Upload
guest0e7119
View
965
Download
1
Tags:
Embed Size (px)
DESCRIPTION
Understanding SaaS Concepts with isheriff
Citation preview
www.www.isheriffisheriff.com.com sales@[email protected]
UnderstandingUnderstanding SaaS Concepts SaaS Concepts
Web 2.0 Security in 2010Web 2.0 Security in 2010
Email & Web 2.0 Security Today
The Web browser has become a universal client for the workplace:
– Customer Services and CRM (e.g. Salesforce.com)– File Sharing (e.g. P2P)– Streaming and Social Media (e.g. YouTube, Flickr) – VoIP (e.g. Skype)– Webmail– Social Networking and Micro Blogging (e.g.
MySpace, Twitter, Facebook, LinkedIn)
Email & Web 2.0 Security TodayThe Web increasingly provides critical workplace resources and communication, but security is increasingly complex and threats are more insidious:
– In 2009 over 80% of all SMTP email was spam• 5-6 botnets control 90% of all spam in circulation• Over 200 billion spam emails per day
– Microsoft estimates 30% of home PCs and 4% of network PCs have been infected by a botnet• Botnet infections occur primarily through “blended email threats”, search engine poisoning and
visiting infected websites • Drive-by vulnerability exploits, malicious scripts and social engineering are the tools of
professional hackers and malware writers – a rapidly developing profession– Corporate and private data are key targets but ultimately profit drives the criminals
• Phishing emails targeting your online finances• Keylogger spyware to learn your passwords and account numbers• Malicious AV programs (AKA scareware) pressure users to pay for useless services• Encryption malware locks important data and ransoms it back to victims• 37% and 17% of all data leakage incidents occur via the Web and email respectively
– Network World• 80% of malware infected websites are legitimate
– SC Magazine
The State of Web 2.0 SecurityTraditional Web Security measures aren’t working:
– Signature-based anti-virus on its own is ineffective against the latest adaptive malware and rootkits
– Traditional URL Filtering fails to address rapidly changing website status and security breaches
– Signature-based anti-spam fails to look for malicious URLs and is vulnerable to blended email threats
On any day the News Headlines are evidence of this:
“Top Search Results Riddled with Malware”
“Facebook user profiles hacked, Wall feature relaying
spam”
“Twitter accounts compromised in torrent site
scam”
“Criminals exploiting flood of leaked personal data”
– SC Magazine, Feb 2010
The iSheriff SolutioniSheriffSaaS
iSheriff SaaS provides your organization with:
• Anti-spam filtering
• Anti-virus and malware protection for Web and
• Real-time Web 2.0 security
• Data Leakage Prevention for Web and Email
• Website filtering and category access
management
• Website malware protection
• Acceptable use policy enforcement
• Email archiving and secure email encryption
services
• Reporting services for email and Web security
Snapshot
Applying iSheriff to your daily Internet use
Twitter / MySpace / Facebook
Twitter / MySpace / Facebook
ALERT!The requested URL has been blocked by iSheriff
URL: http://newsnet6.com/moniesAction: BlockedReason: Security Risk
More >>The website you requested was prevented from loading by iSheriff Web Security services as it is considered to be a security compliance risk. If you believe that this is an error or require urgent access to this website, please advise your Network Administrator.
ALERT!The requested URL has been blocked by iSheriff
URL: http://newsnet6.com/moniesAction: BlockedReason: Security Risk
More >>The website you requested was prevented from loading by iSheriff Web Security services as it is considered to be a security compliance risk. If you believe that this is an error or require urgent access to this website, please advise your Network Administrator.
Twitter / MySpace / Facebook• Sites like Twitter, MySpace
and Facebook are increasingly popular and many employers feel pressure to enable access to these sites during office hours
• Spam and malicious links obfuscated via URL shortening services are common to these sites– E.g. http://tinyurl.com/abc123
• Security on sites such as Twitter is a minefield
• A users’ guard is lower on social sites as communications normally only take place between known contacts
• Hackers utilize compromised accounts to distribute malware with anonymity
• iSheriff protects users while they surf these sites and prevents accidental exposure to malware and other threats
YouTube / Streaming Media
YouTube / Streaming Media
Access to youtube.com is controlled by iSheriff
URL: http://youtube.comAction: Time Quota Restriction – 30 minutes (daily)Category: Social Media
TIME REMAINING:29 minutes
More >>Access to the website you requested is controlled by iSheriff Web Security in compliance with your employer’s Internet access policies. If you believe that this is an error or require urgent access to this website, please advise your Network Administrator.
OK
Access to youtube.com is controlled by iSheriff
URL: http://youtube.comAction: Time Quota Restriction – 30 minutes (daily)Category: Social Media
TIME REMAINING:29 minutes
More >>Access to the website you requested is controlled by iSheriff Web Security in compliance with your employer’s Internet access policies. If you believe that this is an error or require urgent access to this website, please advise your Network Administrator.
OK
YouTube / Streaming Media• YouTube and Flash Video
typically accounts for 75%-90% of an organization’s bandwidth
• YouTube is a key target for hackers and spammers to promote malicious URLs
• iSheriff can apply access restrictions to YouTube, including:– Restricting access to non-
work hours– Limiting time or
bandwidth spent on site with personalized daily or weekly quotas
– Prohibiting access for specific users
• iSheriff can also protect against users clicking on a malicious link promoted via YouTube
Sports / News / Entertainment
Sports / News / Entertainment
Access to news.bbc.co.uk/sport is controlled by iSheriff
URL: http://news.bbc.co.uk/sportAction: Time Access Restriction – Out of Office HoursCategory: Sports
Restricted Hours:09:00 – 12:00 / 13:00 – 16:30 hrs / Mon - Fri
More >>Access to the website you requested is controlled by iSheriff Web Security in compliance with your employer’s Internet access policies. If you believe that this is an error or require urgent access to this website, please advise your Network Administrator.
OK
Access to news.bbc.co.uk/sport is controlled by iSheriff
URL: http://news.bbc.co.uk/sportAction: Time Access Restriction – Out of Office HoursCategory: Sports
Restricted Hours:09:00 – 12:00 / 13:00 – 16:30 hrs / Mon - Fri
More >>Access to the website you requested is controlled by iSheriff Web Security in compliance with your employer’s Internet access policies. If you believe that this is an error or require urgent access to this website, please advise your Network Administrator.
OK
Sports / News / Entertainment• Sports and Entertainment
sites can be a serious drain on productivity
• Many employers permit reasonable levels of personal web use but don’t monitor for abuse
• A typical organization can expect to find 10%-15% of all their Web activity is spent on news, sports and entertainment sites
• iSheriff can apply access restrictions to Sports or Entertainment sites, including:– Restricting access to non-
work hours– Limiting time or
bandwidth spent on site with personalized daily or weekly quotas
– Prohibiting access for specific users
– Monitor and report on sports site activity
Anonymous Proxy
Anonymous Proxy
ALERT!The requested URL has been blocked by iSheriff
URL: http://youhide.comAction: BlockedReason: Anonymous Proxy
More >>The website you requested was prevented from loading by iSheriff Web Security services as it is considered to be a security compliance risk. If you believe that this is an error or require urgent access to this website, please advise your Network Administrator.
ALERT!The requested URL has been blocked by iSheriff
URL: http://youhide.comAction: BlockedReason: Anonymous Proxy
More >>The website you requested was prevented from loading by iSheriff Web Security services as it is considered to be a security compliance risk. If you believe that this is an error or require urgent access to this website, please advise your Network Administrator.
Anonymous Proxy • Anonymous proxy
servers represent a significant security risk to your organization
• They are used by users who wish to specifically hide their web activity and circumvent Web security policies
• Education institutions typically have a large number of users attempting to access anonymous proxies
• Users may try to access prohibited content or could potentially be unprotected from downloading malware
• iSheriff prevents access to anonymous proxy sites
Webmail
Webmail
ALERT!An attempted file upload has been blocked by iSheriff
File: Customer List (Copy).xlsxAction: BlockedReason: Restricted File
More >>An attempted file upload has been prevented by iSheriff Web Security services. Unauthorized attempts to transmit this file are prohibited by your employer’s data security policy. This activity has been logged. If you believe that this is an error and need to transmit this file, please advise your Network Administrator.
ALERT!An attempted file upload has been blocked by iSheriff
File: Customer List (Copy).xlsxAction: BlockedReason: Restricted File
More >>An attempted file upload has been prevented by iSheriff Web Security services. Unauthorized attempts to transmit this file are prohibited by your employer’s data security policy. This activity has been logged. If you believe that this is an error and need to transmit this file, please advise your Network Administrator.
Webmail• Webmail sites such as
Hotmail and Gmail can be a data leakage risk for your organization
• Unmonitored access to these sites opens your organization to insider threats
• Critical data or files can be easily leaked, even unintentionally
• iSheriff can manage user’s access to Webmail sites and control the transmission of sensitive text or files
Spam
Spam
Your Blocked Spam [email protected]
Spam messages blocked for you today:
87 / 105 (83% spam)
The emails listed here have been quarantined as spam and will be deleted after 5 days.
From Date [email protected] Today Give her a nice surprise Release | [email protected] Today Enlarge your member today Release | [email protected] Today Designer Watch SaleRelease | [email protected] Today You want a mortgage?Release | [email protected] Today Prescription Pills deliveredRelease | Delete
Showing messages 1 to 5 out of 87 | Next
Your Blocked Spam [email protected]
Spam messages blocked for you today:
87 / 105 (83% spam)
The emails listed here have been quarantined as spam and will be deleted after 5 days.
From Date [email protected] Today Give her a nice surprise Release | [email protected] Today Enlarge your member today Release | [email protected] Today Designer Watch SaleRelease | [email protected] Today You want a mortgage?Release | [email protected] Today Prescription Pills deliveredRelease | Delete
Showing messages 1 to 5 out of 87 | Next
Spam• For a typical
organization, spam constitutes 80%-90% of incoming email
• Spam is a security risk and consumes valuable resources and productivity
• iSheriff Email Security provides extensive anti-spam services– Filters spam in the cloud,
providing your organization with a clean email connection
– Provides extensive reporting so you can measure anti-spam results
– Enables end users to view and manage their quarantined messages as well as personalized spam reports
Blended Threats
Blended Threats
An email addressed to you has been blocked by [email protected]
From: [email protected]: [email protected]: MySpace account updateSent: Wed 2:02pmAction: QuarantinedReason: Security Risk
More >>An email addressed to you had been quarantined by iSheriff Email Security services as it is considered a security compliance risk.
If you believe that this is an error and require the message, please advise your Network Administrator within 7 days before the message is permanently deleted.
An email addressed to you has been blocked by [email protected]
From: [email protected]: [email protected]: MySpace account updateSent: Wed 2:02pmAction: QuarantinedReason: Security Risk
More >>An email addressed to you had been quarantined by iSheriff Email Security services as it is considered a security compliance risk.
If you believe that this is an error and require the message, please advise your Network Administrator within 7 days before the message is permanently deleted.
Blended Threats• Blended Threats are email
messages that contain links to malicious Websites
• They employ social engineering and multiple exploits or attempts to install malware on your PC
• This example purports to be from MySpace and is intended to lure the recipient to a malicious website under this pretence– Note the URL– myspace.yyyyiuk.org.uk
• Microsoft estimates that blended threats have resulted in malware infections on 30% of consumer PC’s and 4% of corporate PC’s in 2009
• iSheriff protects against blended threats in multiple ways– Blended threats are unsolicited
messages and most are caught with iSheriff anti-spam filtering
– Messages are analysed in real-time; messages with suspicious URLs are quarantined
– Web Security services prevent users accessing a malicious site even in the unlikely event that a blended email threat makes it to their inbox
Malware / Virus
Malware / Virus
Virus AlertDownload of the file codecinst.exe has been blocked by
iSheriff
File: codecinst.exeAction: BlockedReason: Virus Detected
More >>The file you requested was prevented from downloading by iSheriff Web Security services as a virus was detected. If you believe that this is an error or require urgent access to this file, please advise your Network Administrator.
Virus AlertDownload of the file codecinst.exe has been blocked by
iSheriff
File: codecinst.exeAction: BlockedReason: Virus Detected
More >>The file you requested was prevented from downloading by iSheriff Web Security services as a virus was detected. If you believe that this is an error or require urgent access to this file, please advise your Network Administrator.
Malware / Virus• iSheriff email and Web security
services both provide extensive anti-virus protection against even the latest malware
• Email and file uploads/downloads are analyzed in real-time and scanned with multiple anti-malware technologies– Leading protection from Sophos Anti-
Virus employs signature-based protection for rapid identification of known malware and analysis of potentially unwanted applications
– Dynamic data modelling identifies new threat outbreaks and anomalous content by monitoring email and Web traffic across numerous domains
www.www.isheriffisheriff.com.com sales@[email protected]
Thank you Thank you for your time!for your time!
For more informationFor more informationPlease visit us on the Web or send us an emailPlease visit us on the Web or send us an email