Discover more about USP`s SES solution : say goodbye to Microsoft’s TMG and Hello to USP`s Smarter Web App Protection and Authentication!
by United Security Providers
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
USP SES and the Location Layer: Geolocation for adaptive Access Control and Privileges
1. USP SES and the Location Layer:
Geolocation for adaptive Access Control and Privileges
Extremely secure
2. SUMMARY
1. Goodbye to Microsoft TMG
2. Hello USP SES
3. How USP SES Makes Location Work For You
4. USP SES Use Cases #1
5. USP SES Use Cases #2
6. USP SES Use Cases #3
7. Identity Fraud and Location
8. USP SES Use Cases #4
9. USP SES Use Cases #5
10. USP SES: Fast facts
Page 2Cybersecurity
3. 1. Goodbye to Microsoft TMG
Page 3Cybersecurity
And hello to USP SES
Microsoft have discontinued their TMG solution set
This impacts both TMG and UAG.
è An alternative is needed
This gives you a chance to find a solution that is:
• Better suited to a modern environment
/ uses standard interfaces
• Greater functionality
• Simpler to use
4. Turnkey offering for SAP and other web portal protection against
widely used cyber threats.
Authentication management and Single Sign On (SSO) across disparate
applications (incl. Office 365 and Google Docs).
A simplified way of handling a hybrid application environment.
Geolocation-Aware Adaptive Authorization.
2. Hello USP SES
A simple to use configuration interface
USP SES have a replacement solution for Microsoft’s TMG which gives you:
Cybersecurity Page 4
5. • Being able to use location opens up
powerful controls
• Control of incoming requests
• Control of authentication
• Control of permissions
Gartner statement on geolocation to allow for
adaptive authentication:
“Geolocation data is growing in importance
relative to classic, credential-based
authentication data as a way of mitigating
authentication and authorization risk.”
Gartner: Geolocation Access Control and Privacy August 2012
Page 5
3. Going Further: How USP SES Makes Location Work For You
Cybersecurity
6. Incoming Request Control
USP SES WAF can be configured to control access based on analysis of:
- Geographical location
- Reputation, i.e. if an address is known to be used for hacking the
reputation will be low
Certain locations / IP addresses are known to be used by cybercriminals.
Allows you to manage access requests coming in from the TOR network and VPN’s.
Cybersecurity Page 6
7. Access privileges can be controlled through location awareness
Users in known ‘problem’ locations or known bad IP addresses
will have restricted access to resources.
Way of adding in more granular control to privileged access policies
Set up service to issue content to users based on their location at login
Permissions Control
Cybersecurity Page 7
8. USP SES has extended monitoring and
reporting capability to use data based on
location awareness functionality.
Location based reporting can be offered,
including:
• Location based service usage
• Location based security incident monitoring
and reporting
• Use of anonymous networks for access
• Report use of known bad IP addresses for
access
Monitoring and Reporting
Cybersecurity Page 8
9. Cyber security risk management using geolocation controls
Web based attacks can be controlled through geolocation settings.
Incoming requests from bad IP addresses or known hacker locations can be blocked.
E.g. known locations / countries where brute force attacks originate.
Profiling and behavioral analysis can be performed.
4. USP SES Use Cases #1
Cybersecurity Page 9
10. Geolocation adds another layer of security controls:
PWC 2015 Information Security Breaches Survey: http://www.pwc.co.uk/assets/pdf/2015-isbs-executive-summary-digital.pdf
Ponemon Institute: 2015 Cost of Cybercrime Study: http://www-03.ibm.com/security/data-breach/
Akamai, State of the Internet Report: http://www.stateoftheinternet.com/downloads/pdfs/2014-q4-state-of-the-internet-report.pdf
Some cyber security / location satistics:
9/10
Organization had suffered
a security breach in 2014
65 M$
In 2015 annual cost for
cybercrime ranged from
$3.1 million to 65 million
Top countries for hackers:
– China: 41%
– USA: 13%
– Taiwan: 4.4%
– Russia: 3.2%
– Turkey: 2.9%
– South Korea: 2.8%
– India: 2.4%
– Brazil: 2.3%
– Germany: 1.8%
– Hong Kong: 1.3%
Cybersecurity Page 10
11. Compliance with health / financial record access:
Granular authentication based on geolocation/IP address
Employees can access SAP or other web based content
Access within the organization (IP address or geolocation)
• single factor (1st) login credential only required
Access from an IP address or location outside of the workplace
(e.g. on the road or from home)
• 1st and 2nd factor required
Access from locations that are outside those accepted by the organization
• 1st factor PLUS 2nd factor PLUS security question required
Or completely block access
5. USP SES Use Case #2
Cybersecurity Page 11
12. Consumer access controls via location settings
User’s identity and associated access to government services is geolocation controlled.
If user is in their home country, they are allowed to access the text service and upload their tax return.
If not, they cannot do their tax returns until they are in home country.
An extension of the use case would allow the user to setup other locations (e.g. holiday location) to
access government services using their identity.
In addition USP SES has the ability to block anonymous networks such as TOR, VPN’s and proxies.
6. USP SES Use Case #3
Cybersecurity Page 12
13. Geolocation helps to protect identity
fraud.
High profile case was IRS breach of 2015
and secondary attack of 2016 – tax
return fraud case.
Could have been prevented with
geolocation controls.
Geolocation controls add additional layer
of security to identity.
7. Indentity Fraud and Location
Cybersecurity Page 13
15. BYOD has introduced new potential security issues to the enterprise
Common delivery across devices means that data, once hidden, needs additional layers
of access control.
Can control data leaving a country / jurisdiction.
Geolocation offers this additional layer to add in these controls:
- in a non-intrusive manner – devices have built in location mechanisms
- Adaptive, only when needed, i.e. using location policies
8. USP SES Use Case #4
Page 15Cybersecurity
16. Gartner: http://www.gartner.com/newsroom/id/2466615
SecuredEdge Networks: http://www.securedgenetworks.com/blog/BYOD-Security-The-Number-One-BYOD-Concern
BYOD Statistics
Page 16Cybersecurity
50%
of companies
will expect
employees to use
their own devices
at work by 2017
80%
of BYOD at work
are unmanaged
35%
of workers store
their work passwords
on their phones
17. Location awareness reporting and alerts for fraud profiling
Location awareness of user access and incoming traffic allows you to:
- Detect and prevent fraud
Use IP address location with fraud profiling (recognise behavioural patterns based
on location).
- Provide real-time incident management with alerts informing of incoming cyber
threats from blacklisted locations.
Also offers monitoring of employees and can offer KYC options.
9. USP SES Use Cases #5
Page 17Cybersecurity
18. 10. USP SES: Fast facts
Page 18Cybersecurity
Simple way to manage hybrid IT systems from one console
Offers multitude of authentication controls
Multiple factor
Single sign on
Integration with any IDM system to build flexible and strong access control
Highly customizable with adaptable, standard interfaces
Adaptive access control with geolocation features