCE GAP ASSESSMENTS
Do you need help with achieving or maintaining compliance with
the PCI DSS HIPAA HITECH or other standards CDW can help
As your trusted security advisor we can identify compliance
data security shortfalls and make conservative cost-eff ective
recommendations to help resolve problems and help
you meet regulatory requirements
Evolving Security Eff ortsto Meet PCI DSSTh e latest version of the payment card industry(PCI) standard includes new requirements thatorganizations must meet by the end of 2014Find out more in our white paper at
CDWcompci-wp
of organizations that suffered a data breach in 2013
were compliant with PCI DSS Requirement 18
identities were exposed via breaches in 2013 mdash more than
doubling the 232M of 20119
Only 125
Over 552M
8 F-Securecom ldquoMobile Th reat Reportrdquo Q1 2014
9 Symanteccom ldquoInternet Security Th reat Reportrdquo 2014
8
Sick Security System mdash SolvedFor one of the many real-life examples of howCDW helps steer organizations into regulatorycompliance check out our video on howone hospital system leveraged our securityassessments to heal its HIPAA ailments
CDWcomcompliance-video
The right technology isnrsquot always enough The difference between security and vulnerability
comes down to the right people mdash people who assess deploy and manage that technology
to fit the way you do business
We have the people with the expertise and experience to understand which technologies
address current security concerns From design to implementation and management our
people know how to build a solution that fits your needs and prepares your IT infrastructure
for future threats
OUR SERVICES
BEST-OF-BREED SECURITY SERVICES
SOME OF OUR TOP SECURITY GROUPS
SECURITY ASSESSMENT TEAM
Assessment is the backbone of security planning and ongoing
maintenance Our consulting specialists perform many types
of vendor-neutral assessments such as
bull Penetration testing (ldquowhite hatrdquo hacking)
bull Deep vulnerability scans
bull Internal and mandated policy compliance
bull Forensics and incident response
bull Policy and procedure work
FIELD SECURITY SOLUTION ARCHITECTS
Our fi eld security team members are in-market resources
who can consult on Cisco security architecture and design
an appropriate solution to meet your business objectives
CDW THREAT CHECK (CTC) TEAM
Last yearrsquos malware assessment is already out of date Th e CTC
specialist team scours an organization for all manner of malware
using the latest tools and methods Our dedicated team off ers a
zero-dollar threat check to help you get started
INSIDE SECURITY SOLUTION ARCHITECTS
Security spans from deep within client system platforms to far beyond
the networkrsquos edge CDWrsquos complete spectrum of security solutions
encompasses hundreds of products from over 50 major security
vendors Our inside architects can assist in everything from solution
design to Bill of Materials confi guration
SECURITY DELIVERY ENGINEERS
Our security delivery engineers will work with you to implement
security solutions into your environments while giving you a full
understanding of their functionality through training
DATA LOSS PREVENTION (DLP) SOLUTIONARCHITECT TEAM
Our DLP solution group specializes in pinpointing where data could
be or is slipping from your organizationrsquos control
1
2
3
4
5
6
IBM notes that human factors account for roughly 80 of all data vulnerabilities
Th ese factors break down like so10
6 Vulnerable code
31 Undetermined
6 End-user error
42 Misconfi gured system or application 15 Targeted attack exploited
10 IBMcom ldquo2013 IBM Cyber Security Intelligence Indexrdquo
To Err Is Human
CDWcomsecurity | 8008004239
Senior CDW security experts have the knowledge and resources needed to perform both external and internal assessments on your
IT systems networks and applications Th ey will unearth security exposures and potential vectors through which all manner of threats
can enter and execute future exploits Since the 1990s CDW has conducted more than 1000 security assessments including
bull ExternalPerimeter Testing
bull Internal Assessment
bull Wireless Assessment
bull Application-specifi c Penetration Testing
bull Social Engineering Testing
SECURITY ASSESSMENTS AND VULNERABILITY TESTINGA security solution built to meet your business objectives and fit the way you work starts with a comprehensive
assessment Our testing services start from square one evaluating your IT systems networks and applications
to identify current vulnerabilities and how current threats could exploit them
VULNERABILITY ASSESSMENT mdash Our vulnerability
assessments are designed to help you keep pace with evolving
threats by evaluating current IT systems to determine and categorize
present vulnerabilities that could be exploited by a sophisticated
adversary Our teams will classify and rank vulnerabilities so you
can prioritize risks and take on the most destructive threats fi rst
A thorough assessment provides you with a customized report with
cost-eff ective concise recommendations to tackle specifi c security
problems or threats that may require penetration testing
PENETRATION TESTING mdash If the results of a vulnerability
assessment merit it organizations may gain a clearer view of
their security stance with penetration testing Unlike vulnerability
assessment penetration testing begins at an organizationrsquos network
edge phones and lobby examining everything from password
strength to policy adherence Th e engineerrsquos job is to fi nd at least
one way to perform a breach mdash ldquohacking for goodrdquo mdash in order to test
existing security controls Penetration test results allow CDW experts
to refi ne their recommendations and off er organizations specifi c
strategic plans for optimizing their IT protection
Analyses of external and internal threats will overlap but both must be
examined in the context of vulnerability assessments and penetration testing
OUR SERVICES
10
11 PwC report US Cybercrime Rising Risks Reduced Readiness
NATURE OF CYBERSECURITY INCIDENTS11
For more information about CDWrsquos security
assessment services check out our
overview at CDWcomriskassessment72 external
28 internal
CONFIGURATION SERVICES
Security deployment doesnrsquot have to be disruptive We can
send security engineers onsite to deploy and confi gure security
solutions with or without participation from your IT staff
All solutions receive thorough testing before deployment
concludes to ensure that software assets and the network
remain protected
SECURITY PROFESSIONAL SERVICES
CDWrsquos consultant team works around the clock with
organizations to provide the best security advice services and
expertise available We keep abreast of cutting-edge solutions
and on which threat trends our clients should keep a wary eye
Our mission is to communicate educate and guide you through
the process of implementing a successful security solution
throughout your organization
CDWcomsecurity | 8008004239
SECURITY PROFESSIONAL SERVICES
How long does it take for insidermisuse to be discovered12
Verizonrsquos 2014 Data Breach Investigations Report offers some fascinating insights into the
difference between cybersecurity incidents (63437 total for 2013 from the 50 public and
private global organizations surveyed) and actual breaches (1367) For example crimeware
accounted for 20 of all incidents but only 4 of actual breaches indicating that enterprise
security is doing a decent job of thwarting this particular threat genre On the other hand
web app attacks comprised 6 of all incidents but 35 of all breaches showing an area of
opportunity in enterprise security readiness on this front
These breach weaknesses and disparities are well known among security veterans such
as CDWrsquos security groups We can surgically evaluate each layer of your organizationrsquos
current protection to determine if appropriate hardware software and services are in
place The objective is to make sure that you donrsquot become part of next yearrsquos security
statistics and leave you operating with organization-wide security that is flexible
formidable and scalable
12 Verizon Wireless ldquo2014 Data Breach Investigations Reportrdquo
Specifically across 50 organizations 70 insider incidentstook years to discover Thatrsquos chilling
18 Hours
22 Weeks
2 Years
11 Months
34 Days
OUR SERVICES
CDW ADVANTAGES AND PARTNERS
12
151594
Th e terms and conditions of product sales are limited to those contained on CDWrsquos website at CDWcom notice of objection to and rejection of any additional or diff erent terms in any form delivered by customer is hereby given CDWreg CDWbullGreg and PEOPLE WHO GET ITtrade are trademarks of CDW LLC all other trademarks and registered trademarks are the sole property of their respective owners
To learn more about CDWrsquos security offeringscall 8008004239 contact your account manageror visit CDWcomsecurity
Anyone can say they do security CDW has the pedigree the people and the roster of protected satisfied clients to declare
We do it right We have mastered the discipline of the security process
This is not some empty boast While there are few industry standards concerning how to implement IT security the gold standard
for enterprise security readiness guidelines is the NIST Cybersecurity Framework drafted by the US Commerce Departmentrsquos
National Institute of Standards and Technology in an effort to help organizations identify and enhance their IT security positions
The five key functions outlined in the Framework Core are identification protection detection response and recovery mdash all
elements addressed by CDW in its solutions and services
CDWcomsecurity | 8008004239
CDW has the resources and experience necessary to help remedy any organizationrsquos IT security shortcomings
Many organizations can make this promise but only CDW can deliver
WErsquoVE GOT THE PROOF
AWARDS
bull Highest partner level and highest partner certifications
with most major vendors
bull Average of three ldquoSecurity Partner of the Yearrdquo awards
every year since 2005
bull A dedicated full-time security team since 1998
bull 1500+ security assessments
bull 3500+ firewall designs
bull 150 solution architects and engineers
focused on security
We partner with the most advanced industry leaders in security giving you access to the latest and best
solutions for your needs whether they come from a single vendor or a combination of many
PARTNERS WHO GET IT
All vertical markets enforce their own respective industry state and federal regulations
(eg HIPAA SOX and PCI compliance) While no one disputes the ultimate benefi ts of such
regulations the paperwork and potential fi nes for noncompliance are infamous Fortunately
there are ways to streamline and partially automate the compliance process
Being compliant can retain trust and loyalty by demonstrating your ability to protect sensitive
information However pursuing compliance can be mind-numbingly complex and cumbersome
and it should be addressed only after taking steps to fully safeguard the organizationrsquos primary
data and network security You want an expert at your elbow able to spot potential compliance
problem areas and guide you through the most effi cient ways of resolving any gaps
CDW architects have the training and experiencenecessary to help prepare you for bull PCI DSS Compliance
bull HIPAA Compliance
bull FISMA Compliance
bull SOX Compliance
bull Gramm-Leach-Bliley Act (GLBA) Compliance
COMPLIANCE
OUR SOLUTIONS
COMPLIANCE GAP ASSESSMENTS
Do you need help with achieving or maintaining compliance with
the PCI DSS HIPAA HITECH or other standards CDW can help
As your trusted security advisor we can identify compliance
data security shortfalls and make conservative cost-eff ective
recommendations to help resolve problems and help
you meet regulatory requirements
Evolving Security Eff ortsto Meet PCI DSSTh e latest version of the payment card industry(PCI) standard includes new requirements thatorganizations must meet by the end of 2014Find out more in our white paper at
CDWcompci-wp
of organizations that suffered a data breach in 2013
were compliant with PCI DSS Requirement 18
identities were exposed via breaches in 2013 mdash more than
doubling the 232M of 20119
Only 125
Over 552M
8 F-Securecom ldquoMobile Th reat Reportrdquo Q1 2014
9 Symanteccom ldquoInternet Security Th reat Reportrdquo 2014
8
Sick Security System mdash SolvedFor one of the many real-life examples of howCDW helps steer organizations into regulatorycompliance check out our video on howone hospital system leveraged our securityassessments to heal its HIPAA ailments
CDWcomcompliance-video
The right technology isnrsquot always enough The difference between security and vulnerability
comes down to the right people mdash people who assess deploy and manage that technology
to fit the way you do business
We have the people with the expertise and experience to understand which technologies
address current security concerns From design to implementation and management our
people know how to build a solution that fits your needs and prepares your IT infrastructure
for future threats
OUR SERVICES
BEST-OF-BREED SECURITY SERVICES
SOME OF OUR TOP SECURITY GROUPS
SECURITY ASSESSMENT TEAM
Assessment is the backbone of security planning and ongoing
maintenance Our consulting specialists perform many types
of vendor-neutral assessments such as
bull Penetration testing (ldquowhite hatrdquo hacking)
bull Deep vulnerability scans
bull Internal and mandated policy compliance
bull Forensics and incident response
bull Policy and procedure work
FIELD SECURITY SOLUTION ARCHITECTS
Our fi eld security team members are in-market resources
who can consult on Cisco security architecture and design
an appropriate solution to meet your business objectives
CDW THREAT CHECK (CTC) TEAM
Last yearrsquos malware assessment is already out of date Th e CTC
specialist team scours an organization for all manner of malware
using the latest tools and methods Our dedicated team off ers a
zero-dollar threat check to help you get started
INSIDE SECURITY SOLUTION ARCHITECTS
Security spans from deep within client system platforms to far beyond
the networkrsquos edge CDWrsquos complete spectrum of security solutions
encompasses hundreds of products from over 50 major security
vendors Our inside architects can assist in everything from solution
design to Bill of Materials confi guration
SECURITY DELIVERY ENGINEERS
Our security delivery engineers will work with you to implement
security solutions into your environments while giving you a full
understanding of their functionality through training
DATA LOSS PREVENTION (DLP) SOLUTIONARCHITECT TEAM
Our DLP solution group specializes in pinpointing where data could
be or is slipping from your organizationrsquos control
1
2
3
4
5
6
IBM notes that human factors account for roughly 80 of all data vulnerabilities
Th ese factors break down like so10
6 Vulnerable code
31 Undetermined
6 End-user error
42 Misconfi gured system or application 15 Targeted attack exploited
10 IBMcom ldquo2013 IBM Cyber Security Intelligence Indexrdquo
To Err Is Human
CDWcomsecurity | 8008004239
Senior CDW security experts have the knowledge and resources needed to perform both external and internal assessments on your
IT systems networks and applications Th ey will unearth security exposures and potential vectors through which all manner of threats
can enter and execute future exploits Since the 1990s CDW has conducted more than 1000 security assessments including
bull ExternalPerimeter Testing
bull Internal Assessment
bull Wireless Assessment
bull Application-specifi c Penetration Testing
bull Social Engineering Testing
SECURITY ASSESSMENTS AND VULNERABILITY TESTINGA security solution built to meet your business objectives and fit the way you work starts with a comprehensive
assessment Our testing services start from square one evaluating your IT systems networks and applications
to identify current vulnerabilities and how current threats could exploit them
VULNERABILITY ASSESSMENT mdash Our vulnerability
assessments are designed to help you keep pace with evolving
threats by evaluating current IT systems to determine and categorize
present vulnerabilities that could be exploited by a sophisticated
adversary Our teams will classify and rank vulnerabilities so you
can prioritize risks and take on the most destructive threats fi rst
A thorough assessment provides you with a customized report with
cost-eff ective concise recommendations to tackle specifi c security
problems or threats that may require penetration testing
PENETRATION TESTING mdash If the results of a vulnerability
assessment merit it organizations may gain a clearer view of
their security stance with penetration testing Unlike vulnerability
assessment penetration testing begins at an organizationrsquos network
edge phones and lobby examining everything from password
strength to policy adherence Th e engineerrsquos job is to fi nd at least
one way to perform a breach mdash ldquohacking for goodrdquo mdash in order to test
existing security controls Penetration test results allow CDW experts
to refi ne their recommendations and off er organizations specifi c
strategic plans for optimizing their IT protection
Analyses of external and internal threats will overlap but both must be
examined in the context of vulnerability assessments and penetration testing
OUR SERVICES
10
11 PwC report US Cybercrime Rising Risks Reduced Readiness
NATURE OF CYBERSECURITY INCIDENTS11
For more information about CDWrsquos security
assessment services check out our
overview at CDWcomriskassessment72 external
28 internal
CONFIGURATION SERVICES
Security deployment doesnrsquot have to be disruptive We can
send security engineers onsite to deploy and confi gure security
solutions with or without participation from your IT staff
All solutions receive thorough testing before deployment
concludes to ensure that software assets and the network
remain protected
SECURITY PROFESSIONAL SERVICES
CDWrsquos consultant team works around the clock with
organizations to provide the best security advice services and
expertise available We keep abreast of cutting-edge solutions
and on which threat trends our clients should keep a wary eye
Our mission is to communicate educate and guide you through
the process of implementing a successful security solution
throughout your organization
CDWcomsecurity | 8008004239
SECURITY PROFESSIONAL SERVICES
How long does it take for insidermisuse to be discovered12
Verizonrsquos 2014 Data Breach Investigations Report offers some fascinating insights into the
difference between cybersecurity incidents (63437 total for 2013 from the 50 public and
private global organizations surveyed) and actual breaches (1367) For example crimeware
accounted for 20 of all incidents but only 4 of actual breaches indicating that enterprise
security is doing a decent job of thwarting this particular threat genre On the other hand
web app attacks comprised 6 of all incidents but 35 of all breaches showing an area of
opportunity in enterprise security readiness on this front
These breach weaknesses and disparities are well known among security veterans such
as CDWrsquos security groups We can surgically evaluate each layer of your organizationrsquos
current protection to determine if appropriate hardware software and services are in
place The objective is to make sure that you donrsquot become part of next yearrsquos security
statistics and leave you operating with organization-wide security that is flexible
formidable and scalable
12 Verizon Wireless ldquo2014 Data Breach Investigations Reportrdquo
Specifically across 50 organizations 70 insider incidentstook years to discover Thatrsquos chilling
18 Hours
22 Weeks
2 Years
11 Months
34 Days
OUR SERVICES
CDW ADVANTAGES AND PARTNERS
12
151594
Th e terms and conditions of product sales are limited to those contained on CDWrsquos website at CDWcom notice of objection to and rejection of any additional or diff erent terms in any form delivered by customer is hereby given CDWreg CDWbullGreg and PEOPLE WHO GET ITtrade are trademarks of CDW LLC all other trademarks and registered trademarks are the sole property of their respective owners
To learn more about CDWrsquos security offeringscall 8008004239 contact your account manageror visit CDWcomsecurity
Anyone can say they do security CDW has the pedigree the people and the roster of protected satisfied clients to declare
We do it right We have mastered the discipline of the security process
This is not some empty boast While there are few industry standards concerning how to implement IT security the gold standard
for enterprise security readiness guidelines is the NIST Cybersecurity Framework drafted by the US Commerce Departmentrsquos
National Institute of Standards and Technology in an effort to help organizations identify and enhance their IT security positions
The five key functions outlined in the Framework Core are identification protection detection response and recovery mdash all
elements addressed by CDW in its solutions and services
CDWcomsecurity | 8008004239
CDW has the resources and experience necessary to help remedy any organizationrsquos IT security shortcomings
Many organizations can make this promise but only CDW can deliver
WErsquoVE GOT THE PROOF
AWARDS
bull Highest partner level and highest partner certifications
with most major vendors
bull Average of three ldquoSecurity Partner of the Yearrdquo awards
every year since 2005
bull A dedicated full-time security team since 1998
bull 1500+ security assessments
bull 3500+ firewall designs
bull 150 solution architects and engineers
focused on security
We partner with the most advanced industry leaders in security giving you access to the latest and best
solutions for your needs whether they come from a single vendor or a combination of many
PARTNERS WHO GET IT
The right technology isnrsquot always enough The difference between security and vulnerability
comes down to the right people mdash people who assess deploy and manage that technology
to fit the way you do business
We have the people with the expertise and experience to understand which technologies
address current security concerns From design to implementation and management our
people know how to build a solution that fits your needs and prepares your IT infrastructure
for future threats
OUR SERVICES
BEST-OF-BREED SECURITY SERVICES
SOME OF OUR TOP SECURITY GROUPS
SECURITY ASSESSMENT TEAM
Assessment is the backbone of security planning and ongoing
maintenance Our consulting specialists perform many types
of vendor-neutral assessments such as
bull Penetration testing (ldquowhite hatrdquo hacking)
bull Deep vulnerability scans
bull Internal and mandated policy compliance
bull Forensics and incident response
bull Policy and procedure work
FIELD SECURITY SOLUTION ARCHITECTS
Our fi eld security team members are in-market resources
who can consult on Cisco security architecture and design
an appropriate solution to meet your business objectives
CDW THREAT CHECK (CTC) TEAM
Last yearrsquos malware assessment is already out of date Th e CTC
specialist team scours an organization for all manner of malware
using the latest tools and methods Our dedicated team off ers a
zero-dollar threat check to help you get started
INSIDE SECURITY SOLUTION ARCHITECTS
Security spans from deep within client system platforms to far beyond
the networkrsquos edge CDWrsquos complete spectrum of security solutions
encompasses hundreds of products from over 50 major security
vendors Our inside architects can assist in everything from solution
design to Bill of Materials confi guration
SECURITY DELIVERY ENGINEERS
Our security delivery engineers will work with you to implement
security solutions into your environments while giving you a full
understanding of their functionality through training
DATA LOSS PREVENTION (DLP) SOLUTIONARCHITECT TEAM
Our DLP solution group specializes in pinpointing where data could
be or is slipping from your organizationrsquos control
1
2
3
4
5
6
IBM notes that human factors account for roughly 80 of all data vulnerabilities
Th ese factors break down like so10
6 Vulnerable code
31 Undetermined
6 End-user error
42 Misconfi gured system or application 15 Targeted attack exploited
10 IBMcom ldquo2013 IBM Cyber Security Intelligence Indexrdquo
To Err Is Human
CDWcomsecurity | 8008004239
Senior CDW security experts have the knowledge and resources needed to perform both external and internal assessments on your
IT systems networks and applications Th ey will unearth security exposures and potential vectors through which all manner of threats
can enter and execute future exploits Since the 1990s CDW has conducted more than 1000 security assessments including
bull ExternalPerimeter Testing
bull Internal Assessment
bull Wireless Assessment
bull Application-specifi c Penetration Testing
bull Social Engineering Testing
SECURITY ASSESSMENTS AND VULNERABILITY TESTINGA security solution built to meet your business objectives and fit the way you work starts with a comprehensive
assessment Our testing services start from square one evaluating your IT systems networks and applications
to identify current vulnerabilities and how current threats could exploit them
VULNERABILITY ASSESSMENT mdash Our vulnerability
assessments are designed to help you keep pace with evolving
threats by evaluating current IT systems to determine and categorize
present vulnerabilities that could be exploited by a sophisticated
adversary Our teams will classify and rank vulnerabilities so you
can prioritize risks and take on the most destructive threats fi rst
A thorough assessment provides you with a customized report with
cost-eff ective concise recommendations to tackle specifi c security
problems or threats that may require penetration testing
PENETRATION TESTING mdash If the results of a vulnerability
assessment merit it organizations may gain a clearer view of
their security stance with penetration testing Unlike vulnerability
assessment penetration testing begins at an organizationrsquos network
edge phones and lobby examining everything from password
strength to policy adherence Th e engineerrsquos job is to fi nd at least
one way to perform a breach mdash ldquohacking for goodrdquo mdash in order to test
existing security controls Penetration test results allow CDW experts
to refi ne their recommendations and off er organizations specifi c
strategic plans for optimizing their IT protection
Analyses of external and internal threats will overlap but both must be
examined in the context of vulnerability assessments and penetration testing
OUR SERVICES
10
11 PwC report US Cybercrime Rising Risks Reduced Readiness
NATURE OF CYBERSECURITY INCIDENTS11
For more information about CDWrsquos security
assessment services check out our
overview at CDWcomriskassessment72 external
28 internal
CONFIGURATION SERVICES
Security deployment doesnrsquot have to be disruptive We can
send security engineers onsite to deploy and confi gure security
solutions with or without participation from your IT staff
All solutions receive thorough testing before deployment
concludes to ensure that software assets and the network
remain protected
SECURITY PROFESSIONAL SERVICES
CDWrsquos consultant team works around the clock with
organizations to provide the best security advice services and
expertise available We keep abreast of cutting-edge solutions
and on which threat trends our clients should keep a wary eye
Our mission is to communicate educate and guide you through
the process of implementing a successful security solution
throughout your organization
CDWcomsecurity | 8008004239
SECURITY PROFESSIONAL SERVICES
How long does it take for insidermisuse to be discovered12
Verizonrsquos 2014 Data Breach Investigations Report offers some fascinating insights into the
difference between cybersecurity incidents (63437 total for 2013 from the 50 public and
private global organizations surveyed) and actual breaches (1367) For example crimeware
accounted for 20 of all incidents but only 4 of actual breaches indicating that enterprise
security is doing a decent job of thwarting this particular threat genre On the other hand
web app attacks comprised 6 of all incidents but 35 of all breaches showing an area of
opportunity in enterprise security readiness on this front
These breach weaknesses and disparities are well known among security veterans such
as CDWrsquos security groups We can surgically evaluate each layer of your organizationrsquos
current protection to determine if appropriate hardware software and services are in
place The objective is to make sure that you donrsquot become part of next yearrsquos security
statistics and leave you operating with organization-wide security that is flexible
formidable and scalable
12 Verizon Wireless ldquo2014 Data Breach Investigations Reportrdquo
Specifically across 50 organizations 70 insider incidentstook years to discover Thatrsquos chilling
18 Hours
22 Weeks
2 Years
11 Months
34 Days
OUR SERVICES
CDW ADVANTAGES AND PARTNERS
12
151594
Th e terms and conditions of product sales are limited to those contained on CDWrsquos website at CDWcom notice of objection to and rejection of any additional or diff erent terms in any form delivered by customer is hereby given CDWreg CDWbullGreg and PEOPLE WHO GET ITtrade are trademarks of CDW LLC all other trademarks and registered trademarks are the sole property of their respective owners
To learn more about CDWrsquos security offeringscall 8008004239 contact your account manageror visit CDWcomsecurity
Anyone can say they do security CDW has the pedigree the people and the roster of protected satisfied clients to declare
We do it right We have mastered the discipline of the security process
This is not some empty boast While there are few industry standards concerning how to implement IT security the gold standard
for enterprise security readiness guidelines is the NIST Cybersecurity Framework drafted by the US Commerce Departmentrsquos
National Institute of Standards and Technology in an effort to help organizations identify and enhance their IT security positions
The five key functions outlined in the Framework Core are identification protection detection response and recovery mdash all
elements addressed by CDW in its solutions and services
CDWcomsecurity | 8008004239
CDW has the resources and experience necessary to help remedy any organizationrsquos IT security shortcomings
Many organizations can make this promise but only CDW can deliver
WErsquoVE GOT THE PROOF
AWARDS
bull Highest partner level and highest partner certifications
with most major vendors
bull Average of three ldquoSecurity Partner of the Yearrdquo awards
every year since 2005
bull A dedicated full-time security team since 1998
bull 1500+ security assessments
bull 3500+ firewall designs
bull 150 solution architects and engineers
focused on security
We partner with the most advanced industry leaders in security giving you access to the latest and best
solutions for your needs whether they come from a single vendor or a combination of many
PARTNERS WHO GET IT
Senior CDW security experts have the knowledge and resources needed to perform both external and internal assessments on your
IT systems networks and applications Th ey will unearth security exposures and potential vectors through which all manner of threats
can enter and execute future exploits Since the 1990s CDW has conducted more than 1000 security assessments including
bull ExternalPerimeter Testing
bull Internal Assessment
bull Wireless Assessment
bull Application-specifi c Penetration Testing
bull Social Engineering Testing
SECURITY ASSESSMENTS AND VULNERABILITY TESTINGA security solution built to meet your business objectives and fit the way you work starts with a comprehensive
assessment Our testing services start from square one evaluating your IT systems networks and applications
to identify current vulnerabilities and how current threats could exploit them
VULNERABILITY ASSESSMENT mdash Our vulnerability
assessments are designed to help you keep pace with evolving
threats by evaluating current IT systems to determine and categorize
present vulnerabilities that could be exploited by a sophisticated
adversary Our teams will classify and rank vulnerabilities so you
can prioritize risks and take on the most destructive threats fi rst
A thorough assessment provides you with a customized report with
cost-eff ective concise recommendations to tackle specifi c security
problems or threats that may require penetration testing
PENETRATION TESTING mdash If the results of a vulnerability
assessment merit it organizations may gain a clearer view of
their security stance with penetration testing Unlike vulnerability
assessment penetration testing begins at an organizationrsquos network
edge phones and lobby examining everything from password
strength to policy adherence Th e engineerrsquos job is to fi nd at least
one way to perform a breach mdash ldquohacking for goodrdquo mdash in order to test
existing security controls Penetration test results allow CDW experts
to refi ne their recommendations and off er organizations specifi c
strategic plans for optimizing their IT protection
Analyses of external and internal threats will overlap but both must be
examined in the context of vulnerability assessments and penetration testing
OUR SERVICES
10
11 PwC report US Cybercrime Rising Risks Reduced Readiness
NATURE OF CYBERSECURITY INCIDENTS11
For more information about CDWrsquos security
assessment services check out our
overview at CDWcomriskassessment72 external
28 internal
CONFIGURATION SERVICES
Security deployment doesnrsquot have to be disruptive We can
send security engineers onsite to deploy and confi gure security
solutions with or without participation from your IT staff
All solutions receive thorough testing before deployment
concludes to ensure that software assets and the network
remain protected
SECURITY PROFESSIONAL SERVICES
CDWrsquos consultant team works around the clock with
organizations to provide the best security advice services and
expertise available We keep abreast of cutting-edge solutions
and on which threat trends our clients should keep a wary eye
Our mission is to communicate educate and guide you through
the process of implementing a successful security solution
throughout your organization
CDWcomsecurity | 8008004239
SECURITY PROFESSIONAL SERVICES
How long does it take for insidermisuse to be discovered12
Verizonrsquos 2014 Data Breach Investigations Report offers some fascinating insights into the
difference between cybersecurity incidents (63437 total for 2013 from the 50 public and
private global organizations surveyed) and actual breaches (1367) For example crimeware
accounted for 20 of all incidents but only 4 of actual breaches indicating that enterprise
security is doing a decent job of thwarting this particular threat genre On the other hand
web app attacks comprised 6 of all incidents but 35 of all breaches showing an area of
opportunity in enterprise security readiness on this front
These breach weaknesses and disparities are well known among security veterans such
as CDWrsquos security groups We can surgically evaluate each layer of your organizationrsquos
current protection to determine if appropriate hardware software and services are in
place The objective is to make sure that you donrsquot become part of next yearrsquos security
statistics and leave you operating with organization-wide security that is flexible
formidable and scalable
12 Verizon Wireless ldquo2014 Data Breach Investigations Reportrdquo
Specifically across 50 organizations 70 insider incidentstook years to discover Thatrsquos chilling
18 Hours
22 Weeks
2 Years
11 Months
34 Days
OUR SERVICES
CDW ADVANTAGES AND PARTNERS
12
151594
Th e terms and conditions of product sales are limited to those contained on CDWrsquos website at CDWcom notice of objection to and rejection of any additional or diff erent terms in any form delivered by customer is hereby given CDWreg CDWbullGreg and PEOPLE WHO GET ITtrade are trademarks of CDW LLC all other trademarks and registered trademarks are the sole property of their respective owners
To learn more about CDWrsquos security offeringscall 8008004239 contact your account manageror visit CDWcomsecurity
Anyone can say they do security CDW has the pedigree the people and the roster of protected satisfied clients to declare
We do it right We have mastered the discipline of the security process
This is not some empty boast While there are few industry standards concerning how to implement IT security the gold standard
for enterprise security readiness guidelines is the NIST Cybersecurity Framework drafted by the US Commerce Departmentrsquos
National Institute of Standards and Technology in an effort to help organizations identify and enhance their IT security positions
The five key functions outlined in the Framework Core are identification protection detection response and recovery mdash all
elements addressed by CDW in its solutions and services
CDWcomsecurity | 8008004239
CDW has the resources and experience necessary to help remedy any organizationrsquos IT security shortcomings
Many organizations can make this promise but only CDW can deliver
WErsquoVE GOT THE PROOF
AWARDS
bull Highest partner level and highest partner certifications
with most major vendors
bull Average of three ldquoSecurity Partner of the Yearrdquo awards
every year since 2005
bull A dedicated full-time security team since 1998
bull 1500+ security assessments
bull 3500+ firewall designs
bull 150 solution architects and engineers
focused on security
We partner with the most advanced industry leaders in security giving you access to the latest and best
solutions for your needs whether they come from a single vendor or a combination of many
PARTNERS WHO GET IT
CONFIGURATION SERVICES
Security deployment doesnrsquot have to be disruptive We can
send security engineers onsite to deploy and confi gure security
solutions with or without participation from your IT staff
All solutions receive thorough testing before deployment
concludes to ensure that software assets and the network
remain protected
SECURITY PROFESSIONAL SERVICES
CDWrsquos consultant team works around the clock with
organizations to provide the best security advice services and
expertise available We keep abreast of cutting-edge solutions
and on which threat trends our clients should keep a wary eye
Our mission is to communicate educate and guide you through
the process of implementing a successful security solution
throughout your organization
CDWcomsecurity | 8008004239
SECURITY PROFESSIONAL SERVICES
How long does it take for insidermisuse to be discovered12
Verizonrsquos 2014 Data Breach Investigations Report offers some fascinating insights into the
difference between cybersecurity incidents (63437 total for 2013 from the 50 public and
private global organizations surveyed) and actual breaches (1367) For example crimeware
accounted for 20 of all incidents but only 4 of actual breaches indicating that enterprise
security is doing a decent job of thwarting this particular threat genre On the other hand
web app attacks comprised 6 of all incidents but 35 of all breaches showing an area of
opportunity in enterprise security readiness on this front
These breach weaknesses and disparities are well known among security veterans such
as CDWrsquos security groups We can surgically evaluate each layer of your organizationrsquos
current protection to determine if appropriate hardware software and services are in
place The objective is to make sure that you donrsquot become part of next yearrsquos security
statistics and leave you operating with organization-wide security that is flexible
formidable and scalable
12 Verizon Wireless ldquo2014 Data Breach Investigations Reportrdquo
Specifically across 50 organizations 70 insider incidentstook years to discover Thatrsquos chilling
18 Hours
22 Weeks
2 Years
11 Months
34 Days
OUR SERVICES
CDW ADVANTAGES AND PARTNERS
12
151594
Th e terms and conditions of product sales are limited to those contained on CDWrsquos website at CDWcom notice of objection to and rejection of any additional or diff erent terms in any form delivered by customer is hereby given CDWreg CDWbullGreg and PEOPLE WHO GET ITtrade are trademarks of CDW LLC all other trademarks and registered trademarks are the sole property of their respective owners
To learn more about CDWrsquos security offeringscall 8008004239 contact your account manageror visit CDWcomsecurity
Anyone can say they do security CDW has the pedigree the people and the roster of protected satisfied clients to declare
We do it right We have mastered the discipline of the security process
This is not some empty boast While there are few industry standards concerning how to implement IT security the gold standard
for enterprise security readiness guidelines is the NIST Cybersecurity Framework drafted by the US Commerce Departmentrsquos
National Institute of Standards and Technology in an effort to help organizations identify and enhance their IT security positions
The five key functions outlined in the Framework Core are identification protection detection response and recovery mdash all
elements addressed by CDW in its solutions and services
CDWcomsecurity | 8008004239
CDW has the resources and experience necessary to help remedy any organizationrsquos IT security shortcomings
Many organizations can make this promise but only CDW can deliver
WErsquoVE GOT THE PROOF
AWARDS
bull Highest partner level and highest partner certifications
with most major vendors
bull Average of three ldquoSecurity Partner of the Yearrdquo awards
every year since 2005
bull A dedicated full-time security team since 1998
bull 1500+ security assessments
bull 3500+ firewall designs
bull 150 solution architects and engineers
focused on security
We partner with the most advanced industry leaders in security giving you access to the latest and best
solutions for your needs whether they come from a single vendor or a combination of many
PARTNERS WHO GET IT
CDW ADVANTAGES AND PARTNERS
12
151594
Th e terms and conditions of product sales are limited to those contained on CDWrsquos website at CDWcom notice of objection to and rejection of any additional or diff erent terms in any form delivered by customer is hereby given CDWreg CDWbullGreg and PEOPLE WHO GET ITtrade are trademarks of CDW LLC all other trademarks and registered trademarks are the sole property of their respective owners
To learn more about CDWrsquos security offeringscall 8008004239 contact your account manageror visit CDWcomsecurity
Anyone can say they do security CDW has the pedigree the people and the roster of protected satisfied clients to declare
We do it right We have mastered the discipline of the security process
This is not some empty boast While there are few industry standards concerning how to implement IT security the gold standard
for enterprise security readiness guidelines is the NIST Cybersecurity Framework drafted by the US Commerce Departmentrsquos
National Institute of Standards and Technology in an effort to help organizations identify and enhance their IT security positions
The five key functions outlined in the Framework Core are identification protection detection response and recovery mdash all
elements addressed by CDW in its solutions and services
CDWcomsecurity | 8008004239
CDW has the resources and experience necessary to help remedy any organizationrsquos IT security shortcomings
Many organizations can make this promise but only CDW can deliver
WErsquoVE GOT THE PROOF
AWARDS
bull Highest partner level and highest partner certifications
with most major vendors
bull Average of three ldquoSecurity Partner of the Yearrdquo awards
every year since 2005
bull A dedicated full-time security team since 1998
bull 1500+ security assessments
bull 3500+ firewall designs
bull 150 solution architects and engineers
focused on security
We partner with the most advanced industry leaders in security giving you access to the latest and best
solutions for your needs whether they come from a single vendor or a combination of many
PARTNERS WHO GET IT