Professional Documents
Culture Documents
Agenda
Observations of information security Why is information so difficult to secure? A risk-based approach to information security 3 Use Cases
costly
too many security products too many security procedures
inhibiting compliance
IT Security
too many controls manual, complicated, labor-intensive
Need a holistic approach to make security more effective and align it with the agencys mission
3
IT Security Landscape
Todays Problems Sophisticated emerging threats
Combating these challenges Understand the threat landscape Understand the infrastructure
Cyber espionage Cyber warfare Terrorism Pandemics Structure, Unstructured Voice, Video Metadata Many access points Information silos Technologies built in a global supply chain
Data explosion
Complex infrastructure
Know the boundaries Know the devices Know the information Know the users Know what users are doing with the information
Stolen, unencrypted media 2005 U.S. Dept. of Justice Stolen lop containing sensitive law enforcement information Impact: 80,000 identities compromised
Unintentional distribution 2006: U.S. Dept. of Agriculture Inadvertent exposure of Social Security numbers and tax identification numbers during a Freedom of Information Act request Impact: 350,000 numbers compromised
5
DR
Data warehouse
Back up tape WWW Other Federal Agencies Agency Portal Production Data Disk storage
Endpoint
Network
Apps/DBs
Files
Storage
DR Media Media Theft Theft WAN Unauthorized Unauthorized Data Activity warehouse Activity Government Analytics Intercept Intercept WWW Unauthorized Unauthorized Access Access Unauthorized Unauthorized Access Access Unavailability Unavailability Back up tape Media Media Loss Loss
Other Federal Agencies Eavesdropping Eavesdropping Unintentional Unintentional WW Partners Distribution Distribution Data Data Loss Loss Remote Employees Device Device Loss Loss
Fraud Fraud
Agency portal
Disk storage
WAN Development Contractors Unauthorized Unauthorized Activity Activity Enterprise email Staging Data Data Theft Theft Back up disk
File Server
Endpoint
Network
Applications
Files
Storage
Continuity of Operations
Controlled Unclassified Information
Compliance
Secret
Employee Information
Sensitive Information
Top Secret
Risk
What risks are we willing to accept? What risks do we need to protect against?
Security Incidents
Endpoint
Network
Applications
Files / CMS
Storage
Define Policy
Describe how sensitive information should be protected
Data, People, Infrastructure
Policy
Enforce Controls
Establish a control framework and implement appropriate controls to enforce the policy
Data Controls Access Controls
Secure government IT systems from intruders Prepare for future threats Increase situational awareness in the cyber world
10
Endpoint
Network
Application / DB
Storage
Business Drivers:
11
Decrease time to identify threats/ vulnerabilities Improve response time to address threats/ vulnerabilities Comply with secure configuration policies
Unauthorized access to networks, file servers and storage Data corruption Unauthorized changes to configurations
Endpoint
Network
Application / DB
Storage
Better visibility into infrastructure increased responsiveness to security incidents Decreased hours spent on log management and auditing activities Enforced secure configurations and changes Simplified compliance reporting
Authentication based on genuine users roles and context Protection from unauthorized access and activity associated with sensitive information Ease of use for users to leverage the value of information
13
Business Drivers:
14
Enable inter-agency data exchange Ensure access to legitimate users Deny access to unauthorized users Enhance ease of use Reduce cost through portal services
Reduced Fraud: Risk-based multi-factor authentication ensures only genuine authorized users have access Improved Efficiency: Single sign-on enables trusted identities to seamlessly reach across agency boundaries Cost Reduction: Saved time and money on password administration
15
Scan systems to find sensitive data Map flow of sensitive data within the infrastructure Attach classification level to data
Create a policy that clearly defines how information risk will be addressed Implement tools that support the policy
16
Business Drivers:
17
Compliance with federal data protection policies Complete understanding of what data they store and use Maintain solid reputation
Unintentional distribution of sensitive agency information Loss or theft of device with sensitive information Non-compliance
Risk Advisor Service, Data Loss Prevention Suite, RSA Encryption & Key Mgmt, EMC Info Rights Mgmt
Quickly and accurately locate sensitive content across laptops, desktops and file servers and storage. Ensure that sensitive information is encrypted Centralize and streamline encryption key management Apply policy-driven access rights to unstructured content
18
Thank you!
20
Backup Slides
21
22
Security Trivia #1
23
Security Trivia #2
24
Security Trivia #3
25