Exploring the Future Potential of AI-Enabled Smartphone Processors
Trend Micro - is your cloud secure
1. Is your cloud secure?
Frederik Van Roosendael
PSE Belgium – Luxembourg
2. Enabling a Smart Protection Strategy
in the age of Consumerization, Cloud and new Cyber Threats
Frederik Van Roosendael
PSE Belgium – Luxembourg
3. Organizations Need a Smart Protection Strategy
Smart protection
against theft and loss
Simple yet flexible
to manage and deploy
Security that fits
an evolving ecosystem
Copyright 2013 Trend Micro Inc.
6. More Challenging than Ever!
Cyber Threats
Cloud &
Consumerization Virtualization
Employees IT
Copyright 2013 Trend Micro Inc.
7. •
Smart protection •
Whitelisting
Network traffic rules BIG DATA
begins with global • Mobile app reputation ANALYTICS-DRIVEN
GLOBAL THREAT
•
threat intelligence… •
Vulnerabilities/Exploits
Threat Actor Research INTELLIGENCE
• Enhanced File Reputation 2012
• Enhanced Web Reputation
• Email reputation
• File reputation
• Web reputation CLOUD BASED
GLOBAL THREAT
INTELLIGENCE
2008
SIGNATURE BASED
ANTI-MALWARE
1988 - 2007
Copyright 2013 Trend Micro Inc.
8. Global Proactive
CLOSER TO BLOCKS THREATS
THE SOURCE OF AT THEIR SOURCE
THREATS
Real-time Correlated
IDENTIFIES IDENTIFIES ALL
NEW THREATS COMPONENTS
FASTER OF AN ATTACK
Copyright 2013 Trend Micro Inc.
9. Cyber Threats
Cloud &
Consumerization Virtualization
Employees IT
Copyright 2013 Trend Micro Inc.
10. The Changing Threat Landscape
CRIMEWARE Targeted
DAMAGE CAUSED
Web Attacks
Intelligent Threats
Botnets
Spyware
Spam
Mass
Worm Mailers
Outbreaks
• Now it’s personal!
Vulnerabilities • Financially motivated
• Targeting valuable
information
2001 2003 2004 2005 2007 Now
Copyright 2013 Trend Micro Inc.
11. Today’s Attacks: Social, Sophisticated, Stealthy!
Gathers intelligence about Extracts data of interest – can
organization and individuals go undetected for months!
Attacker $$$$
Targets individuals Establishes Command
using social engineering & Control server
Moves laterally across network
seeking valuable data
Employees
Copyright 2013 Trend Micro Inc.
12. Gathers intelligence about Extracts data of interest – can
organization and individuals go undetected for months!
Attacker $$$$
Targets individuals Establishes Command
using social engineering & Control server
Moves laterally across network
seeking valuable data
Employees
Copyright 2013 Trend Micro Inc.
13. • In-depth reconnaissance on your employees
• Malware engineered and tested to evade your
standard gateway/endpoint defenses
• Human interaction that adapts the attack as it
Security
moves within your network
Network Admin
Copyright 2013 Trend Micro Inc.
15. • Advanced threat
analytics
• Correlating local
and global threat
intelligence
16. Part of Your Smart Protection Strategy
Smart
• Advanced, targeted threat detection
• Customizable sandboxes for accurate analysis
• Actionable intelligence from global threat intelligence
Simple
• Single appliance monitors multiple ports and protocols
CUSTOM
DEFENSE • Automated, customized security updates
Security that fits
• Custom sandbox available to other security products
• Custom signatures to other security products
Copyright 2013 Trend Micro Inc.
17. Cyber Threats
CUSTOM
DEFENSE
Cloud &
Consumerization Virtualization
Employees IT
Copyright 2013 Trend Micro Inc.
18. Cyber Threats
CUSTOM
DEFENSE
Cloud &
Consumerization Virtualization
Employees IT
Copyright 2013 Trend Micro Inc.
19. Then...
Web
Email & Access
Messaging
File/Folder &
Removable Media
Employees
IT Admin
Copyright 2013 Trend Micro Inc.
20. Now!
Web Device Hopping Cloud Sync
Email & Access & Sharing Collaboration
Messaging
File/Folder & Social
Removable Media Networking
Employees
IT Admin
Copyright 2013 Trend Micro Inc.
21. Web Device Hopping Cloud Sync
Email & Access & Sharing Collaboration
Messaging
File/Folder & Social
Removable Media Networking
Employees
• User behavior is risky by nature
• So many applications and platforms to secure
Security
IT Admin
Copyright 2013 Trend Micro Inc.
22. Web Device Hopping Cloud Sync
Email & Access & Sharing Collaboration
Messaging
File/Folder & Social
Removable Media Networking
Employees
70% trace loss to USB memory sticks 1
91% targeted attacks begin with spear-phishing 2
Security
IT Admin 50M+ malicious URLs blocked daily 3
Sources: 1. Ponemon Institute study, July 2011; 2. Trend Micro: “Spear Phishing Email: Most Favored APT Attack Bait”,
Nov 2012; 3. Trend Micro Smart Protection Network daily statistics
Copyright 2013 Trend Micro Inc.
23. Web Device Hopping Cloud Sync
Email & Access & Sharing Collaboration
Messaging
File/Folder & Social
Removable Media Networking
Employees
76% allow “BYOD”; about half had data breach 1
1 million malicious Android apps by end of 20132
Security
IT Admin 30% mobile devices lost each year 3
1. Source: Trend Micro, Mobile Consumerization Trends & Perceptions, IT Executive and CEO Survey 2012
2. Source: Trend Micro Threat Predictions for 2013
3. Source: SANS Institute
Copyright 2013 Trend Micro Inc.
24. Web Device Hopping Cloud Sync
Email & Access & Sharing Collaboration
Messaging
File/Folder & Social
Removable Media Networking
Employees
1 in 5 use Dropbox at work, typically against rules 1
30% SharePoint users knowingly risk data 2
Security
IT Admin
14M Facebook accounts are “undesirable” 3
1. Source: Global survey of 1300 enterprise customers; “Shadow IT in the Enterprise”, Nasuni, Sept 2012
2. Source: Cryptzone survey of SharePoint users, January 2012
3. Source: CSO Magazine, Oct 2012
Copyright 2013 Trend Micro Inc.
25. Web Device Hopping Cloud Sync
Email & Access & Sharing Collaboration
Messaging
File/Folder & Social
Removable Media Networking
Employees
Content Data Loss Device Application
Anti-Malware Encryption
Filtering Prevention Management Control
Complete End User Protection
Security
IT Admin
Copyright 2013 Trend Micro Inc.
26. Part of Your Smart Protection Strategy
Smart
• Layered security from mobile devices to gateways
• Transparent, real-time protection
Simple
• Unified dashboard with centralized policy control
COMPLETE • Modular, lightweight and efficient
END USER
PROTECTION
• Flexible deployment: on-premise or hosted
• Purpose-built for enterprise, mid-market, service providers
Security that fits
• Specialized plug-ins for Exchange, Domino, SharePoint
• Open: Win, Mac, iOS, Android, Blackberry…
Copyright 2013 Trend Micro Inc.
27. Cyber Threats
CUSTOM
DEFENSE
Cloud &
Consumerization Virtualization
COMPLETE
END USER
PROTECTION
Employees IT
Copyright 2013 Trend Micro Inc.
28. Cyber Threats
CUSTOM
DEFENSE
Cloud &
Consumerization Virtualization
COMPLETE
END USER
PROTECTION
Employees IT
Copyright 2013 Trend Micro Inc.
29. Data Center
Physical Virtual Private Cloud
By 2016, 71% of server workloads
will be virtualized*
• Increased business agility
• Lower capital and operational costs
Data Center Ops
• Instant scalability
Source: Gartner, Forecast Analysis: Data Center, Worldwide, 2010-2016,1Q12 Update, Jonathon Hardcastle, 16 May, 2012
Copyright 2013 Trend Micro Inc.
30. Data Center
Physical Virtual Private Cloud Public Cloud
Organizations can cut costs by
74% by storing data in the cloud*
• Increased business agility
• Lower capital and operational costs
Data Center Ops
• Instant scalability
Source: Forrester study
Copyright 2013 Trend Micro Inc.
31. Data Center
Physical Virtual Private Cloud Public Cloud
• Server and VM integrity
• Appropriate policy enforcement
• Data protection, especially in the cloud
Security • Performance and manageability
Data Center Ops
Copyright 2013 Trend Micro Inc.
32. Data Center
Physical Virtual Private Cloud Public Cloud
Intrusion Integrity Log
Anti-Malware Firewall Encryption
Prevention Monitoring Inspection
Cloud and Data Center Security
Security
Data Center Ops
Copyright 2013 Trend Micro Inc.
33. Part of Your Smart Protection Strategy
Smart
• Context-aware virtual patching and automated protection
• Comprehensive protection across physical, virtual, cloud
Simple
• Single platform and administration with modular deployment
CLOUD & • Agent-less security for VMware; efficient, high consolidation
DATA CENTER
SECURITY • Easy multi-tenant and service provider management
Security that fits
• Open: Microsoft, Linux, Solaris, Unix, VMware, Citrix…
• Optimized, automated security for VMware and AWS
Copyright 2013 Trend Micro Inc.
34. Cyber Threats
CUSTOM
DEFENSE
Cloud &
Consumerization Virtualization
COMPLETE CLOUD &
END USER DATA CENTER
PROTECTION SECURITY
Employees IT
Copyright 2013 Trend Micro Inc.
35. Enabling Your Smart Protection Strategy
Smart protection Simple yet flexible Security that fits
against theft and loss to manage and deploy an evolving ecosystem
Layered Centralized Open
Real-time Lightweight Optimized
Transparent Flexible Dedicated
Intelligent Purpose-built Future-proof
Copyright 2013 Trend Micro Inc.
We believe you need a Smart Protection Strategy.<click>Years ago, it was enough just to put in place perimeter sec urity. Now, with the elastic perimeter and sophisticated threats, you need smart protection against theft and loss. Perimeter security is no longer good enough.<click>It used to be that IT had complete control over what applications, devices, and networks were part of the business. Now, with the consumerization of IT, it is much more complex environment to manage and secure . You need a simple security solution that is easy and low cost to manage and deploy, but one that is flexible enough to deal with changing user requirements.<click>And of course your environment is much more dynamic and complex than it used to be. You need a security solution that fits your environment today and as it evolves.So what are the requirements you need to consider as part of YOUR smart protection strategy.
One of the most important parts of empowering the business is getting the right information to the right users, when they need it – and it must be always available!
But to mitigate risk you need to protect that information from theft and loss.
This has become increasingly challenging for you as the enterprise boundaries have been expanded and eroded due to emerging trends and technologies.<click>The first challenge is the consumerization of IT. As employees bring their own devices or use cloud based applications, they are punching a hole in your protected boundary, putting sensitive information <click>At the same time, as IT, you are taking advantage of new and emerging technologies like cloud and virtualization in your data center , this is effectively punching a hole in your protected boundary as well, also putting sensitive information at risk.<click>And on top of this, there is a third trend that is making your job that much more difficult.Cyber threats are becoming increasingly more targeted and sophisticated – and are using this broader attack surface to enter your organization, further putting sensitive information at risk.Now is the time to take a step back and evaluate what is really needed to protect your organization in this rapidly changing environment.
At Trend, we believe that Smart Protection begins with global threat intelligence. When Trend first began, we delivered signature-based anti-virus, protecting against virus-based threats, worms and other malware. <click>Recognizing the increase in the velocity and variety of threats, we were the first to deliver cloud based global threat intelligence, called the Smart Protection Network, in 2008, It delivers faster protection for email, web, and file based threats. <click>Since that time we have been continuously evolving the Smart Protection Network in response to a much more sophisticated and changing threat landscape. Now we offer big data analytics driven global threat intelligence, providing a much broader range of protection.And our global threat intelligence is integrated into all our solutions, from consumer to enterprise.
The Smart Protection Network is unlike any other offering on the market.The global nature of our business puts us closer to the source of the threats, enabling the Smart Protection Network to more quickly gather intelligence that matters.Leveraging big data analytics including multi-threat correlation, it offers real-time protection.Protection that is proactive – blocking threats at their source, with no gap between identification and delivery of protectionOf course, the true value of Smart Protection Network is when it powers our solutions, from consumer to enterprise.
Let’s talk more about Consumerization – the business benefits and concerns you may have – and how Trend can help you empower the business while managing the risks involved
All of these threats still exist out there, but new and more damaging threats are being developed each year. Now, we are dealing with targeted attacks, advanced persistent threats and creative mobile attacks that take advantage of new vulnerabilities, social engineering and mobile proximity. These are personal attacks that are financially motivated – they are after your valuable information – which could be source code, banking information, personally identifiable information or whatever is valuable.
Todays attacks are social, sophisticated, and stealthy. <click>They are targeted attacks and advanced persistent threats – and they typically start with the attacker gathering intelligence about the organization and individuals using Facebook, Linkedin, Google+ and other social networking applications. <Click>Next, they target individuals using social engineering based on the intelligence they’ve gathered – perhaps sending a targeted “spear phishing” email at specific employees from one of their co-workers. <Click>Once they have gained access to the organization by compromising a single machine, they establish a command and control server link so they can remotely control the attack from the outside – <Click>…giving the attacker the time and means to control their attack and move within the organizations network compromising other machines.<Click>They continue to look for valuable data by exploring the organization from within the internal network.<Click> Once they have found it, they will extract the data from the organization – and this may go undetected for months!
<transition>
These are personal attacks – after your data!The attacker is performing in-depth reconnaissance on your employees, malware engineered and tested to evade your standard gateway and endpoint defenses, and attackers that adapt their attack as it moves within your network.
To address these targeted attacks and advanced persistent threats, we offer a Custom Defense solution.Similar to the other solutions we’ve discussed, we offer a range of capabilities designed to enable you to not only detect and analyze these attacks, but fight back against your attackers.At the heart of the Custom Defense solution is a specialized threat protection platform that performs network-wide monitoring to detect zero-day malware, malicious communications and attacker behaviors that are invisible to standard security defenses. The Custom Defense sandboxes run suspect code in a safe, controlled environment that can be optimized for performance and configuredto evade hacker techniques that are on the lookout for sandboxing solutions.Upon detection, the Custom Defense solution best enables organizations to profile in depth the risk, origin and characteristics of the attack, and uniquely delivers actionable intelligence that guides the organization on how to contain and remediate the attack.Additionally, you can leverage proven tools, such as the Active Directory “sniffer”, that gives you additional insight into what’s happening in your environment.To immediately adapt and strengthen protection against further attacks, the Custom Defense solution helps you create custom responses to these targeted attacks. For example, IP blacklists and custom spear phishing protection is updated in response to the attacks. The solution automatically updates the global threat intelligence network and issues these custom security updates to Trend Micro gateway, endpoint and server enforcement points. You can also leverage Threat Services from Trend Micro to help you deal these attacks.
Here’s an example of the advanced threat analytics possible with this solution – providing in-depth, actionable intelligence about the attack and the attackers
SmartAdvanced, targeted threat detectionCustomer-defined, customizable sandboxes for accurate analysis Actionable intelligence from global threat intelligence – correlates what you find locally with what is known in the massive global threat intelligence cloudSimple Single appliance monitors multiple ports (HTTP, SMTP..) and over 80 protocolsAutomated, customized security updates (IP blacklists, custom signatures)Security that fitsCustom sandbox available to other security products – for example, our email gateway already takes advantage of the Custom Defense sandboxes, providing immediate protection against phishing attacksCustom signatures to other security products
Let’s talk more about Consumerization – the business benefits and concerns you may have – and how Trend can help you empower the business while managing the risks involved
Let’s talk more about Consumerization – the business benefits and concerns you may have – and how Trend can help you empower the business while managing the risks involved
In the past, IT had an easier time dealing with employees and all their activities. Users did email, surfed the web, and created documents locally and on file servers as well as USB drives, almost exclusively using Windows and Microsoft applications.
Today, users are doing more activities – using mobile devices, synchronizing files to the cloud with Drop box and other applications, sharing and collaborating with others using multiple web based applications, and using social networks. The range of devices, operating systems, and client and web based applications make this a very tough environment for IT to support, let alone secure.
Users are empowered – but they do exhibit risky behavior from a security perspective – from storing sensitive documents in Drop Box to not having a password on their mobile device.
Even if you look at a traditional environment there are risks.70% of organizations have traced a loss to USB Memory Sticks (Source: Ponemon Institute study, July 2011)91% of targeted attacks begin with spear phishing (Source: Trend Micro Spear Phishing Email Most Favored APT Attack Bait, Nov 2012)50M+ malicious URLS blocked daily (Source: Trend Micro Smart Protection Network daily statistics).
IT really does want to empower the business – in fact in a recent survey we conducted 76% of senior executives allow BYOD. Unfortunately nearly half of these had a data/security breach as a result. (Source: Trend Micro Mobile Consumerization Trend and Perceptions, IT Executive and CEO Survey, 2012).New world of introducing additional devices and applications making it much more expensive and difficult to support as well.There will be an estimated 1M malicious Android apps by end of 2013, up from 350,000 at the end of 2012 – which makes leaking information a serious risk. (Source: Trend Micro Threat Predictions 2013)And it isn’t just the bad guys who put your information at risk: an estimated 30% of mobile devices are lost each year (Source: Sans institute)
1 out of 5 of 1,300 business users surveyed said they use the consumer file-sync-and-share system with work documents. (Source: according to new research by Nasuni, an enterprise storage management company. )And, half of those Dropbox users do this even though they know it’s against the rules.(Source: Global survey of 1300 Enterprise customers: Shadow IT in the Enterprise, Natsuni, Sept 2012)30% of Sharepoint users knowingly risk data – and are “not bothered about it if it helps me get the job done” (Source: Cryptzone survey of SharePoint users, January 2012)And there are 14M FaceBook accounts that are undesirable – how can you be sure you and your employees are not “friends” with one of them? (Source: CSO Magazine, Oct 2012)
We help you address all these risks with our Complete End User Protection solution, the risks from traditional activities and the newer ones introduced through consumerization.With a plug and play architecture, we provide all of the essential capabilities you need to protect your users, their devices, their applications and data.We deliver market leading anti-malware, protecting users from viruses, zero-day exploits, bad web URLs, malicious file attachments and moreContent Filtering protects the productivity of your users, filtering away annoying spam and enabling you to restrict users from visiting undesirable web sites Data protection, includes Data Loss Prevention (DLP) to automatically prevent sensitive information from leaking out of the organization via email or removable media as well as Encryption to protect sensitive information on users’ desktops, removable media, in email and more – both of which make it easier to comply with most regulations.Device management allows you to easily provision and manage devices, including corporately or personally owned mobile devicesAnd Application Control enables you to determine which applications should be available to users across their workspace<click>And all of our solutions leverage our cloud-based global threat intelligence called Smart Protection Network, that provides real-time threat protectionWith our Complete End User Protection, all user activities are safeguarded, reducing risk of sensitive information loss. From the IT and Security perspective, they are happy as this solution protects the user across any device, any application, anywhere.
Our complete end user protection solution is part of your Smart Protection Strategy.It provides smart protection against loss and theft with layered security from mobile devices to gateways that is transparent to end users and provides real time protection from the latest threats.It is simple to deploy and manage with a unified dashboard with centralized policy control. It is Modular, lightweight and efficient so you can start where you want and grow, while efficiently using network and computing resources.It is flexible deployment options of on-premise or hosted, and it is purpose built for YOUR organization, from enterprise to small business to service providers.Finally, it is security that fits your evolving ecosystem with broad support for operating systems and platforms, and it works seamlessly with complementary technologies such as Microsoft Exchange and SharePoint, and IBM Lotus Domino.
So that’s our Complete End User Protection solution – addressing your traditional security concerns around end user activity and tackling the newest risks brought about by consumerization.
Now, let’s take a look at the newest trends in your evolving data center – cloud and virtualization.
Your data center is evolving. Most of you are already well on your journey to the cloud, likely still maintaining some physical servers, but transitioning many of these to virtual machines, and even leveraging some resources in a private, public or hybrid cloud environment.Virtual servers are already outpacing physical ones, and Gartner predicts that in a few short years 71% of server works loads will be virtualized.We know that virtualization and cloud hold great promises.Embracing these new environments enables you to…Lower capital and operational costs -- consolidating the number of servers used and turning on VMs only as the business demands itIncreased business agility – offering new services quickly and easily…even firing up a whole new environment on Amazon, for example, in a matter of minutesInstant scalability – turning on and off VMs as required
While your data center is evolving, you may be also be looking to leverage a public cloud to further drive these business benefits – shifting some of your applications to public cloud providers like Amazon. For example, a Forrester Research study has already found that companies can cut costs as much as 74 percent by storing data in the cloud. This movement is part of your journey to the cloud. As we know from Trend Micro’s cloud survey, if organizations are using virtualization, over 60% are also using a private or public cloud.And IDC has stated “80% of new commercial enterprise apps will be deployed on cloud platforms”. Forrester Research has estimated that the cloud computing market will grow from $40.7 billion in 2011 to $241 billion by 2020.Regardless of where you are on your journey, there are tremendous benefits to be uncovered by shifting to virtualization and cloud.
While there are tremendous benefits moving to the cloud, security concerns are the #1 barrier to adoption. Why? What are the concerns?First, let’s talk about the key security concerns you may have with a virtual environment…Whereas when your data center was all about managing physical servers, it was easier to lock them down and to keep them up to date. In a virtual environment, where you are turning on and off virtual machines to meet changing business demands (for example, turning on additional machines to handle peak buying periods), it is much harder to ensure the VMs have the appropriate security policy and the right patch/OS level in place. Similarly, as you bring on bring on new VMs -- or move VMs between servers – how do you know that the appropriate policies have been applied or maintained?These concerns are only heightened as you move to the private or public cloud where you have less centralized visibility and control. For example, as you move sensitive information to the public cloud, you have less control over the protection of the data. If you are managing data on behalf of your customers (i.e. credit card or payroll information), you may be subject to compliance regulations. How do you know that the cloud administrator or other tenants in the cloud cannot see or access your data? Do you even know where all the copies of your data is stored? On top of security risks, there are also concerns with performance and manageability….While the Risk and Security professionals require the use of security, if you are the operational manager, you don’t want security to get in the way of the tremendous performance and agility benefits that you’ve seen with this new technology. For example, in the traditional data center, you would have to protect every machine with security software. That might have been ok in the physical world, because the physical servers had spare compute capacity and there were fewer of them to maintain. In a virtual world where you are trying to maximize computing efficiency, for example, supporting hundreds of virtual desktops (VDIs) on a single hardware appliance, you cannot afford the time or effort it takes to maintain security software per virtual machine OR the performance hit from running security software on every virtual machine.You need a solution that has been truly optimized for a virtualization and cloud environment.
To address the risks of evolving your data center, we have a single platform and administration that secures your physical, virtual and cloud environments.Our solution is open, automated and highly scalable, fitting your existing infrastructure, seamlessly integrating with key applications like VMWare or cloud environments like Amazon Web Services.Like our end user protection solution, this solution is plug-and-play in nature – allowing you to extend and grow your solution as your business needs change.Block and remove malicious software with Anti-Malware.Protect against known and zero-day vulnerabilities with Intrusion Prevention. This provides you with “virtual patching” -- protecting you before you patch.Achieve segmentation of systems and reduce theattack surface with a host-based Firewall.Identify expected and unexpected (malicious) system changes with Integrity Monitoring.Gain additional visibility and correlation of system and application events with Log Inspection. This can be integrated with your existing SIEM for further insight.Protectsensitive data, particularly when using cloud service providers with Encryption.<click>And just like our other solutions, it is powered by our Smart Protection Network, protecting against real-world threats faster.Our Cloud and Data Center Solution protects you on your journey to the cloud – now and in the future.
Our Cloud and Data Center Security solution is also an important part of your Smart Protection Strategy.It is smart:Our solution is aware of the OS and applications running in your physical, virtual and cloud environments, automatically protecting you from known and zero-day vulnerabilities before you have the opportunity to patch.It provides the breadth of security that you need to fully protect your servers, applications and data.It is also very simple to manage and deploy:Single platform and administration with modular deploymentAgent-less security for VMWare that maximizes efficiency and consolidation. For example, VMWare itself uses our solution to secure its virtual desktop (VDI) environment, and are excited about the ability to achieve over 300 virtual desktops per machine thanks to our agentless approach.Purpose-built to support a multi-tenant private or public cloud environment, the solution provides features such as segregated administration with centralized controlIt also delivers security that fits:Not only does it work in your environment – whether that be Microsoft, Linux, Solaris, Unix, VMware, Citrix etc…, it is optimized for VMware and AWS, providing automatic protection of new virtual machines or cloud instances.
That’s our Cloud and Data Center Security solution
We enable your Smart Protection Strategy – providing smart protection against theft and loss, simple yet flexible solutions to manage and deploy, and security that fits your evolving ecosystem.