Upload
microsoft-ideas
View
841
Download
0
Embed Size (px)
DESCRIPTION
La sécurité n’est plus un add-on au système d’information, mais doit s’intégrer à tous les niveaux, depuis son architecture jusqu’à la résolution d’incidents, en passant par l’exploitation au quotidien des centres de données. Dans un contexte de mobilité accrue et en considérant l’émergence d’un modèle d’informatique à la demande, la sécurité repose autant sur la prévention technique que sur l’éducation comportementale des utilisateurs et sur la capacité des systèmes à résister aux attaques Session présentée par le partenaire : DELL. Speakers : Florian Malecki (DELL)
Citation preview
Sécurité
La sécurité de l'emploi : protégez votre SI
Florian MaleckiEMEA Product & Marketing Solution
DirectorDell
[email protected], www.dell.com/security
#mstechdaysSécurité
Depuis votre smartphone sur :http://notes.mstechdays.fr
De nombreux lots à gagner toute les heures !!!Claviers, souris et jeux Microsoft…
Merci de nous aider à améliorer les Techdays !
Donnez votre avis !
Underlying foundation of threats: Basic nature of threats is constant change
• Individual computers
• Modem
• Security
• Firewall 101
• TSRs
• Viruses
• Internet
• Worms
• Trojans
• DOS/ DDOS
• Physical again(Portable media)
• Cyber-terrorism, morphing and complex threats
• AI (learn) hacking
• XSS, SQL Injection attacks
• Espionage
• Financial gain
• Homeland security threats
• Delivery via Web 2.0 and social networking sites
1980 1990 2000 2014
Global infrastructure
Individual computers
Individual networks
Multiplenetworks
Regionalnetworks
Expanding complexity and reach of threats
Threats are constantly evolving
Risk of confidential data leakage is ever increasing
2014 Security Trends
1. Increased Usage of SSL Encryption2. 3. 4. 5. 6.
Increased Usage of SSL Encryption
http://www.networkcomputing.com/next-generation-data-center/news/networking/nsa-surveillance-revives-calls-for-an-al/240165556http://www.thewhir.com/web-hosting-news/ssl-use-among-million-busiest-sites-48-year-year-netcraft-survey
Increased Usage of SSL Encryption
http://www.webpronews.com/yahoo-search-is-now-encrypted-by-default-2014-01http://www.zdnet.com/twitter-enforces-ssl-encryption-for-apps-connecting-to-its-api-7000025138/http://searchenginewatch.com/article/2309689/As-Microsoft-Moves-to-Encrypted-Search-Webmasters-Could-Lose-More-Keyword-Datahttp://online.wsj.com/news/articles/SB10001424052702303448204579339432277705894
Security Trends, 2014
1. Increased Usage of SSL Encryption2. Ransomware Continues
http://www.legitreviews.com/cryptolocker-ransomware-affected-estimated-250000-computers_131647http://www.tomsguide.com/us/cryptolocker-evolves-worm,news-18066.html
http://arstechnica.com/security/2014/01/researchers-warn-of-new-meaner-ransomware-with-unbreakable-crypto/http://www.therecord.com/news-story/4334442-ransomware-attacks-are-increasing/
Security Trends, 2014
1. Increased Usage of SSL Encryption2. Ransomware Continues 3. Increase in Win 7 & Win 8 Attacks
Increase in Win7 & Win8 Attacks
http://www.independent.ie/business/technology/deadline-looms-for-xp-users-as-microsoft-shuts-system-support-29941733.htmlhttp://www.zdnet.com/at-years-end-xp-usage-plunges-as-windows-7-and-8-take-over-7000024699/
Increase in Win7 & Win8 Attacks
http://www.independent.ie/business/technology/deadline-looms-for-xp-users-as-microsoft-shuts-system-support-29941733.htmlhttp://www.zdnet.com/at-years-end-xp-usage-plunges-as-windows-7-and-8-take-over-7000024699/
Security Trends, 20141. Increased Usage of SSL Encryption2. Ransomware Continues 3. Increase in Win 7 & Win 8 Attacks 4. New Exploit Kits in the Wild
New Exploit Kits in the Wild
http://threatpost.com/blackhole-and-cool-exploit-kits-nearly-extinct/103034http://news.softpedia.com/news/BlackHole-Exploit-Kit-Author-Reportedly-Arrested-in-Russia-388949.shtml
New Exploit Kits in the Wild
http://contagiodump.blogspot.com/2010/06/overview-of-exploit-packs-update.htmlhttp://www.scmagazineuk.com/exploit-kits-for-sale-on-a-website-near-you/article/301851/
Security Trends, 2014
1. Increased Usage of SSL Encryption2. Ransomware Continues 3. Increase in Win 7 & Win 8 Attacks 4. New Exploit Kits in the Wild5. Sophisticated Smartphone Attacks
Sophisticated Smartphone Attacks
Sophisticated Smartphone AttacksVulnerabilities Malware Families
http://gcn.com/articles/2013/04/19/iphone-vulnerabilities-android-most-attacked.aspx
Security Trends, 20141. Increased Usage of SSL Encryption2. Ransomware Continues 3. Increase in Win 7 & Win 8 Attacks 4. New Exploit Kits in the Wild5. Sophisticated Smartphone Attacks 6. System Hopping Malware
System Hopping Malware
http://www.computerworld.com/s/article/9229596/Windows_malware_hides_in_iOS_apphttp://consumerist.com/2013/02/04/great-now-theres-android-malware-that-can-infect-your-pc-turn-it-into-a-listening-device/
System Hopping Malware
http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/http://www.pcworld.com/article/2090940/new-windows-malware-tries-to-infect-android-devices-connected-to-pcs.html
The IT journey…
From mainframe to client server to distributed to risk everywhere
Security and risk
of surveyed companies experienced some type of significant security incident within the past year that resulted in financial and/or reputational impact
79%
of businesses said their organizations will use cloud tools moderately to extensively in the next 3 years. 85%Cloud
MobilityMobility source shifts from 62%/38% corporate/personal owned to 37% corporate owned and 63% personal owned
5X
Big Data By 2020 volume of data stored will reach 35 Zettabytes35
Powerful disrupters… the world is more connected than ever.
They have many namesSpear-Phishers, BOTnets, DDoS, Zero-Day
Threats, Insider threats & former employees
They’re determined to exploit “disconnected security”
Security tools, processes, user profiles and information, separated in siloes that leave
dangerous gaps in-between
Unfortunately, the bad guys are more connected too.
Business can’t stop to wait for security
Desire: To embrace business trends
Challenge:Security often gets in the way
How secure is
your environment with all these new initiatives
coming into play?
Web 2.0 Virtualization Compliance
Cloud SaaS BYODData growth
Users are Increasingly Out of Your Control
Day Extenders
Home OfficeUsers
Traveling Executives
Kiosks/Public Machine Users
Tablets & Smart Phone Users
Wireless LAN Users
VOIP Users
Business Partners/ Extranet Users
Internal Users External Users
More…DevicesSaas/Hosted AppsSocial MediaNetwork environmentsMobility
Saas, Web 2.0 Real-Time Apps
It’s not just email and calendar any more…
Mobile business use cases
SOURCE: Yankee Group, June 2012
30
Why mobile devices can be risky?
Were not protected with mobile security features1
57%
Of lost laptops contained confidential data1
46%Average value of lost laptop1
$49,246
$5.5MIT managers are looking for ways to:+ Fully protect data wherever it goes
without disrupting end users+ Save time deploying and managing
security+ Ensure they remain in compliance+ Flexible scale to ensure they meet
the requirements of different users
Data is the most important asset companies own:+ Intellectual Property+ Customer and employee data+ Competitive information
Source: 1. Poneman Institute Study
Source: 2 Symantec & Poneman Institute Study: US cost of a Data Breach, 2011
Average organizational cost of a data breach2
Every 56’’ a laptop is stolen
Personal Business
Calendar
Internet access
Social media
Calendar
Intranet file share
Intranet business apps
Increased risk of business data loss and introduction of malware
Mobile usage – blurred lines
Dell belief: there is a better way
Silos and layers add stress to your resources• Difficult to get to work together• Limited security resources
Individual job done well in silos• Solutions often don’t work
together• Solutions don’t work across
the business
Today, layers and silos get the security job done but often have gaps = business risk
Dell’s vision: Connected Security for a connected world
Connected Security is security that…• Shares and applies intelligence• Works with the business, end-to-end• Maintains flexibility and open
architecture• Enables broad contextual awareness
with dynamic control
Security to enable business
while also meeting
the needs of security
Protect information everywhere
Effective
Work with the business
Efficient
Securing & Monitoring Data and Access
KACE
DDP|E
SonicWALL
Applications Data
SecureWorks
The Dell Approach is Simple and Modular with Outside in and inside out protection, from
device to cloud.
IdentityIdentity & Access Management
Security ServicesIncident ResponseManaged Security ServicesSecurity & Risk Consulting
NetworkNext Gen Firewall
Secure Remote AccessEmail Security
DataData Security
Configuration & Patch Management
cloud
Data center
End points
Let
good
g
uys in
Keep
b
ad
g
uys
ou
tD
ell
Secu
rit
y
Serv
ices
Em
bed
ded
in
D
ell
Infr
astr
uctu
re &
Devic
es
Scalable and Mid-Market design point: endpoint to data center to cloud
Application Security
Network Security
Data & Endpoint Security
Dell SonicWALL
Email Security
Dell KACE
Configuration & Patch
Management
Dell SonicWALL
Next-Gen Firewall
Dell Data Protection Encryption
Dell SonicWALL
Mobile Connect
Dell KACE
K3000 MDM
Endpoint Network Server Storage Cloud
Dell Managed Security Services
Dell Security &
Risk Consulting
Dell Threat Intelligence
Dell Incident
Response
Dell Wyse
Cloud Client Manager
Dell One Identity
IAM
Did
you
kn
ow
DE
LL does S
ecu
rity?
Enstratius (Multi-Cloud Manager) IAM
Dell SonicWALL
Secure Remote Access (SRA)
*formerly Quest One
Better connected means better protected
Protect, Predict: Security solutions that gather, analyze, report and enable action
Embed: Security embedded natively into infrastructure
Embed, Protect, Predict, Respond: Security that is no longer siloed…Data, User, Network,, Services
Connect security to infrastructure
Connect security to information
Connect security to other security
solutions
Making Dell Connected Security tangible
• Encryption enforcement for Cloud Services
Demo: Encryption Enforcement for Cloud Services
Better connected means better protected
Dell Data Protection | Encryption
Dell Next-Generation
Firewall+
Data protection assurance…
• Ensures encryption is applied prior to the document being posted to a cloud service
• If encryption isn’t present, document cannot be posted until device is compliant with policy
• Applies company access policies to cloud service, if desired
Making Dell Connected Security tangible
• Secure Mobile Access
Demo: Secure Mobile Access
Better connected means better protected
Dell KaceDell Secure
Mobile Access
+
Demo: Secure Mobile Access
Better connected means better protected
• Quarantine systems not running the KACE agent
• Redirect users to KACE User Portal
• Allow KACE agent to bring endpoint to compliance
Demo: Secure Mobile Access
Better connected means better protected
Dell Defender
Dell Secure Mobile Access
+
Secure Mobile Access…
• Increased security using SSL VPN and 2 Factor Authentication solutions
Mobile Connect for Windows 8.1• Microsoft ships Mobile Connect VPN plugin ‘Inbox’ in Windows 8.1• Supports all versions of Windows 8.1 including Windows RT and
(Window Phone Future)• Integrated Windows user experience with management via Windows
UI, MDM solutions and PowerShell.
Dell security and business solutions are recognized in the Gartner Magic Quadrants 2011 to 2013
• Managed Security Service Providers
• Unified Threat Management
• User Administration and Provisioning
• Identity and Access Governance
• Enterprise Network Firewalls
• Secure Email Gateways
• Enterprise Backup/Recovery Software
Challengers
Niche Players Visionaries
Leaders
Security Solutions
• Mobile Data Protection
• E-Class SRA SSL VPN
Software
Snapshot Patagonia grew out of a small company that made tools for climbers. Alpinism remains at the heart of a worldwide business that still makes clothes for climbing – as well as for skiing, snowboarding, surfing, fly fishing, paddling and trail running, and employs over 1600 employees worldwide.
Challenge The company needed to update its legacy firewalls and implement a centralised management tool to make it easy to deploy and manage. Application Intelligence and Control firewall functionalities and QoS were also key requirements.
Results • Fast implementation of the Dell SonicWALL E-
Class NSA 5500, TZ series and Wireless Access Points at the EMEA HQs and remote locations
• Better bandwidth usage and management• Efficient and cost-effective distributed network
implementation• Better work-life balance thanks to secure
remote access• Dell SecureWorks for 24/7 security
monitoring/auditing• Dell Eco System: servers, storage, laptops/PCs
Out Connect The Threats
with
Dell Connected Security
© 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Digital is business