Upload
ekalavya-attada
View
223
Download
0
Embed Size (px)
Citation preview
7/30/2019 Security RSA Security Systems
1/25
Information Security
Pradeep Jain
RSA, The Security Division of EMC.
7/30/2019 Security RSA Security Systems
2/25
2
Agenda
Observations of information security
Why is information so difficult to secure?A risk-based approach to information security
3 Use Cases
7/30/2019 Security RSA Security Systems
3/25
3
Todays Security Challenges
Information Security is perceived
as a mission inhibitor,not a mission accelerator
Need a holistic approach to make security more
effective and align it with the agencys mission
IT SecurityIT Security
ineffectivenot protecting whats important
resource-constrained
costlytoo many security products
too many security procedures
inhibiting compliancetoo many controls
manual, complicated, labor-intensive
Agency InitiativesAgency Initiatives
7/30/2019 Security RSA Security Systems
4/25
4
IT Security Landscape
Todays Problems
Sophisticated emerging threats
Cyber espionage Cyber warfare
Terrorism
Pandemics
Data explosion Structure, Unstructured Voice, Video
Metadata
Complex infrastructure Many access points
Information silos
Technologies built in a globalsupply chain
Multiple changing regulations
Combating these challenges
Understand the threatlandscape
Understand the infrastructure Know the boundaries
Know the devices Know the information
Know the users
Know what users are doingwith the information
7/30/2019 Security RSA Security Systems
5/25
5
Federal Government Security Breaches
2005 U.S. Dept. of JusticeStolen lop containing sensitive law
enforcement information
Impact: 80,000 identities
compromised
Stolen, unencrypted media
2006: U.S. Dept. of
Veterans Affairs
Laptop and hard drivecontaining sensitive
personally identifiable
information stolen from an
employees home
Impact: 25.6 Million
identities compromised
Lost, unencrypted media2006 U.S. Dept of Defense
Hacker accessed a Tricare Management Activity (TMA)
public server containing personal information on military
employees.Impact: Unknown
System Vulnerability
2006: U.S. Dept. of Agriculture
Inadvertent exposure of Social Security numbers and tax
identification numbers during a Freedom of Information Act request
Impact: 350,000 numbers compromised
Unintentional distribution
7/30/2019 Security RSA Security Systems
6/25
6
Why is protecting information so difficult?because sensitive information is always moving and transforming
File Server
EndpointEndpoint Apps/Apps/DBsDBs StorageStorageFilesFilesNetworkNetwork
Production Data
Data warehouse
DR
Staging
Global Locations
Other Federal Agencies
Supply Chain Partners
Remote Employees
WAN
WAN
WWW
VPN
Disk storage
Back updisk
Back uptape
Development Contractors
Enterprise email
Government Analytics
Agency Portal
7/30/2019 Security RSA Security Systems
7/25
7
Why is protecting information so difficult?and every movement & transformation has unique risks
NetworkNetwork
Media TheftMedia TheftDevice TheftDevice Theft
FraudFraud
InterceptIntercept
File Server
EndpointEndpoint ApplicationsApplications StorageStorageFilesFiles
Production Data
Data warehouse
DR
Staging
Global locations
Other Federal Agencies
WAN
WAN
WWW
VPN
Disk storage
Back updisk
Back uptape
Development Contractors
Enterprise email
Government Analytics
Agency portal
Media LossMedia Loss
Unauthorized
Access
Unauthorized
Access
DOSDOS
CorruptionCorruption
UnavailabilityUnavailability
EavesdroppingEavesdropping
Data TheftData Theft
Remote Employees
WW Partners
Data LossData Loss
Device LossDevice Loss
Unintentional
Distribution
Unintentional
Distribution
Unauthorized
Access
Unauthorized
Access
Unauthorized
Activity
Unauthorized
Activity
Unauthorized
Activity
Unauthorized
Activity
Cyber EspionageCyber Espionage
7/30/2019 Security RSA Security Systems
8/25
8 NetworkNetwork
Risk Prioritizes Investment
EndpointEndpoint ApplicationsApplications StorageStorageFiles / CMSFiles / CMS
Personally Identifiable Information Social Security Numbers Controlled Unclassified Information
Sensitive Security Information
Top Secret
Employee InformationClassified Information
National Security ComplianceCost Reduction Continuity of OperationsProtect Citizens
Sensitive InformationSensitive Information
RiskRisk
Security IncidentsSecurity IncidentsWhat bad things
can happen?
Where does it go?
What
information is
important?What risks are we willing to accept?
What risks do we need toprotect against?
Secret
What
information is
important?
7/30/2019 Security RSA Security Systems
9/25
9
Information Risk Management FrameworkThe Process
Define Policy
Describe how sensitive information
should be protectedData, People, Infrastructure
Discover and Classify
Discover all sources of sensitiveinformation across the infrastructure
Enforce Controls
Establish a control framework andimplement appropriate controls toenforce the policy
Data Controls
Access Controls
Report and Audit
Audit the environment to ensure anddocument compliance with policy
PolicyPolicy
7/30/2019 Security RSA Security Systems
10/25
10
Comprehensive National Cybersecurity
Initiative (CNCI)
Twelve step plan to securegovernment cyber networks
Multiple agencies Multi-year time frame
Presidents largest request for funds
in FY 2009 intelligence budgetObjectives Secure government IT systems from
intruders
Prepare for future threats
Increase situational awareness in thecyber world
7/30/2019 Security RSA Security Systems
11/25
11
Case: Infrastructure Security Awareness
Business Drivers:
Decrease time to identifythreats/ vulnerabilities
Improve response time toaddress threats/ vulnerabilities
Comply with secure
configuration policies
Agency Profile: US Defense Department Contractor
Serves all military branches, NHS, DHS
Supports global geographic command centers
Endpoint Network Application / DB File Server / CMS Storage
Potential Security Incidents:
Unauthorized access to networks,file servers and storage
Data corruption
Unauthorized changes toconfigurations
7/30/2019 Security RSA Security Systems
12/25
12
SolutionCase: Infrastructure Security Awareness
Endpoint Network Application / DB File Server / CMS Storage
Better visibility into infrastructure increasedresponsiveness to security incidents
Decreased hours spent on log managementand auditing activities
Enforced secure configurations and changes
Simplified compliance reporting
Agency Profile: US Defense Department Contractor
Serves all military branches, NHS, DHS
Supports global geographic command centers
RSA enVision &
EMC Voyence,
EMC Smarts
Monitor security events
and IT infrastructure;
Automate configuration
and change mgmt
7/30/2019 Security RSA Security Systems
13/25
13
Secure Information Sharing
Information Sharing Requires:
Authentication based ongenuine users roles and
context
Protection from unauthorized
access and activity associated
with sensitive information
Ease of use for users to
leverage the value ofinformation
7/30/2019 Security RSA Security Systems
14/25
14
Case: Information Sharing Initiative - Portal
Business Drivers: Enable inter-agency data exchange
Ensure access to legitimate users
Deny access to unauthorized users
Enhance ease of use
Reduce cost through portal services
Agency Profile:
Provider of civilian services
Multi-billion dollar budget
>200,000 employees
Endpoint Network Application / DB File Server / CMS Storage
Potential Security Incidents:
Fraud
Unauthorized access
Data corruption
Leak of sensitive information
7/30/2019 Security RSA Security Systems
15/25
15
SolutionCase: Information Sharing Initiative - Portal
Agency Profile:
Provider of civilian services
Multi-billion dollar budget
>200,000 employees
Endpoint Network Application / DB File Server / CMS Storage
Reduced Fraud: Risk-based multi-factor
authentication ensures only genuine authorized
users have access
Improved Efficiency: Single sign-on enables
trusted identities to seamlessly reach across
agency boundaries
Cost Reduction: Saved time and money on
password administration
RSA Adaptive
Authentication,
RSA Access
Manager, RSA
ID Federation
7/30/2019 Security RSA Security Systems
16/25
16
Automate discovery of unprotectedsensitive data
Scan systems to find sensitive data Map flow of sensitive data within the
infrastructure
Attach classification level to data
Create a policy that clearly defines howinformation risk will be addressed
Implement tools that support the policy
Encrypt sensitive data User privileges (read/edit/copy/print)
Discover and Protect Sensitive Data
7/30/2019 Security RSA Security Systems
17/25
17
Case 3: Protect Sensitive Data
Business Drivers:
Compliance with federal dataprotection policies
Complete understanding ofwhat data they store and use
Maintain solid reputation
Agency Profile:
Defense industrial contractor
Serves intelligence community and military
Stores and uses intellectual property and classified information
Endpoint Network Application / DB File Server / CMS Storage
Potential Security Incidents:
Unintentional distribution ofsensitive agency information
Loss or theft of device withsensitive information
Non-compliance
7/30/2019 Security RSA Security Systems
18/25
18
SolutionCase 3: Protect Sensitive Data
Agency Profile:
Defense industrial contractor
Serves intelligence community and military
Stores and uses intellectual property and classified information
Endpoint Network Application / DB File Server / CMS Storage
Quickly and accurately locate sensitive contentacross laptops, desktops and file servers andstorage.
Ensure that sensitive information is encrypted Centralize and streamline encryption key
management
Apply policy-driven access rights tounstructured content
Risk Advisor
Service, Data Loss
Prevention Suite,RSA Encryption &
Key Mgmt, EMC
Info Rights Mgmt
7/30/2019 Security RSA Security Systems
19/25
7/30/2019 Security RSA Security Systems
20/25
20
Thank you!
7/30/2019 Security RSA Security Systems
21/25
21
Backup Slides
7/30/2019 Security RSA Security Systems
22/25
22
Information Security Core Principles
Confidentiality Preventing unauthorized disclosure ofinformation
Integrity Preventing unauthorized modification ofinformation
Availability Ensure availability of information for
authorized user at all times
7/30/2019 Security RSA Security Systems
23/25
23
Security Trivia #1
7/30/2019 Security RSA Security Systems
24/25
24
Security Trivia #2
7/30/2019 Security RSA Security Systems
25/25
25
Security Trivia #3