SlideShare une entreprise Scribd logo

Windows 8 is Coming to a BYOD Near You

Lumension
Lumension

If you are like me, you aren’t planning to migrate to Windows 8. But with Surface RTs selling the way they are, I guarantee we will have users bringing their own Windows 8 devices. In this fast-paced webinar, I’ll look at everything that’s new as far as security in Windows 8, with a special focus on mobility. You folks are really the go-to group in your organization for debunking the myths of Windows 8 and this webinar will help you provide the accurate answers to internal users and executives on questions like: What do I tell my CEO when she asks about supporting her new Win8 laptop? What do I tell my users who want to bring in their Windows RT Surface tablets? What is the security impact of bringing Windows 8 into my environment? The biggest distinctions guiding this discussion about Windows 8 security will be: 1) RT vs. “Real” Windows, and 2) BYOD vs. corporate-owned devices. If organizations out there are planning to roll-out a Windows 8 fleet of devices, I’ll help by covering the mobile device management (MDM) features and gaps in Windows 8. One of the biggest facts to know right now is that Windows 8 “RT” does not support domain membership or group policy. You heard me right. To manage RT devices, you’d need to have a new version of Windows Intune (the Microsoft PC management service in the cloud), which integrates with a new version of Microsoft System Center. This is an interesting approach to the BYOD security dilemma. Windows 8 does have some interesting new security features, which we’ll cover: UEFI Secure Boot support – UEFI stands for Unified Extensible Firmware Interface which replaces the good ole BIOS we’ve had to for decades. UEFI promises to make Windows 8 very resistant to low level malware like rootkits. SmartScreen filter – has been extended from Internet Explorer to Windows itself. Windows Defender – Bloggers are pronouncing this as a “full anti-malware solution”. We’ll determine if that is really so. Picture Password – a new touch based logon method using pictures and gestures Another thing we will cover is which security features are available in Windows 8 (base consumer edition), Windows 8 Pro, Windows 8 Enterprise and Windows 8 RT. There are very big differences between these editions.

Technologie
1  sur  10
Télécharger pour lire hors ligne
UltimateWindowsSecurity.com Windows 8 Is Coming to a BYOD Near You: Are the New Security Features Enough? © 2012 Monterey Technology Group Inc. Brought to you by www.lumension.com Speaker  Russ Ernst – Group Product Manager © 2012 Monterey Technology Group Inc. 1
UltimateWindowsSecurity.com Preview of Key Points New security features RT vs. Regular Windows Differences between editions Mobile device management Gaps © 2012 Monterey Technology Group Inc. New security features Protecting against advanced malware – Trusted Boot UEFI Secure Boot Measured Boot ELAM © 2012 Monterey Technology Group Inc. © 2012 Monterey Technology Group Inc. 2
UltimateWindowsSecurity.com New security features  UEFI  Modern replacement for BIOS  Secure Boot  Requires UEFI but not TPM  Firmware checks bootloader against OS vender certificate  Protects against rootkits/bootkits  http://tinyurl.com/3z2shwn Any OS BIOS OS Start Loader Verified UEFI OS Loader OS Start Only © 2012 Monterey Technology Group Inc. New security features  Measured Boot Requires TPM but not UEFI Uses the TPM to verify components have not been tampered with Enhanced version of what was available in Windows Vista and 7  ELAM Early Launch Anti-Malware Allows AV to launch before OS fully loaded Also allows AV to check what still loaded before it Can attest to a remote server for verification Great MS whitepaper: http://tinyurl.com/acr2oke © 2012 Monterey Technology Group Inc. © 2012 Monterey Technology Group Inc. 3
UltimateWindowsSecurity.com New security features More good links http://msdn.microsoft.com/en- us/library/windows/hardware/br259096.aspx © 2012 Monterey Technology Group Inc. New security features BitLocker enhancements Boot configuration data (BCD) validation moved to SecureBoot when available Provisioning possible prior to OS setup Used diskspace only Reduced helpdesk calls • Standard users can change PIN/passwords • Network unlock Support for encrypted hard drives • Not the same as self-encrypted drives (SEDs) © 2012 Monterey Technology Group Inc. © 2012 Monterey Technology Group Inc. 4
UltimateWindowsSecurity.com New security features SmartScreen Unrecognized apps and files downloaded from the Internet Moved from IE to Windows so other files from any browser subject Memory Management Comprehensive randomization and guard pages More defense against memory exploit tactics AppContainers Enhanced sandbox © 2012 Monterey Technology Group Inc. New security features Picture Password © 2012 Monterey Technology Group Inc. © 2012 Monterey Technology Group Inc. 5
UltimateWindowsSecurity.com New security features  Picture Password  Password stored in clear text? • Not so much • But is available to any admin on the system  Actually stored in reversible encryption • Everyone crying that’s a no-no for password storage • Hashes would not work in this case  Microsoft blog post on the “math” behind picture passwords • http://tinyurl.com/bmua4fc • Math adds up • But the facts don’t  Key point though: • You only get 5 chances • Same with 4 digit PIN © 2012 Monterey Technology Group Inc. New security features Windows Defender http://mashable.com/2012/10/22/windows-8- security-now-things-get-interesting/ http://news.softpedia.com/news/15-of-Malware- Can-Get-Past-Windows-8-s-Defender-Experts- Find-305535.shtml Nice to have? yes Replacement for corporate A/V? Far from it © 2012 Monterey Technology Group Inc. © 2012 Monterey Technology Group Inc. 6
UltimateWindowsSecurity.com RT vs. Real Windows ARM based RT Better • Battery life and weight Worse • Doesn’t run x86 Windows apps • Traditional desktop mode not available to 3rd party • 3rd party browsers restricted to certain APIs • No AD membership or group policy • Not BitLocker but has encryption Different • Management infrastructure © 2012 Monterey Technology Group Inc. Differences between editions of real Windows http://en.wikipedia.org/wiki/Windows_8_editions Partial Yes Yes Yes Supported third-party Windows Store apps only Windows Store and desktop Windows Store and desktop Windows Store and desktop apps[2][16] Remote Desktop Client only Client only Client and host Client and host Storage Spaces No Yes Yes Yes Encryption features Device encryption[b] Unavailable BitLocker and EFS BitLocker and EFS Sideload Windows Store apps Yes [18] No[11] Yes [19] Yes [11] Boot from VHD No No Yes Yes Can join a Windows domain? No No Yes Yes Group Policy No No Yes Yes Hyper-V[20] No No On 64-bit versions only with SLAT capable CPU AppLocker[c] No No No Yes Windows To Go No No No Yes DirectAccess No No No Yes BranchCache[d] No No No Yes Can be virtualized by No No No Yes RemoteFX? Services for Network File No No No Yes System [23] Microsoft Office apps bundled Yes No No No with OS[e] Windows Media Center No No Via an add-in[24] No Windows RT Windows 8 Windows 8 Pro Windows 8 Enterprise © 2012 Monterey Technology Group Inc. From wikipedia © 2012 Monterey Technology Group Inc. 7
UltimateWindowsSecurity.com Mobile Device Management Management Infrastructure Designed to address corporate security concerns on employee-owned devices (BYOD) • RT & Real Windows Integrates with System Center • Agent and self-service-portal © 2012 Monterey Technology Group Inc. Mobile Device Management  Management Infrastructure Policies • Allow Convenience Logon • VPN • Maximum Failed Password Attempts • Drive Encryption Status • Maximum Inactivity Time Lock • Auto Update Status • Minimum Device Password • Antivirus Status Complex Characters • AntiSpyWare Status • Minimum Password Length • Password Enabled • Password Expiration • Password History © 2012 Monterey Technology Group Inc. © 2012 Monterey Technology Group Inc. 8
UltimateWindowsSecurity.com Mobile Device Management Management Infrastructure Disconnect can be initiated by admin remotely or user locally • Everything reversed • Business data wiped? © 2012 Monterey Technology Group Inc. Gaps Enterprise anti-malware Full virus coverage Reporting Application control Full configuration management Compliance Device control © 2012 Monterey Technology Group Inc. © 2012 Monterey Technology Group Inc. 9
UltimateWindowsSecurity.com lumension.com/windows-8 Comprehensive Endpoint Management and Security for Microsoft Windows 8 and Windows Server 2012 Lumension® Supports Your Windows 8 and Windows Server 2012 Migration Plans with Solution Readiness Download the FAQ today at lumension.com/windows-8 Brought to you by www.lumension.com Speaker  Russ Ernst – Group Product Manager © 2012 Monterey Technology Group Inc. 10

Recommandé

Why go to the Moon?
Why go to the Moon?Why go to the Moon?
Why go to the Moon?kfury
 
Welcome to the Age of Weaponized Malware. What Does it Mean to Your Enterprise?
Welcome to the Age of Weaponized Malware. What Does it Mean to Your Enterprise?Welcome to the Age of Weaponized Malware. What Does it Mean to Your Enterprise?
Welcome to the Age of Weaponized Malware. What Does it Mean to Your Enterprise?Lumension
 
How to improve endpoint security on a SMB budget
How to improve endpoint security on a SMB budgetHow to improve endpoint security on a SMB budget
How to improve endpoint security on a SMB budgetLumension
 
Bates College Industry Insights Presentation
Bates College Industry Insights PresentationBates College Industry Insights Presentation
Bates College Industry Insights PresentationD V
 
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...Lumension
 
Sensational Headlines or Real Threats? What New Attacks Mean For You.
Sensational Headlines or Real Threats? What New Attacks Mean For You. Sensational Headlines or Real Threats? What New Attacks Mean For You.
Sensational Headlines or Real Threats? What New Attacks Mean For You. Lumension
 
Securing and Greening Your IT
Securing and Greening Your ITSecuring and Greening Your IT
Securing and Greening Your ITLumension
 
Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsUsing SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsLumension
 

Recommandé

Why go to the Moon?
Why go to the Moon?Why go to the Moon?
Why go to the Moon?kfury
 
Welcome to the Age of Weaponized Malware. What Does it Mean to Your Enterprise?
Welcome to the Age of Weaponized Malware. What Does it Mean to Your Enterprise?Welcome to the Age of Weaponized Malware. What Does it Mean to Your Enterprise?
Welcome to the Age of Weaponized Malware. What Does it Mean to Your Enterprise?Lumension
 
How to improve endpoint security on a SMB budget
How to improve endpoint security on a SMB budgetHow to improve endpoint security on a SMB budget
How to improve endpoint security on a SMB budgetLumension
 
Bates College Industry Insights Presentation
Bates College Industry Insights PresentationBates College Industry Insights Presentation
Bates College Industry Insights PresentationD V
 
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...Lumension
 
Sensational Headlines or Real Threats? What New Attacks Mean For You.
Sensational Headlines or Real Threats? What New Attacks Mean For You. Sensational Headlines or Real Threats? What New Attacks Mean For You.
Sensational Headlines or Real Threats? What New Attacks Mean For You. Lumension
 
Securing and Greening Your IT
Securing and Greening Your ITSecuring and Greening Your IT
Securing and Greening Your ITLumension
 
Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsUsing SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsLumension
 
2011 Social Media Malware Trends
2011 Social Media Malware Trends2011 Social Media Malware Trends
2011 Social Media Malware TrendsLumension
 
Sustainability jobs & contract employment in india
Sustainability jobs & contract employment in indiaSustainability jobs & contract employment in india
Sustainability jobs & contract employment in indiaraghunathan janarthanan
 
Iba’t ibang gamit
Iba’t ibang gamitIba’t ibang gamit
Iba’t ibang gamitGary Zambrano
 
Selamat sore!
Selamat sore!Selamat sore!
Selamat sore!beatriz carmela quilingan
 
Duplicate shipments and wrong item shipped
Duplicate shipments and wrong item shippedDuplicate shipments and wrong item shipped
Duplicate shipments and wrong item shippedJames Thomas
 
Lezione 1
Lezione 1Lezione 1
Lezione 1Giovanni Della Lunga
 
Master marketing quec slide share
Master marketing quec slide shareMaster marketing quec slide share
Master marketing quec slide shareAgenzia Quec
 
Esteban
EstebanEsteban
Esteban'Kelly Vergara
 
Open day
Open dayOpen day
Open dayPNL Evolution
 
2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers GuideLumension
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationLumension
 
2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary ResultsLumension
 
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Lumension
 
Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware Lumension
 
Securing Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data TheftSecuring Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data TheftLumension
 
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...Lumension
 
2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and Analysis2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and AnalysisLumension
 
Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint RiskGreatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint RiskLumension
 
Windows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You MigrateWindows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You MigrateLumension
 
Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You? Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You? Lumension
 
Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats Lumension
 
APTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize RiskAPTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize RiskLumension
 

Contenu connexe

En vedette

2011 Social Media Malware Trends
2011 Social Media Malware Trends2011 Social Media Malware Trends
2011 Social Media Malware TrendsLumension
 
Sustainability jobs & contract employment in india
Sustainability jobs & contract employment in indiaSustainability jobs & contract employment in india
Sustainability jobs & contract employment in indiaraghunathan janarthanan
 
Duplicate shipments and wrong item shipped
Duplicate shipments and wrong item shippedDuplicate shipments and wrong item shipped
Duplicate shipments and wrong item shippedJames Thomas
 
Master marketing quec slide share
Master marketing quec slide shareMaster marketing quec slide share
Master marketing quec slide shareAgenzia Quec
 

En vedette (9)

2011 Social Media Malware Trends
2011 Social Media Malware Trends2011 Social Media Malware Trends
2011 Social Media Malware Trends
 
Sustainability jobs & contract employment in india
Sustainability jobs & contract employment in indiaSustainability jobs & contract employment in india
Sustainability jobs & contract employment in india
 
Iba’t ibang gamit
Iba’t ibang gamitIba’t ibang gamit
Iba’t ibang gamit
 
Selamat sore!
Selamat sore!Selamat sore!
Selamat sore!
 
Duplicate shipments and wrong item shipped
Duplicate shipments and wrong item shippedDuplicate shipments and wrong item shipped
Duplicate shipments and wrong item shipped
 
Lezione 1
Lezione 1Lezione 1
Lezione 1
 
Master marketing quec slide share
Master marketing quec slide shareMaster marketing quec slide share
Master marketing quec slide share
 
Esteban
EstebanEsteban
Esteban
 
Open day
Open dayOpen day
Open day
 

Plus de Lumension

2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers GuideLumension
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationLumension
 
2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary ResultsLumension
 
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Lumension
 
Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware Lumension
 
Securing Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data TheftSecuring Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data TheftLumension
 
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...Lumension
 
2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and Analysis2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and AnalysisLumension
 
Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint RiskGreatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint RiskLumension
 
Windows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You MigrateWindows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You MigrateLumension
 
Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You? Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You? Lumension
 
Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats Lumension
 
APTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize RiskAPTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize RiskLumension
 
2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security Solutions2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security SolutionsLumension
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Lumension
 
Java Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant VulnerabilitiesJava Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant VulnerabilitiesLumension
 
BYOD & Mobile Security: How to Respond to the Security Risks
BYOD & Mobile Security: How to Respond to the Security RisksBYOD & Mobile Security: How to Respond to the Security Risks
BYOD & Mobile Security: How to Respond to the Security RisksLumension
 
3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT Risk3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT RiskLumension
 
Defending Your Corporate Endpoints How to Go Beyond Anti-Virus
Defending Your Corporate Endpoints How to Go Beyond Anti-VirusDefending Your Corporate Endpoints How to Go Beyond Anti-Virus
Defending Your Corporate Endpoints How to Go Beyond Anti-VirusLumension
 
2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?Lumension
 

Plus de Lumension (20)

2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
 
2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results
 
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
 
Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware
 
Securing Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data TheftSecuring Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data Theft
 
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
 
2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and Analysis2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and Analysis
 
Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint RiskGreatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
 
Windows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You MigrateWindows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You Migrate
 
Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You? Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You?
 
Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats
 
APTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize RiskAPTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize Risk
 
2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security Solutions2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security Solutions
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?
 
Java Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant VulnerabilitiesJava Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant Vulnerabilities
 
BYOD & Mobile Security: How to Respond to the Security Risks
BYOD & Mobile Security: How to Respond to the Security RisksBYOD & Mobile Security: How to Respond to the Security Risks
BYOD & Mobile Security: How to Respond to the Security Risks
 
3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT Risk3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT Risk
 
Defending Your Corporate Endpoints How to Go Beyond Anti-Virus
Defending Your Corporate Endpoints How to Go Beyond Anti-VirusDefending Your Corporate Endpoints How to Go Beyond Anti-Virus
Defending Your Corporate Endpoints How to Go Beyond Anti-Virus
 
2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?
 

Dernier

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

Dernier (20)

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

Windows 8 is Coming to a BYOD Near You

  • 1. UltimateWindowsSecurity.com Windows 8 Is Coming to a BYOD Near You: Are the New Security Features Enough? © 2012 Monterey Technology Group Inc. Brought to you by www.lumension.com Speaker  Russ Ernst – Group Product Manager © 2012 Monterey Technology Group Inc. 1
  • 2. UltimateWindowsSecurity.com Preview of Key Points New security features RT vs. Regular Windows Differences between editions Mobile device management Gaps © 2012 Monterey Technology Group Inc. New security features Protecting against advanced malware – Trusted Boot UEFI Secure Boot Measured Boot ELAM © 2012 Monterey Technology Group Inc. © 2012 Monterey Technology Group Inc. 2
  • 3. UltimateWindowsSecurity.com New security features  UEFI  Modern replacement for BIOS  Secure Boot  Requires UEFI but not TPM  Firmware checks bootloader against OS vender certificate  Protects against rootkits/bootkits  http://tinyurl.com/3z2shwn Any OS BIOS OS Start Loader Verified UEFI OS Loader OS Start Only © 2012 Monterey Technology Group Inc. New security features  Measured Boot Requires TPM but not UEFI Uses the TPM to verify components have not been tampered with Enhanced version of what was available in Windows Vista and 7  ELAM Early Launch Anti-Malware Allows AV to launch before OS fully loaded Also allows AV to check what still loaded before it Can attest to a remote server for verification Great MS whitepaper: http://tinyurl.com/acr2oke © 2012 Monterey Technology Group Inc. © 2012 Monterey Technology Group Inc. 3
  • 4. UltimateWindowsSecurity.com New security features More good links http://msdn.microsoft.com/en- us/library/windows/hardware/br259096.aspx © 2012 Monterey Technology Group Inc. New security features BitLocker enhancements Boot configuration data (BCD) validation moved to SecureBoot when available Provisioning possible prior to OS setup Used diskspace only Reduced helpdesk calls • Standard users can change PIN/passwords • Network unlock Support for encrypted hard drives • Not the same as self-encrypted drives (SEDs) © 2012 Monterey Technology Group Inc. © 2012 Monterey Technology Group Inc. 4
  • 5. UltimateWindowsSecurity.com New security features SmartScreen Unrecognized apps and files downloaded from the Internet Moved from IE to Windows so other files from any browser subject Memory Management Comprehensive randomization and guard pages More defense against memory exploit tactics AppContainers Enhanced sandbox © 2012 Monterey Technology Group Inc. New security features Picture Password © 2012 Monterey Technology Group Inc. © 2012 Monterey Technology Group Inc. 5
  • 6. UltimateWindowsSecurity.com New security features  Picture Password  Password stored in clear text? • Not so much • But is available to any admin on the system  Actually stored in reversible encryption • Everyone crying that’s a no-no for password storage • Hashes would not work in this case  Microsoft blog post on the “math” behind picture passwords • http://tinyurl.com/bmua4fc • Math adds up • But the facts don’t  Key point though: • You only get 5 chances • Same with 4 digit PIN © 2012 Monterey Technology Group Inc. New security features Windows Defender http://mashable.com/2012/10/22/windows-8- security-now-things-get-interesting/ http://news.softpedia.com/news/15-of-Malware- Can-Get-Past-Windows-8-s-Defender-Experts- Find-305535.shtml Nice to have? yes Replacement for corporate A/V? Far from it © 2012 Monterey Technology Group Inc. © 2012 Monterey Technology Group Inc. 6
  • 7. UltimateWindowsSecurity.com RT vs. Real Windows ARM based RT Better • Battery life and weight Worse • Doesn’t run x86 Windows apps • Traditional desktop mode not available to 3rd party • 3rd party browsers restricted to certain APIs • No AD membership or group policy • Not BitLocker but has encryption Different • Management infrastructure © 2012 Monterey Technology Group Inc. Differences between editions of real Windows http://en.wikipedia.org/wiki/Windows_8_editions Partial Yes Yes Yes Supported third-party Windows Store apps only Windows Store and desktop Windows Store and desktop Windows Store and desktop apps[2][16] Remote Desktop Client only Client only Client and host Client and host Storage Spaces No Yes Yes Yes Encryption features Device encryption[b] Unavailable BitLocker and EFS BitLocker and EFS Sideload Windows Store apps Yes [18] No[11] Yes [19] Yes [11] Boot from VHD No No Yes Yes Can join a Windows domain? No No Yes Yes Group Policy No No Yes Yes Hyper-V[20] No No On 64-bit versions only with SLAT capable CPU AppLocker[c] No No No Yes Windows To Go No No No Yes DirectAccess No No No Yes BranchCache[d] No No No Yes Can be virtualized by No No No Yes RemoteFX? Services for Network File No No No Yes System [23] Microsoft Office apps bundled Yes No No No with OS[e] Windows Media Center No No Via an add-in[24] No Windows RT Windows 8 Windows 8 Pro Windows 8 Enterprise © 2012 Monterey Technology Group Inc. From wikipedia © 2012 Monterey Technology Group Inc. 7
  • 8. UltimateWindowsSecurity.com Mobile Device Management Management Infrastructure Designed to address corporate security concerns on employee-owned devices (BYOD) • RT & Real Windows Integrates with System Center • Agent and self-service-portal © 2012 Monterey Technology Group Inc. Mobile Device Management  Management Infrastructure Policies • Allow Convenience Logon • VPN • Maximum Failed Password Attempts • Drive Encryption Status • Maximum Inactivity Time Lock • Auto Update Status • Minimum Device Password • Antivirus Status Complex Characters • AntiSpyWare Status • Minimum Password Length • Password Enabled • Password Expiration • Password History © 2012 Monterey Technology Group Inc. © 2012 Monterey Technology Group Inc. 8
  • 9. UltimateWindowsSecurity.com Mobile Device Management Management Infrastructure Disconnect can be initiated by admin remotely or user locally • Everything reversed • Business data wiped? © 2012 Monterey Technology Group Inc. Gaps Enterprise anti-malware Full virus coverage Reporting Application control Full configuration management Compliance Device control © 2012 Monterey Technology Group Inc. © 2012 Monterey Technology Group Inc. 9
  • 10. UltimateWindowsSecurity.com lumension.com/windows-8 Comprehensive Endpoint Management and Security for Microsoft Windows 8 and Windows Server 2012 Lumension® Supports Your Windows 8 and Windows Server 2012 Migration Plans with Solution Readiness Download the FAQ today at lumension.com/windows-8 Brought to you by www.lumension.com Speaker  Russ Ernst – Group Product Manager © 2012 Monterey Technology Group Inc. 10