Security RSA Security Systems

7/30/2019 Security RSA Security Systems

1/25

Information Security

Pradeep Jain

RSA, The Security Division of EMC.


2/25

2

Agenda

Observations of information security

Why is information so difficult to secure?A risk-based approach to information security

3 Use Cases


3/25

3

Todays Security Challenges

Information Security is perceived

as a mission inhibitor,not a mission accelerator

Need a holistic approach to make security more

effective and align it with the agencys mission

IT SecurityIT Security

ineffectivenot protecting whats important

resource-constrained

costlytoo many security products

too many security procedures

inhibiting compliancetoo many controls

manual, complicated, labor-intensive

Agency InitiativesAgency Initiatives


4/25

4

IT Security Landscape

Todays Problems

Sophisticated emerging threats

Cyber espionage Cyber warfare

Terrorism

Pandemics

Data explosion Structure, Unstructured Voice, Video

Metadata

Complex infrastructure Many access points

Information silos

Technologies built in a globalsupply chain

Multiple changing regulations

Combating these challenges

Understand the threatlandscape

Understand the infrastructure Know the boundaries

Know the devices Know the information

Know the users

Know what users are doingwith the information


5/25

5

Federal Government Security Breaches

2005 U.S. Dept. of JusticeStolen lop containing sensitive law

enforcement information

Impact: 80,000 identities

compromised

Stolen, unencrypted media

2006: U.S. Dept. of

Veterans Affairs

Laptop and hard drivecontaining sensitive

personally identifiable

information stolen from an

employees home

Impact: 25.6 Million

identities compromised

Lost, unencrypted media2006 U.S. Dept of Defense

Hacker accessed a Tricare Management Activity (TMA)

public server containing personal information on military

employees.Impact: Unknown

System Vulnerability

2006: U.S. Dept. of Agriculture

Inadvertent exposure of Social Security numbers and tax

identification numbers during a Freedom of Information Act request

Impact: 350,000 numbers compromised

Unintentional distribution


6/25

6

Why is protecting information so difficult?because sensitive information is always moving and transforming

File Server

EndpointEndpoint Apps/Apps/DBsDBs StorageStorageFilesFilesNetworkNetwork

Production Data

Data warehouse

DR

Staging

Global Locations

Other Federal Agencies

Supply Chain Partners

Remote Employees

WAN

WAN

WWW

VPN

Disk storage

Back updisk

Back uptape

Development Contractors

Enterprise email

Government Analytics

Agency Portal


7/25

7

Why is protecting information so difficult?and every movement & transformation has unique risks

NetworkNetwork

Media TheftMedia TheftDevice TheftDevice Theft

FraudFraud

InterceptIntercept

File Server

EndpointEndpoint ApplicationsApplications StorageStorageFilesFiles

Production Data

Data warehouse

DR

Staging

Global locations

Other Federal Agencies

WAN

WAN

WWW

VPN

Disk storage

Back updisk

Back uptape

Development Contractors

Enterprise email

Government Analytics

Agency portal

Media LossMedia Loss

Unauthorized

Access

Unauthorized

Access

DOSDOS

CorruptionCorruption

UnavailabilityUnavailability

EavesdroppingEavesdropping

Data TheftData Theft

Remote Employees

WW Partners

Data LossData Loss

Device LossDevice Loss

Unintentional

Distribution

Unintentional

Distribution

Unauthorized

Access

Unauthorized

Access

Unauthorized

Activity

Unauthorized

Activity

Unauthorized

Activity

Unauthorized

Activity

Cyber EspionageCyber Espionage


8/25

8 NetworkNetwork

Risk Prioritizes Investment

EndpointEndpoint ApplicationsApplications StorageStorageFiles / CMSFiles / CMS

Personally Identifiable Information Social Security Numbers Controlled Unclassified Information

Sensitive Security Information

Top Secret

Employee InformationClassified Information

National Security ComplianceCost Reduction Continuity of OperationsProtect Citizens

Sensitive InformationSensitive Information

RiskRisk

Security IncidentsSecurity IncidentsWhat bad things

can happen?

Where does it go?

What

information is

important?What risks are we willing to accept?

What risks do we need toprotect against?

Secret

What

information is

important?


9/25

9

Information Risk Management FrameworkThe Process

Define Policy

Describe how sensitive information

should be protectedData, People, Infrastructure

Discover and Classify

Discover all sources of sensitiveinformation across the infrastructure

Enforce Controls

Establish a control framework andimplement appropriate controls toenforce the policy

Data Controls

Access Controls

Report and Audit

Audit the environment to ensure anddocument compliance with policy

PolicyPolicy


10/25

10

Comprehensive National Cybersecurity

Initiative (CNCI)

Twelve step plan to securegovernment cyber networks

Multiple agencies Multi-year time frame

Presidents largest request for funds

in FY 2009 intelligence budgetObjectives Secure government IT systems from

intruders

Prepare for future threats

Increase situational awareness in thecyber world


11/25

11

Case: Infrastructure Security Awareness

Business Drivers:

Decrease time to identifythreats/ vulnerabilities

Improve response time toaddress threats/ vulnerabilities

Comply with secure

configuration policies

Agency Profile: US Defense Department Contractor

Serves all military branches, NHS, DHS

Supports global geographic command centers

Endpoint Network Application / DB File Server / CMS Storage

Potential Security Incidents:

Unauthorized access to networks,file servers and storage

Data corruption

Unauthorized changes toconfigurations


12/25

12

SolutionCase: Infrastructure Security Awareness


Better visibility into infrastructure increasedresponsiveness to security incidents

Decreased hours spent on log managementand auditing activities

Enforced secure configurations and changes

Simplified compliance reporting

Agency Profile: US Defense Department Contractor

Serves all military branches, NHS, DHS

Supports global geographic command centers

RSA enVision &

EMC Voyence,

EMC Smarts

Monitor security events

and IT infrastructure;

Automate configuration

and change mgmt


13/25

13

Secure Information Sharing

Information Sharing Requires:

Authentication based ongenuine users roles and

context

Protection from unauthorized

access and activity associated

with sensitive information

Ease of use for users to

leverage the value ofinformation


14/25

14

Case: Information Sharing Initiative - Portal

Business Drivers: Enable inter-agency data exchange

Ensure access to legitimate users

Deny access to unauthorized users

Enhance ease of use

Reduce cost through portal services

Agency Profile:

Provider of civilian services

Multi-billion dollar budget

>200,000 employees



Fraud

Unauthorized access

Data corruption

Leak of sensitive information


15/25

15

SolutionCase: Information Sharing Initiative - Portal

Agency Profile:

Provider of civilian services

Multi-billion dollar budget

>200,000 employees


Reduced Fraud: Risk-based multi-factor

authentication ensures only genuine authorized

users have access

Improved Efficiency: Single sign-on enables

trusted identities to seamlessly reach across

agency boundaries

Cost Reduction: Saved time and money on

password administration

RSA Adaptive

Authentication,

RSA Access

Manager, RSA

ID Federation


16/25

16

Automate discovery of unprotectedsensitive data

Scan systems to find sensitive data Map flow of sensitive data within the

infrastructure

Attach classification level to data

Create a policy that clearly defines howinformation risk will be addressed

Implement tools that support the policy

Encrypt sensitive data User privileges (read/edit/copy/print)

Discover and Protect Sensitive Data


17/25

17

Case 3: Protect Sensitive Data

Business Drivers:

Compliance with federal dataprotection policies

Complete understanding ofwhat data they store and use

Maintain solid reputation

Agency Profile:

Defense industrial contractor

Serves intelligence community and military

Stores and uses intellectual property and classified information



Unintentional distribution ofsensitive agency information

Loss or theft of device withsensitive information

Non-compliance


18/25

18

SolutionCase 3: Protect Sensitive Data

Agency Profile:

Defense industrial contractor

Serves intelligence community and military

Stores and uses intellectual property and classified information


Quickly and accurately locate sensitive contentacross laptops, desktops and file servers andstorage.

Ensure that sensitive information is encrypted Centralize and streamline encryption key

management

Apply policy-driven access rights tounstructured content

Risk Advisor

Service, Data Loss

Prevention Suite,RSA Encryption &

Key Mgmt, EMC

Info Rights Mgmt


19/25


20/25

20

Thank you!


21/25

21

Backup Slides


22/25

22

Information Security Core Principles

Confidentiality Preventing unauthorized disclosure ofinformation

Integrity Preventing unauthorized modification ofinformation

Availability Ensure availability of information for

authorized user at all times


23/25

23

Security Trivia #1


24/25

24

Security Trivia #2


25/25

25

Security Trivia #3

Documents

Security RSA Security Systems