Designing an Enterprise GIS Security Strategy Michael E. Young Matt Lorrain

Size: px
Start display at page:

Download "Designing an Enterprise GIS Security Strategy 2014. Michael E. Young Matt Lorrain"

Transcription

1 Designing an Enterprise GIS Security Strategy 2014 Michael E. Young Matt Lorrain

2 Agenda Introduction Trends Strategy Mechanisms Server Mobile Cloud Compliance Summary

3 Introduction What is a secure GIS?

4 Introduction What is The Answer? Risk Impact

5 Introduction Where are the vulnerabilities? *SANS Relative Vulnerabilities

6 Current Real World Scenarios & Trends

7 Trends Application Level Vulnerabilities *Kaspersky Lab Global Research and Analysis Team Kaspersky Security Bulletin 2013

8 Trends Next generation threats More security controls does not mean more security - Controls can be circumvented individually - Fast-moving attacks bypass traditional defenses New generation of attacks - High-end cybercrime and state sponsored campaigns - Human attackers: motivated, organized, and unpredictable *FireEye: A Real-World Assessment of the Defense-in-Depth Model

9 Trends Controls by Industry Frequency of incident patterns by industry drives new security control recommendations by industry Focus on the right security controls * Verizon 2014 DBIR

10 Real-world security scenarios Disaster communications modified Open source security component vulnerability affects 2/3 rd of web services Hacker closes cloud-based business overnight Large retailer breach

11 Real-world security scenarios Disaster communications modified Scenario - Organization utilize cloud based services for disseminating disaster communications - Required easy updates from home and at work - Drove allowing public access to modify service information Lessons learned - Don t allow anonymous users to modify web service content - Enforce strong governance for web publication process - Minimize or eliminate temporary modification rights of anonymous users - If web services are exposed to the Internet, just providing security through the application does not prevent accessing the services directly Lack of strong governance leads to unexpected consequences

12 Real-world security scenarios Open source security component vulnerability affects 2/3 rd of web services Scenario OpenSSL vulnerability (HeartBleed) ArcGIS Online was indirectly exposed through utilization of Amazon s Elastic Load Balancer AWS patch their ELB systems within a day of the vulnerability announcement Many ArcGIS components contain the vulnerable version, but do not utilize the vulnerable function ArcGIS Server for Linux was vulnerable Lessons learned 3 rd party / open source components are immersive across cloud and on-premises Many organizations still don t have effective patch management for these underlying components Don t rely on only 1 layer of security, as no individual layer is full-proof Esri s first cross-product vulnerability status KBA minimized confusion Utilize the new Trust.ArcGIS.com site Lack of appropriate funding slows resolution of vulnerabilities

13 Real-world security scenarios Hacker closed cloud-based business overnight Scenario Hosting provider Code Spaces victim of DoS attack, ransom request, then deletion Solution hosted within Amazon Web Services w/information redundant across regions Hacker gained access to AWS Control interface and was able to delete most data and instances With most customer data gone, and most servers gone, company was forced out of business in 1 day Lessons Learned Anything that's vulnerable to the same threats is not really an offsite backup Utilize 2-factor authentication for access to administrative interfaces Lack of strong authentication can have catastrophic consequences

14 Real-world security scenarios Large retailer breach Scenario - Theft of personal and credit data - Millions spent on malware detection & analyzing answers for extensive security questionnaires provided to service providers Lessons Learned - Customized and/or overly extensive security questionnaires waste vendor and customer dollars, while not improving security - Utilize standardized questionnaires and accreditations to assess security - ArcGIS Online has the Cloud Security Alliance answers and is FISMA Low accredited - Details available at Trust.ArcGIS.com Misapplied security focus wastes time/money & while increasing risk

15 Trends 2014 and beyond Focus shifting from network perimeter to data - Drives need for stronger authentication of who is accessing the data Mobile malware continues to grow APTs and malware diversification Unpatched systems (Windows XP end-of-life) Hacking the Internet of Things

16 Strategy

17 Strategy A better answer Identify your security needs - Assess your environment - Datasets, systems, users - Data categorization and sensitivity - Understand your industry attacker motivation Understand security options - Trust.arcgis.com - Enterprise-wide security mechanisms - Application specific options Implement security as a business enabler - Improve appropriate availability of information - Safeguards to prevent attackers, not employees

18 Strategy Enterprise GIS Security Strategy Security Risk Management Process Diagram - Microsoft

19 Strategy Evolution of Esri Products & Services Enterprise Solution Product Isolated Systems Integrated Systems Software as a Service 3 rd Party Security Embedded Security Managed Security

20 Strategy Esri Products and Solutions Secure Products - Trusted geospatial services - Individual to organizations - 3 rd party assessments ArcGIS Secure Enterprise Guidance - Trust.ArcGIS.com site - Online Help Secure Platform Management - SaaS Functions & Controls - Certifications / Accreditations

21 Strategy Security Principles CIA Security Triad Availability

22 Strategy Defense in Depth More layers does NOT guarantee more security Understand how layers/technologies integrate Simplify Balance People, Technology, and Operations Holistic approach to security Data and Assets Physical Controls Policy Controls Technical Controls

23 Mechanisms

24 Mechanisms

25 Mechanisms Authentication GIS Tier (Default) - Built-in User store - Enterprise (AD / LDAP) - ArcGIS Tokens Web, mobile, and desktop clients Web server Web Adaptor Web Tier (Add web adaptor) - Enterprise (AD / LDAP) - Any authentication supported by web server - HTTP Basic / Digest - PKI - Windows Integrated ArcGIS for Desktop users GIS Server administrators Publish Services Connect to ArcGIS Server Manager + GIS server(s) Data server

26 Mechanisms Authorization Role-Based Access Control Esri COTS - Assign access with ArcGIS Manager - Service Level Authorization across web interfaces - Services grouped in folders utilizing inheritance 3 rd Party - Web Services Conterra s Security Manager (more granular) - RDBMS Row Level or Feature Class Level - Versioning with Row Level degrades RDBM performance - Alternative - SDE Views URL Based authorization - IIS 7.0 and above - Authorization based on the URL itself

27 Mechanisms Filters 3 rd Party Options Firewalls Reverse Proxy Web Application Firewall - Open Source option ModSecurity Anti-Virus Software Intrusion Detection / Prevention Systems Limit applications able to access geodatabase

28 Mechanisms Filters - Web Application Firewall (WAF) Implemented in DMZ WAF, SSL Accel Load Balancer 443 Firewall Internet Network Load Balancing Protection from web-based attacks Port: 80 IIS/Java Web Server Port: 80 IIS/Java Web Server Monitors all incoming traffic at the application layer Web Apps Web Adaptor Web Server A Web Adaptor Web Apps Web Server B Firewall Can be part of a security gateway - SSL Certificates ArcGIS Site - Load Balancer

29 Mechanisms Encryption 3 rd Party Options Network - IPSec (VPN, Internal Systems) - SSL (Internal and External System) - Cloud Encryption Gateways - Only encrypted datasets sent to cloud File Based - Operating System BitLocker - GeoSpatially enabled PDF s combined with Certificates - Hardware (Disk) RDBMS - Transparent Data Encryption - Low Cost Portable Solution - SQL Express 2012 w/tde

30 Mechanisms Logging/Auditing Esri COTS - Geodatabase history - May be utilized for tracking changes - ArcGIS Workflow Manager - Track Feature based activities - ArcGIS Server 10+ Logging - User tag tracks user requests 3 rd Party - Web Server, RDBMS, OS, Firewall - Consolidate with a SIEM 3 rd party geospatial service monitors - Esri System Monitor - Vestra GeoSystems Monitor - Geocortex Optimizer

31 ArcGIS Server

32 ArcGIS Server Enterprise Deployment WAF, SSL Accel Load Balancer Network Load Balancing 443 Firewall Internet Port: 443 Port: 80 Port: 80 IIS/Java Web Server IIS/Java Web Server IIS/Java Web Server ADFS Proxy Web Apps Web Adaptor Web Adaptor Web Apps Auth Web Server Web Server A Web Server B Firewall Supporting Infrastructure ArcGIS Site ADFS / SAML 2.0 Port: 6080 Web Adaptor Round-Robin Port: 6080 AD/ LDAP SQL ArcGIS for Server GIS Services GIS Server A Server Request Load Balancing GIS Services ArcGIS for Server GIS Server B Clustered HA NAS Config Store HA DB1 HA DB2 Directories FGDB

33 ArcGIS Server Minimize Attack Surface Don t expose Server Manager to public Attack surface over time Disable Services Directory Disable Service Query Operation (as feasible) Enable Web Service Request Filtering - Windows 2008 R2+ Request Filtering - XML Security Gateway - Does not intercept POST requests - REST API only requires GET and HEAD verbs - Exception Utilize POST for token requests Attack surface Time Limit utilization of commercial databases under website - File GeoDatabase can be a useful intermediary Require authentication to services

34 ArcGIS Server 10.2 Enhancements Single-Sign-On (SSO) for Windows Integrated Authentication - Works across ArcGIS for Server, Portal, and Desktop Stronger PKI validation - Leverage multi-factor authentication when accessing applications, computers, and devices - Web adaptor deployed to web server forwards to AGS the request and username Integrated account management and publishing capabilities - Across ArcGIS for Server and Portal in a federated configuration Key SQL Injection vulnerabilities addressed - Changes made in 10.2 may affect some advanced users that were using database-specific SQL statements in their custom applications Add support for - Active Directory nested groups & domain forests - Configuring Private and Public services within the same ArcGIS Server site

35 ArcGIS Server Single ArcGIS Server machine Desktop, Web, and Mobile Clients Desktop, Web, and Mobile Clients 80/443 Reverse Proxy Server 6080/ /6443 Site Administrators Connect to Manager GIS server, Data, Server directories, Configuration Store Site Administrators Connect to Manager GIS server, Data, Server directories, Configuration Store Front-ending GIS Server with Reverse Proxy or Web Adapter

36 ArcGIS Server ArcGIS Server HA - Sites independent of each other Desktop, Web, and Mobile Clients Active-active configuration is shown - Active-passive is also an option Separate configuration stores and management Network Load Balancer (NLB) - Scripts can be used to synchronize Cached map service for better performance Web Adaptors (optional) Load balancer to distribute load Site Administrators Connect to Manager ArcGIS Server site ArcGIS Server site Site Administrators Connect to Manager Server directories, Configuration Store (duplicated between sites)

37 ArcGIS Server ArcGIS Server HA Shared configuration store Desktop, Web, and Mobile Clients Shared configuration store Network Load Balancer (NLB) Web Adaptor will correct if server fails Web Adaptors Config change could affect whole site - Example: publishing a service GIS servers Site Administrators Connect to Manager Test configuration changes Data server, Data (enterprise geodatabase), Server directories, Configuration Store

38 ArcGIS Server ArcGIS Server HA Clusters of Dedicated Services Desktop, Web, and Mobile Clients Shared configuration store Network Load Balancer (NLB) Server clusters - Perform same set of functions Web Adaptors (optional) GIS servers Example - Cluster A handles geoprocessing services - Cluster B handles less intensive services Site Administrators Connect to Manager Cluster A Data server, Data (enterprise geodatabase), Server directories, Configuration Store Cluster B

39 Mobile

40 Mobile What are the mobile concerns? *OWASP 2013 Top Ten Mobile:

41 Mobile Security Touch Points Server authentication Communication Device access SDE permissions Storage Service authorization Project access Data access

42 Mobile Authenticating to ArcGIS Services GIS Tier Auth - ArcGIS Tokens - Pass credentials through UserCredentials / AGSCredential object - Hardcode long-term token into layout XML (Ideally avoid) Web Tier Auth HTTP Basic/Digest - Pass credentials through UserCredentials object - PKI Support Android OS version dependent - Not available on Windows phone yet SSL Support - Certificates issued by trusted cert authority - Self-signed certificates (Dev environment)

43 Mobile Enterprise Mobile Security Top 5 Best Practices Mobile Device Management - Enterprise device solutions (InTune, AirWatch, Good, MaaS360) - Benefits: Secure , browser, remote wipe, app distribution Anti-malware software Secure communications - Use encryption or VPN Strong authentication - Password at minimum - Future: two-factor authentication Control 3 rd Party Software

44 Cloud

45 Cloud Service Models Non-Cloud - Traditional systems infrastructure deployment - Portal for ArcGIS & ArcGIS Server IaaS - Portal for ArcGIS & ArcGIS Server - Some Citrix / Desktop SaaS - ArcGIS Online - Business Analyst Online Customer Responsible End to End Decreasing Customer Responsibility Customer Responsible For Application Settings

46 Cloud Deployment Models Online Online Intranet Intranet Intranet Server Portal Server Public Hybrid 1 On- Premises Online Server Server Server Read-only Basemaps Intranet Intranet Portal Server Cloud Hybrid 2 On-Premises + On-premise

47 Cloud Management Models Self-Managed - Your responsibility for managing IaaS deployment security - Security measures discussed later Provider Managed - Esri Managed Services (Standard Offering) - New Esri Managed Cloud Services (ECMS) option - FedRAMP Moderate environment established - Accreditation expected end of year

48 Cloud EMCS Accredited Offering Customer Instances ArcGIS for Server Portal for ArcGIS ArcGIS Online Customer Databases End Users Security Infrastructure Centralized Authentication (2-factor) Key Management Network Address Translation Virtual Private Cloud (Segmentation) Redundancy (multiple data centers) IDS/SIEM Logging Esri Cloud GIS Administrator ArcGIS Online front-end (Low) Managed Services back-end (Mod)

49 Cloud Real Permutations Public Business Partner 1 Private IaaS Internal Portal Internal AGS Filtered Content External AGS ArcGIS Online Business Partner 2 Database File Geodatabase Public IaaS Field Worker Enterprise Business

50 Cloud Hybrid ArcGIS Online Users 4. Access Service Group TeamGreen 1. Register Services AGOL Org On-Premises ArcGIS Server Hosted Services, Content Public Dataset Storage ArcGIS Org Accounts External Accounts 2. Enterprise Login (SAML 2.0) User Repository AD / LDAP Segment sensitive data internally and public data in cloud

51 Cloud Hybrid Data sources Where are internal and cloud datasets combined? - At the browser - The browser makes separate requests for information to multiple sources and does a mash-up - Token security with SSL or even a VPN connection could be used between the device browser and on-premises system On-Premises Operational Layer Service Cloud Basemap Service ArcGIS Online Browser Combines Layers

52 Cloud On-premises Why? - Additional security demands - Federated account management needs between ArcGIS Server and Portal - Registered services (managed and secured via Server) - Federated services (managed via Server, secured via Portal) - Hosted services (managed and secured via Portal) Requires - Infrastructure - Portal & System Administration

53 Cloud Data Locations On-premises Cloud Provider ArcGIS Online ArcGIS Server ArcGIS Server Feature Services Typically utilized for sensitive data & services Commonly utilized to reduce management costs Commonly utilized for mildly sensitive information and public data/services

54 Cloud ArcGIS Online Standards Enterprise Logins - SAML Provides federated identity management - Integrate with your enterprise LDAP / AD New API s to Manage users & app logins - Developers can utilize OAuth 2-based API s -

55 Cloud ArcGIS Online - Settings Organization administrator options - Require SSL encryption - Allow anonymous access to org site Consume Token secured ArcGIS Server services - 10 SP1 and later - User name and password prompts upon adding the service to a map, and viewing Transparency - Trust.ArcGIS.com

56 Cloud IaaS Common ArcGIS IaaS Deployments - ArcGIS Server Windows AMI to AWS - ArcGIS Server via Cloud Builder to AWS ArcGIS AWS Security Best Practices - 8 main areas - 5 minute minimum

57 Cloud IaaS AWS 8 Security Areas to Address - Virtual Private Cloud (VPC) - Identity & Access Management (IAM) - Administrator gateway instance(s) (Bastion) - Reduce attack surface (Hardening) - Security Information Event Management (SIEM) - Patch management (SCCM) - Centralized authentication/authorization - Web application firewall (WAF)

58 Cloud IaaS - AWS Question - Of the 8 security areas on previous slide, how many are handled by AWS for you? Answer - 2 areas, VPC and IAM Question Part 2 - What is *the* key security mechanism to mitigate against someone gaining unauthorized access to your AWS console? Answer - 2-factor authentication

59 Cloud IaaS AWS 5 minute minimum Minimize RDP surface - Update OS patches - Many AMI s disable automatic updates - Enable NLA for RDP - Set AWS Firewall to Limit RDP access to specific IP s - Use strong passwords, account lockout policies Minimize Application Surface - Disable ArcGIS Services Discovery - Don t expose ArcGIS Manager web app to Internet Enable 2-factor Authentication to your AWS console - The AWS console is a one-stop shop for access to all your instances in the cloud These steps can be completed within 5 minutes Do them!

60 Compliance

61 Compliance Products and Services ArcGIS Online - FISMA Low Accredited Authority To Operate (ATO) by USDA - FedRAMP Moderate in future (2015) Managed Services: Esri Managed Cloud Services (EMCS) - FedRAMP Moderate in process (2014) ArcGIS Desktop - FDCC (versions ) - USGCB (versions 10.1+)

62 Compliance Corporate Operations ISO Esri s Corporate Security Charter Privacy Assurance - US EU/Swiss SafeHarbor self-certified - TRUSTed cloud certified SSAE 16 Type 1 Previously SAS 70 - Esri Data Center Operations - Expanded to Managed Services in 2012

63 Compliance Solution Level Geospatial Deployment Patterns to meet stringent security standards - Hybrid deployments - On-premise deployments Supplemented with 3 rd party security components Upcoming best practice alignment guidance - CJIS Law Enforcement - HIPAA Healthcare - STIGs Defense

64 Compliance Cloud Infrastructure Providers ArcGIS Online Utilizes World-Class Cloud Infrastructure Providers - Microsoft Azure - Amazon Web Services Cloud Infrastructure Security Compliance SSAE16 SOC1 Type2 Moderate

65 Compliance ArcGIS Online Assurance Layers Customer Web App Consumption ArcGIS Management Esri Web Server & DB software AGOL SaaS FISMA Low (USDA) SafeHarbor (TRUSTe) Operating system Instance Security Management Cloud Provider ISO SSAE16 FedRAMP Mod Cloud Providers Hypervisor Physical

66 Compliance Accreditation Roadmap 2014Q Complete ArcGIS Online FISMA Low Esri Managed Cloud Services (EMCS) FedRAMP Mod ArcGIS Online FedRAMP Mod

67 Summary

68 Summary Security is a Core Component of the ArcGIS Trusted Geospatial Platform Expanding ArcGIS Capabilities Standardized Assurance Operational Excellence... Enables sharing the right information, with the right resources, at the right time

69 Summary Security is NOT about just a technology - Understand your organizations GIS risk level - Prioritize efforts accord to your industry and needs - Don t just add components, simplified Defense In Depth approach Secure Best Practice Guidance is Available - Check out the ArcGIS Trust Site! - ArcGIS Security Architecture Workshop - SecureSoftwareServices@esri.com

70

ArcGIS and Enterprise Security

ArcGIS and Enterprise Security ArcGIS and Enterprise Security Leveraging ArcGIS in Cybersecurity Ken Stoni Secure Enterprise ArcGIS Best Practices Michael Young Visualizing the Virtual: A geospatial approach to cyber operations and

More information

Designing an Enterprise GIS Security Strategy

Designing an Enterprise GIS Security Strategy Esri International User Conference San Diego, California Technical Workshops July 26, 2012 Designing an Enterprise GIS Security Strategy Michael E Young Agenda Introduction Strategy Trends Mechanisms ArcGIS

More information

ArcGIS Cloud Security Roadmap & Best Practices for Federal Agencies. Michael E. Young

ArcGIS Cloud Security Roadmap & Best Practices for Federal Agencies. Michael E. Young ArcGIS Cloud Security Roadmap & Best Practices for Federal Agencies Michael E. Young Agenda Introduction ArcGIS Cloud Capabilities ArcGIS Online (SaaS) Security ArcGIS Cloud Providers ArcGIS IaaS Security

More information

Esri Managed Cloud Services and FedRAMP

Esri Managed Cloud Services and FedRAMP Federal GIS Conference February 9 10, 2015 Washington, DC Esri Managed Cloud Services and FedRAMP Erin Ross & Michael Young Agenda Esri Managed Services Program Overview Example Deployments New FedRAMP

More information

Agenda. How to configure

Agenda. How to configure dlaw@esri.com Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context of ArcGIS Server/Portal for ArcGIS Access Authentication Authorization: securing web services

More information

ArcGIS Security Authorization Advancements

ArcGIS Security Authorization Advancements Federal GIS Conference February 9 10, 2015 Washington, DC ArcGIS Security Authorization Advancements Michael Young & Erin Ross Overview Authorization Past & Present Products - ArcGIS Server - ArcGIS Desktop

More information

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP solution brief PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP AWS AND PCI DSS COMPLIANCE To ensure an end-to-end secure computing environment, Amazon Web Services (AWS) employs a shared security responsibility

More information

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP SOLUTION BRIEF PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP The benefits of cloud computing are clear and compelling: no upfront investment, low ongoing costs, flexible capacity and fast application

More information

Deploying ArcGIS for Server Using Managed Services

Deploying ArcGIS for Server Using Managed Services Deploying ArcGIS for Server Using Managed Services Andrew Sakowicz Erin Ross Sridhar Karra Agenda Introduction Program Overview - Overview - Methodology - Tools Customer Deployments - Architecture and

More information

Application Security Best Practices. Matt Tavis Principal Solutions Architect

Application Security Best Practices. Matt Tavis Principal Solutions Architect Application Security Best Practices Matt Tavis Principal Solutions Architect Application Security Best Practices is a Complex topic! Design scalable and fault tolerant applications See Architecting for

More information

Enterprise GIS Architecture Deployment Options. Andrew Sakowicz

Enterprise GIS Architecture Deployment Options. Andrew Sakowicz Enterprise GIS Architecture Deployment Options Andrew Sakowicz Audience Audience - Architects - Developers - Administrators - Project Managers Level: - Beginner / Intermediate Introduction Andrew Sakowicz

More information

Portal for ArcGIS. Satish Sankaran Robert Kircher

Portal for ArcGIS. Satish Sankaran Robert Kircher Portal for ArcGIS Satish Sankaran Robert Kircher ArcGIS A Complete GIS Data Management Planning & Analysis Field Mobility Operational Awareness Constituent Engagement End to End Integration Collect, Organize,

More information

How To Use Arcgis For Free On A Gdb 2.2.2 (For A Gis Server) For A Small Business

How To Use Arcgis For Free On A Gdb 2.2.2 (For A Gis Server) For A Small Business Esri Middle East and Africa User Conference December 10 12 Abu Dhabi, UAE Understanding ArcGIS in Virtualization and Cloud Environments Marwa Mabrouk Powerful GIS capabilities Delivered as Web services

More information

Security Best Practices for Microsoft Azure Applications

Security Best Practices for Microsoft Azure Applications Security Best Practices for Microsoft Azure Applications Varun Sharma Principal Security Engineer, Information Security & Risk Management (ISRM), Microsoft IT Service Lines Application Security Infrastructure

More information

Vendor Questionnaire

Vendor Questionnaire Instructions: This questionnaire was developed to assess the vendor s information security practices and standards. Please complete this form as completely as possible, answering yes or no, and explaining

More information

Cloud Security Through Threat Modeling. Robert M. Zigweid Director of Services for IOActive

Cloud Security Through Threat Modeling. Robert M. Zigweid Director of Services for IOActive Cloud Security Through Threat Modeling Robert M. Zigweid Director of Services for IOActive 1 Key Points Introduction Threat Model Primer Assessing Threats Mitigating Threats Sample Threat Model Exercise

More information

Deploying ArcGIS for Server Using Esri Managed Services

Deploying ArcGIS for Server Using Esri Managed Services Federal GIS Conference 2014 February 10 11, 2014 Washington DC Deploying ArcGIS for Server Using Esri Managed Services Andrew Sakowicz Erin Ross Cloud Overview Deploying ArcGIS for Server What is Cloud:

More information

Securing ArcGIS Server Services: First Steps

Securing ArcGIS Server Services: First Steps Federal GIS Conference February 9 10, 2015 Washington, DC Securing ArcGIS Server Services: First Steps Michael Sarhan Esri msarhan@esri.com Agenda Review Basic Security Workflow ArcGIS Server Roles and

More information

Using ArcGIS for Server in the Amazon Cloud

Using ArcGIS for Server in the Amazon Cloud Federal GIS Conference February 9 10, 2015 Washington, DC Using ArcGIS for Server in the Amazon Cloud Bonnie Stayer, Esri Amy Ramsdell, Blue Raster Session Outline AWS Overview ArcGIS in AWS Cloud Builder

More information

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V2.0, JULY 2015 Multiple Layers of Protection Overview Password Salted-Hash Thank you

More information

Security Overview Enterprise-Class Secure Mobile File Sharing

Security Overview Enterprise-Class Secure Mobile File Sharing Security Overview Enterprise-Class Secure Mobile File Sharing Accellion, Inc. 1 Overview 3 End to End Security 4 File Sharing Security Features 5 Storage 7 Encryption 8 Audit Trail 9 Accellion Public Cloud

More information

Integrating Single Sign-on Across the Cloud By David Strom

Integrating Single Sign-on Across the Cloud By David Strom Integrating Single Sign-on Across the Cloud By David Strom TABLE OF CONTENTS Introduction 1 Access Control: Web and SSO Gateways 2 Web Gateway Key Features 2 SSO Key Features 3 Conclusion 5 Author Bio

More information

With Eversync s cloud data tiering, the customer can tier data protection as follows:

With Eversync s cloud data tiering, the customer can tier data protection as follows: APPLICATION NOTE: CLOUD DATA TIERING Eversync has developed a hybrid model for cloud-based data protection in which all of the elements of data protection are tiered between an on-premise appliance (software

More information

SMS. Cloud Computing. Systems Management Specialists. Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales

SMS. Cloud Computing. Systems Management Specialists. Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales SMS Systems Management Specialists Cloud Computing Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales Cloud Computing The SMS Model: Cloud computing is a model for enabling ubiquitous, convenient,

More information

Portal for ArcGIS: An Introduction

Portal for ArcGIS: An Introduction 2013 Esri Mid-Atlantic User Conference December 10-11 Baltimore, MD Portal for ArcGIS: An Introduction Derek Law Esri, Redlands Agenda Web GIS Deployment patterns Portal for ArcGIS overview Security Integration

More information

Simone Brunozzi, AWS Technology Evangelist, APAC. Fortress in the Cloud

Simone Brunozzi, AWS Technology Evangelist, APAC. Fortress in the Cloud Simone Brunozzi, AWS Technology Evangelist, APAC Fortress in the Cloud AWS Cloud Security Model Overview Certifications & Accreditations Sarbanes-Oxley (SOX) compliance ISO 27001 Certification PCI DSS

More information

Portal. from the trenches!

Portal. from the trenches! from the trenches! Deployment Patterns Scaling and High Availability Reference Implementations Common Challenges Extending Engagement patterns Esri UC 2014 Technical Workshop for ArcGIS Technology Transfer

More information

FileCloud Security FAQ

FileCloud Security FAQ is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file

More information

ArcGIS for Server Deployment Scenarios An ArcGIS Server s architecture tour

ArcGIS for Server Deployment Scenarios An ArcGIS Server s architecture tour ArcGIS for Server Deployment Scenarios An Arc s architecture tour Ismael Chivite Product Manager at Esri Concepts Single Machine Configurations Basic Basic with Proxy Fail-Over Load Balanced or Siloed

More information

Best Practices for Security and Compliance with Amazon Web Services. A Trend Micro White Paper I April 2013

Best Practices for Security and Compliance with Amazon Web Services. A Trend Micro White Paper I April 2013 Best Practices for Security and Compliance with Amazon Web Services A Trend Micro White Paper I April 2013 Contents Executive Summary...2 Defining Cloud Computing...2 SERVICE MODELS...3 DEPLOYMENT MODELS...5

More information

Introduction to the EIS Guide

Introduction to the EIS Guide Introduction to the EIS Guide The AirWatch Enterprise Integration Service (EIS) provides organizations the ability to securely integrate with back-end enterprise systems from either the AirWatch SaaS environment

More information

BMC s Security Strategy for ITSM in the SaaS Environment

BMC s Security Strategy for ITSM in the SaaS Environment BMC s Security Strategy for ITSM in the SaaS Environment TABLE OF CONTENTS Introduction... 3 Data Security... 4 Secure Backup... 6 Administrative Access... 6 Patching Processes... 6 Security Certifications...

More information

Building Energy Security Framework

Building Energy Security Framework Building Energy Security Framework Philosophy, Design, and Implementation Building Energy manages multiple subsets of customer data. Customers have strict requirements for regulatory compliance, privacy

More information

SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG)

SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG) SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG) A RSACCESS WHITE PAPER 1 Microsoft Forefront Unified Access Gateway Overview 2 Safe-T RSAccess Secure Front-end Overview

More information

FINAL DoIT 04.01.2013- v.8 APPLICATION SECURITY PROCEDURE

FINAL DoIT 04.01.2013- v.8 APPLICATION SECURITY PROCEDURE Purpose: This procedure identifies what is required to ensure the development of a secure application. Procedure: The five basic areas covered by this document include: Standards for Privacy and Security

More information

AWS Security. Security is Job Zero! CJ Moses Deputy Chief Information Security Officer. AWS Gov Cloud Summit II

AWS Security. Security is Job Zero! CJ Moses Deputy Chief Information Security Officer. AWS Gov Cloud Summit II AWS Security CJ Moses Deputy Chief Information Security Officer Security is Job Zero! Overview Security Resources Certifications Physical Security Network security Geo-diversity and Fault Tolerance GovCloud

More information

ArcGIS for Server in the Amazon Cloud. Michele Lundeen Esri

ArcGIS for Server in the Amazon Cloud. Michele Lundeen Esri ArcGIS for Server in the Amazon Cloud Michele Lundeen Esri What we will cover ArcGIS for Server in the Amazon Cloud Why How Extras Why do you need ArcGIS Server? Some examples Publish - Dynamic Map Services

More information

Managing Your Microsoft Windows Server Fleet with AWS Directory Service. May 2015

Managing Your Microsoft Windows Server Fleet with AWS Directory Service. May 2015 Managing Your Microsoft Windows Server Fleet with AWS Directory Service May 2015 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational

More information

THE BLUENOSE SECURITY FRAMEWORK

THE BLUENOSE SECURITY FRAMEWORK THE BLUENOSE SECURITY FRAMEWORK Bluenose Analytics, Inc. All rights reserved TABLE OF CONTENTS Bluenose Analytics, Inc. Security Whitepaper ISO 27001/27002 / 1 The Four Pillars of Our Security Program

More information

Secure Cloud Computing

Secure Cloud Computing Secure Cloud Computing Agenda Current Security Threat Landscape Over View: Cloud Security Overall Objective of Cloud Security Cloud Security Challenges/Concerns Cloud Security Requirements Strategy for

More information

Table of Contents. FME Cloud Architecture Overview. Secure Operations. Application Security. Shared Responsibility.

Table of Contents. FME Cloud Architecture Overview. Secure Operations. Application Security. Shared Responsibility. FME Cloud Security Table of Contents FME Cloud Architecture Overview Secure Operations I. Backup II. Data Governance and Privacy III. Destruction of Data IV. Incident Reporting V. Development VI. Customer

More information

Securing access to Citrix applications using Citrix Secure Gateway and SafeWord. PremierAccess. App Note. December 2001

Securing access to Citrix applications using Citrix Secure Gateway and SafeWord. PremierAccess. App Note. December 2001 Securing access to Citrix applications using Citrix Secure Gateway and SafeWord PremierAccess App Note December 2001 DISCLAIMER: This White Paper contains Secure Computing Corporation product performance

More information

Flexible Identity Federation

Flexible Identity Federation Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services

More information

Move over, TMG! Replacing TMG with Sophos UTM

Move over, TMG! Replacing TMG with Sophos UTM Move over, TMG! Replacing TMG with Sophos UTM Christoph Litzbach, Pre-Sales Engineer NSG 39 Key Features of TMG HTTP Antivirus/spyware URL Filtering HTTPS forward inspection Web Caching Role based access

More information

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014 Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security

More information

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing

More information

Securing the Microsoft Platform on Amazon Web Services

Securing the Microsoft Platform on Amazon Web Services Securing the Microsoft Platform on Amazon Web Services Tom Stickle August 2012 (Please consult http://aws.amazon.com/whitepapers/ for the latest version of this paper) Page 1 of 22 Abstract Deploying Microsoft

More information

Security Whitepaper. NetTec NSI Philosophy. Best Practices

Security Whitepaper. NetTec NSI Philosophy. Best Practices Security Whitepaper NetTec NSI provides a leading SaaS-based managed services platform that to efficiently backup, monitor, and troubleshoot desktops, servers and other endpoints for businesses. Our comprehensive

More information

Take Control of Identities & Data Loss. Vipul Kumra

Take Control of Identities & Data Loss. Vipul Kumra Take Control of Identities & Data Loss Vipul Kumra Security Risks - Results Whom you should fear the most when it comes to securing your environment? 4. 3. 2. 1. Hackers / script kiddies Insiders Ex-employees

More information

White Paper How Noah Mobile uses Microsoft Azure Core Services

White Paper How Noah Mobile uses Microsoft Azure Core Services NoahMobile Documentation White Paper How Noah Mobile uses Microsoft Azure Core Services The Noah Mobile Cloud service is built for the Microsoft Azure platform. The solutions that are part of the Noah

More information

KEMP LoadMaster. Enabling Hybrid Cloud Solutions in Microsoft Azure

KEMP LoadMaster. Enabling Hybrid Cloud Solutions in Microsoft Azure KEMP LoadMaster Enabling Hybrid Cloud Solutions in Microsoft Azure Introduction An increasing number of organizations are moving from traditional on-premises datacenter architecture to a public cloud platform

More information

Interact Intranet Version 7. Technical Requirements. August 2014. 2014 Interact

Interact Intranet Version 7. Technical Requirements. August 2014. 2014 Interact Interact Intranet Version 7 Technical Requirements August 2014 2014 Interact Definitions... 3 Licenses... 3 On-Premise... 3 Cloud... 3 Pulic Cloud... 3 Private Cloud... 3 Perpetual... 3 Self-Hosted...

More information

PCI DSS 3.0 Compliance

PCI DSS 3.0 Compliance A Trend Micro White Paper April 2014 PCI DSS 3.0 Compliance How Trend Micro Cloud and Data Center Security Solutions Can Help INTRODUCTION Merchants and service providers that process credit card payments

More information

The Education Fellowship Finance Centralisation IT Security Strategy

The Education Fellowship Finance Centralisation IT Security Strategy The Education Fellowship Finance Centralisation IT Security Strategy Introduction This strategy outlines the security systems in place to optimise, manage and protect The Education Fellowship data and

More information

University of Pittsburgh Security Assessment Questionnaire (v1.5)

University of Pittsburgh Security Assessment Questionnaire (v1.5) Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.5) Directions and Instructions for completing this assessment The answers provided

More information

PROVIDING SINGLE SIGN-ON TO AMAZON EC2 APPLICATIONS FROM AN ON-PREMISES WINDOWS DOMAIN

PROVIDING SINGLE SIGN-ON TO AMAZON EC2 APPLICATIONS FROM AN ON-PREMISES WINDOWS DOMAIN PROVIDING SINGLE SIGN-ON TO AMAZON EC2 APPLICATIONS FROM AN ON-PREMISES WINDOWS DOMAIN CONNECTING TO THE CLOUD DAVID CHAPPELL DECEMBER 2009 SPONSORED BY AMAZON AND MICROSOFT CORPORATION CONTENTS The Challenge:

More information

APIs The Next Hacker Target Or a Business and Security Opportunity?

APIs The Next Hacker Target Or a Business and Security Opportunity? APIs The Next Hacker Target Or a Business and Security Opportunity? SESSION ID: SEC-T07 Tim Mather VP, CISO Cadence Design Systems @mather_tim Why Should You Care About APIs? Amazon Web Services EC2 alone

More information

Cloud Security:Threats & Mitgations

Cloud Security:Threats & Mitgations Cloud Security:Threats & Mitgations Vineet Mago Naresh Khalasi Vayana 1 What are we gonna talk about? What we need to know to get started Its your responsibility Threats and Remediations: Hacker v/s Developer

More information

BAE Systems PCI Essentail. PCI Requirements Coverage Summary Table

BAE Systems PCI Essentail. PCI Requirements Coverage Summary Table BAE Systems PCI Essentail PCI Requirements Coverage Summary Table Introduction BAE Systems PCI Essential solution can help your company significantly reduce the costs and complexity of meeting PCI compliance

More information

Microsoft Azure. Microsoft Azure Security, Privacy, & Compliance

Microsoft Azure. Microsoft Azure Security, Privacy, & Compliance Security, Privacy, & Compliance Technology trends: driving cloud adoption BENEFITS Speed Scale Economics Cloud Trend: 70% 2 weeks to deliver new services vs. 6-12 months with traditional solution Scale

More information

2013 AWS Worldwide Public Sector Summit Washington, D.C.

2013 AWS Worldwide Public Sector Summit Washington, D.C. Washington, D.C. Next Generation Privileged Identity Management Control and Audit Privileged Access Across Hybrid Cloud Environments Ken Ammon, Chief Strategy Officer Who We Are Security software company

More information

Deploy Remote Desktop Gateway on the AWS Cloud

Deploy Remote Desktop Gateway on the AWS Cloud Deploy Remote Desktop Gateway on the AWS Cloud Mike Pfeiffer April 2014 Last updated: May 2015 (revisions) Table of Contents Abstract... 3 Before You Get Started... 3 Three Ways to Use this Guide... 4

More information

Where every interaction matters.

Where every interaction matters. Where every interaction matters. Peer 1 Vigilant Web Application Firewall Powered by Alert Logic The Open Web Application Security Project (OWASP) Top Ten Web Security Risks and Countermeasures White Paper

More information

ArcGIS 10.3 Server on Amazon Web Services

ArcGIS 10.3 Server on Amazon Web Services ArcGIS 10.3 Server on Amazon Web Services Copyright 1995-2015 Esri. All rights reserved. Table of Contents Introduction What is ArcGIS Server on Amazon Web Services?............................... 5 Quick

More information

Locking down a Hitachi ID Suite server

Locking down a Hitachi ID Suite server Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime

More information

ArcGIS Server Security Threats & Best Practices 2014. David Cordes Michael Young

ArcGIS Server Security Threats & Best Practices 2014. David Cordes Michael Young ArcGIS Server Security Threats & Best Practices 2014 David Cordes Michael Young Agenda Introduction Threats Best practice - ArcGIS Server settings - Infrastructure settings - Processes Summary Introduction

More information

PortWise Access Management Suite

PortWise Access Management Suite Create secure virtual access for your employees, partners and customers from any location and any device. With todays global and homogenous economy, the accuracy and responsiveness of an organization s

More information

twilio cloud communications SECURITY ARCHITECTURE

twilio cloud communications SECURITY ARCHITECTURE twilio cloud communications SECURITY ARCHITECTURE July 2014 twilio.com Security is a lingering concern for many businesses that want to take advantage of the flexibility and ease of cloud services. Businesses

More information

319 MANAGED HOSTING TECHNICAL DETAILS

319 MANAGED HOSTING TECHNICAL DETAILS 319 MANAGED HOSTING TECHNICAL DETAILS 319 NetWorks www.319networks.com Table of Contents Architecture... 4 319 Platform... 5 319 Applications... 5 319 Network Stack... 5 319 Cloud Hosting Technical Details...

More information

Security Practices, Architecture and Technologies

Security Practices, Architecture and Technologies Security Practices, Architecture and Technologies CONTACT: 36 S. Wall Street Columbus, OH 43215 1-800-VAB-0300 www.viewabill.com 1 CONTENTS End-to-End Security Processes and Technologies... 3 Secure Architecture...

More information

Centrify Cloud Connector Deployment Guide

Centrify Cloud Connector Deployment Guide C E N T R I F Y D E P L O Y M E N T G U I D E Centrify Cloud Connector Deployment Guide Abstract Centrify provides mobile device management and single sign-on services that you can trust and count on as

More information

PCI Requirements Coverage Summary Table

PCI Requirements Coverage Summary Table StillSecure PCI Complete Managed PCI Compliance Solution PCI Requirements Coverage Summary Table January 2013 Table of Contents Introduction... 2 Coverage assumptions for PCI Complete deployments... 2

More information

RemoteApp Publishing on AWS

RemoteApp Publishing on AWS RemoteApp Publishing on AWS WWW.CORPINFO.COM Kevin Epstein & Stephen Garden Santa Monica, California November 2014 TABLE OF CONTENTS TABLE OF CONTENTS... 2 ABSTRACT... 3 INTRODUCTION... 3 WHAT WE LL COVER...

More information

THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS

THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS INCONVENIENT STATISTICS 70% of ALL threats are at the Web application layer. Gartner 73% of organizations have been hacked in the past two

More information

Course 20533: Implementing Microsoft Azure Infrastructure Solutions

Course 20533: Implementing Microsoft Azure Infrastructure Solutions Course 20533: Implementing Microsoft Azure Infrastructure Solutions Overview About this course This course is aimed at experienced IT Professionals who currently administer their on-premises infrastructure.

More information

Xerox Mobile Print Cloud

Xerox Mobile Print Cloud September 2012 702P00860 Xerox Mobile Print Cloud Information Assurance Disclosure 2012 Xerox Corporation. All rights reserved. Xerox and Xerox and Design are trademarks of Xerox Corporation in the United

More information

Understanding ArcGIS Deployments in Public and Private Cloud. Marwa Mabrouk

Understanding ArcGIS Deployments in Public and Private Cloud. Marwa Mabrouk Understanding ArcGIS Deployments in Public and Private Cloud Marwa Mabrouk Agenda Back to Basics What are people doing? New Features Using ArcGIS in the Cloud - Private Cloud - Public Cloud Technical Demos

More information

Identity Federation: Bridging the Identity Gap. Michael Koyfman, Senior Global Security Solutions Architect

Identity Federation: Bridging the Identity Gap. Michael Koyfman, Senior Global Security Solutions Architect Identity Federation: Bridging the Identity Gap Michael Koyfman, Senior Global Security Solutions Architect The Need for Federation 5 key patterns that drive Federation evolution - Mary E. Ruddy, Gartner

More information

Implementing Microsoft Azure Infrastructure Solutions

Implementing Microsoft Azure Infrastructure Solutions Course Code: M20533 Vendor: Microsoft Course Overview Duration: 5 RRP: 2,025 Implementing Microsoft Azure Infrastructure Solutions Overview This course is aimed at experienced IT Professionals who currently

More information

MIGRATIONWIZ SECURITY OVERVIEW

MIGRATIONWIZ SECURITY OVERVIEW MIGRATIONWIZ SECURITY OVERVIEW Table of Contents Introduction... 2 Shared Security Approach... 2 Customer Best Practices... 2 Application Security... 4 Database Level Security... 4 Network Security...

More information

The Cloud App Visibility Blindspot

The Cloud App Visibility Blindspot The Cloud App Visibility Blindspot Understanding the Risks of Sanctioned and Unsanctioned Cloud Apps and How to Take Back Control Introduction Today, enterprise assets are more at risk than ever before

More information

Protecting Your Organisation from Targeted Cyber Intrusion

Protecting Your Organisation from Targeted Cyber Intrusion Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology

More information

Introduction to the Mobile Access Gateway

Introduction to the Mobile Access Gateway Introduction to the Mobile Access Gateway This document provides an overview of the AirWatch Mobile Access Gateway (MAG) architecture and security and explains how to enable MAG functionality in the AirWatch

More information

Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)?

Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)? SaaS vs. COTS Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)? Unlike COTS solutions, SIMCO s CERDAAC is software that is offered as a service (SaaS). This offers several

More information

SharePoint 2013 Logical Architecture

SharePoint 2013 Logical Architecture SharePoint 2013 Logical Architecture This document is provided "as-is". Information and views expressed in this document, including URL and other Internet Web site references, may change without notice.

More information

Media Shuttle s Defense-in- Depth Security Strategy

Media Shuttle s Defense-in- Depth Security Strategy Media Shuttle s Defense-in- Depth Security Strategy Introduction When you are in the midst of the creative flow and tedious editorial process of a big project, the security of your files as they pass among

More information

Configuration Guide. BES12 Cloud

Configuration Guide. BES12 Cloud Configuration Guide BES12 Cloud Published: 2016-04-08 SWD-20160408113328879 Contents About this guide... 6 Getting started... 7 Configuring BES12 for the first time...7 Administrator permissions you need

More information

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1 Host Hardening Presented by Douglas Couch & Nathan Heck Security Analysts for ITaP 1 Background National Institute of Standards and Technology Draft Guide to General Server Security SP800-123 Server A

More information

FileDrawer An Enterprise File Sharing and Synchronization (EFSS) solution.

FileDrawer An Enterprise File Sharing and Synchronization (EFSS) solution. FileDrawer An Enterprise File Sharing and Synchronization (EFSS) solution. In today s world the potential for ready access to data from virtually any device over any type of network connection creates

More information

Building Secure Applications. James Tedrick

Building Secure Applications. James Tedrick Building Secure Applications James Tedrick What We re Covering Today: Accessing ArcGIS Resources ArcGIS Web App Topics covered: Using Token endpoints Using OAuth/SAML User login App login Portal ArcGIS

More information

The increasing popularity of mobile devices is rapidly changing how and where we

The increasing popularity of mobile devices is rapidly changing how and where we Mobile Security BACKGROUND The increasing popularity of mobile devices is rapidly changing how and where we consume business related content. Mobile workforce expectations are forcing organizations to

More information

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems Course: Information Security Management in e-governance Day 1 Session 5: Securing Data and Operating systems Agenda Introduction to information, data and database systems Information security risks surrounding

More information

GoodData Corporation Security White Paper

GoodData Corporation Security White Paper GoodData Corporation Security White Paper May 2016 Executive Overview The GoodData Analytics Distribution Platform is designed to help Enterprises and Independent Software Vendors (ISVs) securely share

More information

The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency

The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency logo The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency Understanding the Multiple Levels of Security Built Into the Panoptix Solution Published: October 2011

More information

Service Manager and the Heartbleed Vulnerability (CVE-2014-0160)

Service Manager and the Heartbleed Vulnerability (CVE-2014-0160) Service Manager and the Heartbleed Vulnerability (CVE-2014-0160) Revision 1.0 As of: April 15, 2014 Table of Contents Situation Overview 2 Clarification on the vulnerability applicability 2 Recommended

More information

Security Considerations for DirectAccess Deployments. Whitepaper

Security Considerations for DirectAccess Deployments. Whitepaper Security Considerations for DirectAccess Deployments Whitepaper February 2015 This white paper discusses security planning for DirectAccess deployment. Introduction DirectAccess represents a paradigm shift

More information

Symantec App Center 4.0 Admin Documentation

Symantec App Center 4.0 Admin Documentation Symantec App Center 4.0 Admin Documentation Installation Planning Guide September 2012 Symantec Corporation, 2012 Page 1 Table of Contents Purpose of Document... 3 Deployment Options Overview... 3 Public

More information

Ensuring Enterprise Data Security with Secure Mobile File Sharing.

Ensuring Enterprise Data Security with Secure Mobile File Sharing. A c c e l l i o n S e c u r i t y O v e r v i e w Ensuring Enterprise Data Security with Secure Mobile File Sharing. Accellion, Inc. Tel +1 650 485-4300 1804 Embarcadero Road Fax +1 650 485-4308 Suite

More information

CLOUD COMPUTING SERVICES CATALOG

CLOUD COMPUTING SERVICES CATALOG CLOUD COMPUTING SERVICES CATALOG... Including information about the FedRAMP SM authorized Unclassified Remote Hosted Desktop (URHD) Software as a Service solution CTC Cloud Computing Services Software

More information