Digitala Era 2017 - DSS.LV - Andris Soroka - Personas datu regulas tehnoloģis...
HTLV - DSS @Vilnius 2010
1. The trends in
IT Security
innovations
Arturs Filatovs
Value Added Distribution
headtechnology Baltics SIA
Latvia, Lithuania and Estonia
www.headtechnology.com
3. Operations in The Baltic States
Business Gateway Security Host Security Network Security
Value Added
Distribution
Marketing
& Sales
assistance
Technical &
Integration
Support
Trainings
Certification
Business
Network
Managed Services & Support
www.headtechnology.com
4. 2nd of December, Vilnius, Lithuania
The trends in IT Security
innovations
www.headtechnology.com
5. Security and time
Mobility is raising, productivity is decreasing security
Problems with InfoSEC – were, are, WILL BE more
Early 90’s Year 2000 Year 2011
• DOS applications • Complex aplications • ?
• Passwords • Mobility + Productivity
• Physical access • Passwords
• Physical access
www.headtechnology.com
6. Besides technology – problems with security
Top 10 Security problems in enterpise
1. Yelow Posters
2. We know better than you
3. Leaving the machine on
4. Opening e-mail attachments
5. Poor password selection
6. Loose lips sink ships
7. Laptops have legs
8. Poorly enforced security policies
9. Failing to consider the staff
10. Being slow to update
www.headtechnology.com
7. Key risks for shortlist
End users – the weakest link
Vulnerability – everyone vs. everything
Data access and protection
Black community makes it easy
• Google.com/hacking for dummies
• Youtube.com/how to hack passwords
• P2P for software download
www.headtechnology.com
8. Hall of fame in Latvia
99%
Things we’ll never know
www.headtechnology.com
9. Solution?
Weak security is not an option!
Too much of security makes no sense!
www.headtechnology.com
11. Most important things
Monitoring (systems, users, administrators)
Vulnerability and EndPoints (done by Lumension)
Encryption (in motion / during transfer / at rest)
Agentless real time network visibility and NAC
www.headtechnology.com
13. Spectorsoft – Monitoring all
Theft of confidential information Fraud & embezzlement
Sexual or racial harassment
Litigation by employees and
outside companies
Discrimination claims
Illegal downloads
www.headtechnology.com
14. How to use SpectorSoft?
Maximize productivity
Increase security
Reduce liability
Enforce compliance
www.headtechnology.com
16. PGP – Encryption Platform
PGP Encryption Solutions 3rd Party Solutions
Disk and File Email Mobile Mainframe Commercial Commercial Custom
Device Devices Hardware Software Applications
Key Lifecycle Key Storage Authentication / Authorization
Auditing
Policy Management Reporting
Logging
Automated Operations and Provisioning
PGP Encryption Platform
Existing Infrastructure
www.headtechnology.com
17. PGP solutions
PGP Universal™ Server
Central Management of PGP Universal™ Gateway Email
all products • User-transparent, gateway email
encryption
PGP® Desktop Email
• Email, file, disk, & IM encryption
PGP® Whole Disk Encryption
• Laptop & disk security
PGP® NetShare
• Shared server storage security
PGP® Command Line
• Secure FTP/batch & backups
PGP® Support Package for BlackBerry® All PGP products are based on
• Mobile client software the PGP SDK, a mature FIPS
140-2 validated cryptographic
PDF Messenger module
• Secure & Certified Statement Delivery
www.headtechnology.com
19. Real time “agentless” network assesment
Control &
Enforcement
Safeguarding the network’s security
integrity by preventing network access
from unauthorized and/or non-compliant
Discovery elements.
Comprehensive collection of data from ALL network
assets, gathering complete, accurate and detailed
continuous network intelligence. This unique
approach provides always on, real-time network
visibility acting as the foundation for the BSA
solution. Remediation
Identification of the corrective measures
that must be put in place and fix
inconsistencies with the security posture
of assets attached to the network.
Aligning the security configuration of
assets with security best practices
considerably reduces the enterprise
networks' risk of exposure.
Audit, Compliance User Identity Profiling
& Risk Analysis: Establishment and maintenance of user intelligence
Automated security configuration auditing, by correlating between user identities and specific
simplifying the process of conducting IP addresses. This improves audit controls, and
network-wide configuration audits. This enhances regulatory compliance. It also significantly
provides efficient security compliance enhances incident response by enabling locating
tracking and auditing procedures. vulnerable and/or exploited hosts, and eliminating
the manual efforts to track users.
The Insightix Business Security Assurance (BSA) product suite is designed to detect,
identify, profile, audit and control ALL devices connected to your network.
www.headtechnology.com