The Security Scenario 2005: The Future of Information Security

Transcription

1 The Security Scenario 2005: The Future of Information Security Notes accompany this presentation. Please select Notes Page view. These materials can be reproduced only with Gartner s official approval. Such approvals may be requested via quote.requests@gartner.com.

2 Security Continues to Be Top Priority

3 Disruptive Innovation Means the Need for InfoSecurity Is Here to Stay Mainframe Era PC LAN Client/Server Internet Wireless Web Services Hyper X, Quantum Y, Nano Z

4 Social and Technical IT Risk Drivers Converging in 2005 Bandwidth Wireless Storage Portable processing Significant Upgrades in Endpoint Technology Worker mobility Realtime access to data Apps from anywhere Increasingly sophisticated attack code Compliance requirements Growing professionalism of cybercrime

5 Risk Management approach to security Technical versus Business approaches Technical: find and remove software vulnerabilities Business: assess and then manage risks Better alignment with the business Talk their language Ensure that their goals and priorities are met Regulatory Compliance as a driver Forcing everyone to follow documented processes Treat uncertainty about requirements as opportunity Risk Management is good for business. And it is the law.

6 Attacks and Defense are Moving up Stack Deep-Packet Application Inspection Open Systems Interconnection (OSI) Model Layer 7 Layer 6 Layer 5 Layer 4 Layer 3 Application Presentation Session Transport Network Commodity Stateful Network Inspection Layer 2 Layer 1 Data Link Physical Growing importance of both Application Layer Defense and WS-Security

7 Multifaceted, Multichannel Crimes Methods Keyboard Logging Trojan Horses Hacking Phishing Pickpockets Mail Trash Insider Jobs Data User ID Password Credit Card Info. Check Acct. Info. Personal SSN, Driver's lic., DOB... Channels ATMs Web Banking Web Bill Pay New-Account Apps. Phone Banking Phone Bill Pay Physical Stores Online Stores ACH, EFT

8 IAM Defined User Identities, Transactions, Roles, Policies and Privileges Identity Management (Administration) Access Management (Real-Time Enforcement) A U D I T Identity Administration Administer Authenticate Authorize Authentication Services Enterprise Single Sign-On Password Management User Provisioning Metadirectory Business Relationship/Role Mgmt Enterprise Access Management Federated Identity Management Alarm/ Alerting Accountin g Physical Resources Applications Databases Directories Security Systems Operating Systems

9 Vulnerability Management Discover/Baseline Monitor Prioritize Shield & Mitigate Develop processes to protect IT environments against external attack and internal threats, and ensure corporate compliance with government regulations Maintain Controls & Eliminate Root Cause ISO/IEC 17799: Section 5.1 Accountability for assets Section 9.7 Monitoring system access and use Section 10.5 Security in development and support processes

10 Security Technologies You Will Need Stronger authentication Host-Based IPS: servers now 802.1x: device authentication NAC : Quarantine/Containment Gateway Spam/Antivirus Scanning Vulnerability Management Web Services Security Identity Management SSL/TSL Business Continuity Plan Will Need

11 Security Technologies You Don t Need Personal Digital Signatures Quantum Anything Passive Intrusion Detection Biometrics on the desktop Tempest Shielding/Paint Enterprise Digital Rights Management (Outside of Workgroups) 500-Page Security Policies Security Awareness Posters Complex Passwords Probably Don t Need

12 Recommendations Buy the most-secure products. Hire people you can trust. Stop counting attacks and start closing holes. Force new security investments to displace older, less-efficient security solutions. Protect your stakeholders, and they will protect your business. Embrace regulatory compliance as an opportunity, not a burden

13 The Security Scenario 2005: The Future of Information Security Notes accompany this presentation. Please select Notes Page view. These materials can be reproduced only with Gartner s official approval. Such approvals may be requested via quote.requests@gartner.com.

14 Management and Mobility Approaches Increase Endpoint Trustability Reduce likelihood of platform subversion Decrease Contact with Endpoint Reduce impact if platform subverted Hardening Verification Terminal Virtualization NAC Thin Client Web Apps Applications Desktop Corporate ASP Decrease Contact with Network Virtual physical connection between end point and Home Wireless OS Phone home without the need to use your customer s network

15 Authentication and Identity Management Growing unacceptability of plain old passwords Phishing attacks against consumers Increasing mobility of remote corporate users Regulatory & compliance drivers Audit & investigation impossible without strong auth Separation of Duties and role control for transactions E-government requires citizen electronic identity New technology needs solid infrastructure Web services (SAML, XACML) Support for multiple remote access methods Comprehensive IAM is an essential foundation

16 Additional Areas of Attention for 2005 Anti-Nuisanceware: control spyware & adware Enterprises can no longer ignore problem Products barely meeting enterprise requirements Vulnerability Management Applying risk management principals to tech prob Automate the process to scale across enterprise No vendor provides complete solution today Control Data Leakage: ubiquitous Plug and Play Connect to the Internet: data flows Connect to USB portable storage device: data flows Continued dev of tech controls: convenience/risk