Wie sichert Microsoft seine Daten und sein Netzwerk

Size: px
Start display at page:

Download "Wie sichert Microsoft seine Daten und sein Netzwerk"

Transcription

1 Wie sichert Microsoft seine Daten und sein Netzwerk

2 Das Problem

3 40% Malicious Software in Österreich 35% 35,3% 32,3% 30% 29,5% 29,9% Misc. Trojans Worms 25% 20% 19,6% 16,0% 18,0% 24,0% 24,2% 21,1% 21,0% 24,4% 20,8% Misc. Potentially Unwanted Software Trojan Downloaders & Droppers 15% 11,4% 13,1% 10,9% 12,7% 13,3% Password Stealers & Monitoring Tools Adware 10% 5% 0% 5,3% 4,9% 6,0% 2,5% 3,1% 6,1% 1,2% 1,0% 0,6% 3Q09 4Q09 1Q10 2Q10 Backdoors Viruses Exploits Spyware Circular Markers Represent Malware Square Markers Represent Potentially Unwanted Software

4 Microsoft IT Environment 600,000 Geräte 121,000 Anwender 98 Länder 441 Gebäude 100,000+ W7 clients 10,000 Office 2007 clients 90,000 Office 2010 clients 46,000,000+ VPN Verbindungen pro Monat 200,000+ SharePoint Sites 8 data centers 15,000+ Server s per day: 5,000,000 internal 10,000,000 inbound 9,000,000 filtered out 75,000,000 IMs per month 150,000+ accounts

5 Current Security Architecture People & Process Network Host Application Security Strategy Planning Information Security Governance Information Security Policies Training and Awareness Incident Management Risk Management Framework Forensic Investigations Data Secure Partner and Extranet Connections Securing Remote Access Hygiene and Trustworthy Messaging Hardening the Wireless Network Network Intrusion Detection Systems Security Event Collection Identity Host Based Segmentation Combating Malware Automated Vulnerability Scans Securing Mobile Devices Windows Firewall Windows Vista and XP SP2, IE Protected Mode Physical Security Development Lifecycle IT Managing Source Code Rights Management Services Encrypted File System S/MIME Two Factor Authentication for Remote and Elevated Account Access Strong Passwords Public Key Infrastructure Services Automated Identity and Access Management RFID and Biometrics Physical Access Monitoring

6 Microsoft Security: Defense In Depth Services A well Managed Secure Infrastructure is the key! Edge Server Applications Active Directory Federation Services (ADFS) Client and Server OS Certificate Lifecycle Management Information Protection Identity & Access Management Systems Management Configuration Operations Manager 2007 Manager 2007 Mobile Device Data Protection Manager 2008 Manager SDL TWC

7 Die einfachen Dinge richtig machen Active Directory Individualle Benutzer Konten Endbenutzerschulung wie man einen PC verwendet Bildschrimschoner PC sperren, wen man den Arbeitsplatz verlässt Kennwörter Komplexität und Länge Wiederverwendung Patchmanagement

8 Passwörter warum? Driver Protect the corporate network with Microsoft technology Challenges Educating users Helpdesk volume for resets Risks Alienating clients Synchronized passwords across systems Controls Policy enforced by Group Policy in Active Directory Module in Security-101 to educate users Futures MIIS Self-Service Password reset Elimination of passwords

9 Was macht ein Passwort sicher? Passwort läuft alle 70 Tage ab Strong Password Requirements Administrator passwords sind mindestens 15 Stellen und alphnumerisch Benutzerpasswörter sind mindestens 8 Stellen und alphanumerisch Passwörter beinhalten Groß- & Kleinschreibung, sowie Zeichen und Zahlen Keine Familiennamen, kein Bezug zum Benutzer Wesentlicher Unterschied zum vorangegangenen Passwort

10 Security Updates Timeline Low Client Impact Microsoft Update; & ITWeb Notification (Optional) Updates Management (Voluntary > Forced) High Client Impact SER Scanning & Scripted Updating Port Shutdowns 30% 20% % Vulnerable Clients 24 days average to 98% secured Current days to exploit = 3 days 5% 3% 2% 24hrs 48hrs 7 Days Forced patching begins for normal cycle 7 Days Port shutdowns begin 24 Days

11 Network Access Protection Direct Access

12 The Direct Access Solution Internet NAP / NPS Servers Compliant Client Compliant Client Tunnel over IPv4 UDP, TLS, etc. CORPNET User Thin Edge DoS Prevention Server Assume the underlying network is always insecure Data Center and Business Critical Resources CORPNET Compliant Network CORPNET User Redefine CORPNET edge to insulate the datacenter and business critical resources

13 Benefits Of DirectAccess Bringing Corpnet to the User More productivity More secure More manageable and cost effective Always-on access to corpnet while roaming No explicit user action required it just works Same user experience on premise and off Healthy, trustable host regardless of network Fine grain per app/server policy control Richer policy control near assets Ability to extend regulatory compliance to roaming assets Incremental deployment path toward IPv6 Simplified remote management of mobile resources as if they were on the LAN Lower total cost of ownership (TCO) with an always managed infrastructure Unified secure access across all scenarios and networks Integrated administration of all connectivity mechanisms

14 Mobiles Daten Management

15

16 Secure Endpoints to Reduce Risk Policy für USB Verschlüssellung Rechtemanagement Device Control Bitlocker Rights Management Services

17 BitLocker Drive Encryption BitLocker Drive Encryption fully encrypts the entire Windows volume. BitLocker Designed specifically to prevent the unauthorized disclosure of data when it is at rest. Provides data protection on your Windows client systems, even when the system is in unauthorized hands. Designed to utilize a v1.2 Trusted Platform Module (TPM) for secure key storage and boot environment authentication

18 BitLocker on Removable Drives Removable data drives E.g.: USB flash drives External hard drives Passphrase Smart card Automatic unlocking Recovery password Recovery key Active Directory backup of recovery password Data Recovery Agent Robust and consistent group policy controls Ability to mandate encryption prior to granting write access File systems: NTFS FAT FAT32 ExFAT

19 PKI Public Key Infrastructure

20 Main Uses of PKI 802.1x Wireless Network Authentication User and computer authentication via EAP/TLS Smart Cards for RAS RAS/VPN user authentication via EAP/ TLS using certificates on smartcards Secure (S/MIME) Signature and Encryption certs on smart cards Key archival and recovery of encryption certificates using Windows 2003 CA Certificates chain to publicly trusted root

21 Main Uses of PKI (Continued) Encrypted File System (EFS) Key and Data Recovery Policies and Procedures Secure Web Services (SSL) Server and client auth capabilities Certs Chain to publicly trusted root IPSec Certificate-based authentication for remote access clients

22 File Classification Service & Rights Management Service + AppLocker

23 File Classification Infrastructure & RMS Identify and protect sensitive documents on file servers 1 2 FCI Classify 3 Mgmt Task: RMS Protect 4 5 c c User creates a file marketing.docx on Windows server 2008 R2 file server File Classification Infrastructure (FCI) classifies file as sensitive based on content including Confidential and Internal only Automated File Management Task invokes RMS protection to restrict access to Full Time Employees only Full Time Employee can access marketing.docx A malicious user getting access to the file through un intentional leak is not able to access file content Businesses can automatically RMS protect 1000 s of confidential files on their file servers

24 RMS Platform Components RMS server Server Native to Windows Server 2008 and Windows Server 2008 R2 Runs on Windows Server 2003 Active Directory directory service Windows Server 2000 or later Database server Microsoft SQL Server 2000 or later RMS client Client Native to Windows Vista and Windows 7 Separate Install for Windows XP RMS-enabled applications Microsoft Office 2003/2007/2010 Rights Management Add-on (RMA) for Internet Explorer 6.0

25 RMS Will NOT provide unbreakable, hacker-proof security protect against analog attacks

26 AppLocker Einfaches RollOut Ausnahmen Benutzer Umgebung in den Reglen festlegen Definierte fehlermeldungen

27 Microsoft Global Security Operation Center (GSOC)

28 Current Environment Global Coverage GSOC Redmond GSOC TVP UK GSOC Hyderabad Americas EMEA Asia

29 Current Environment Centralized Management, Localized Services Microsoft s Integrated Security Solution includes the following core infrastructure components to support its over 700 global sites: Access Control and Alarm Environment 11,500 proximity card readers 186,000 active records 30,000,000 access and security related events/transaction per month Communications 300 end users for RF over IP 1700 Voice over IP capable duress intercoms Video Environment 900 video recorders 10,500 cameras 5,000 Other Devices Duress or intrusion Environmental Biometric Fire Life Safety Systems Regulatory compliance for UL Certified Central Station Business reporting through 330 dedicated panels

30 Key Functional Components Alarm Monitoring and Access Control Environment Video Environment Fire & Life Safety Systems Radio over IP (RoIP) 911 Monitoring (US Only) Dispatch Emergency Alerts Consistent Policies & Procedures Global Event Notification Site-Specific Data Management Geographic Mapping Internal Communications Investigative Case Management

31 Situational Awareness Geospatial Mapping 1. Virtual Earth geospatially displays each site location (via SharePoint) and world events that may affect each (via realtime geo-rss feeds) 2. SharePoint provides up-tothe-minute site details (e.g., headcount, floor space, RSM contact info, etc) 3. Virtual Earth overlays of building floor plans and geocoded camera locations (in SharePoint) enable IP camera control

32 Interoperability Global Technical and Operational Load Sharing 1. Network of GSOCs creates an interoperable environment through technical and operational load sharing Enables any GSOC to transfer part or all of its operational load to another (transparent to the customer) Failover redundancy in minutes vs. hours 2. Monitoring stations have been developed with mobility in mind and each workstation in a GSOC can perform all functions GSOCs were designed with extra capacity to allow for regular transfer of operational load as required Laptops are used to allow for rapid disconnect / relocation in the event of an emergency

33 Schützen sie Ihre EDV Umgebung Recommended Actions Halten sie Ihre Software auf dem aktuellen Stand Nicht nur Microsoft Verwenden sie Microsoft Update, nicht Windows Update Updates für alle Microsoft Produkte Setzen sie Anti-Virus Software von einem TRUSTED Anbieter ein updaten Schauen sie sich den Microsoft Security Update Guide and

34 Weitere Informationen Security Essentials (kostenlos ) Generelle Infos Securityupdateguide

35 Roland Hofmann This document is provided for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Microsoft, Microsoft Press, Visual Studio, Visual SourceSafe, Windows and Windows NT are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

General Dynamics Information Technology. Integrated Security Solution CONFIDENCE THROUGH PREPARATION VIRTUAL AGILITY

General Dynamics Information Technology. Integrated Security Solution CONFIDENCE THROUGH PREPARATION VIRTUAL AGILITY General Dynamics Information Technology Integrated Security Solution CONFIDENCE THROUGH PREPARATION VIRTUAL AGILITY GDIT Integrated Security & Instrumented Solutions We enable excellence in world class

More information

MCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features

MCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features MCTS Guide to Microsoft Windows 7 Chapter 7 Windows 7 Security Features Objectives Describe Windows 7 Security Improvements Use the local security policy to secure Windows 7 Enable auditing to record security

More information

Michael Nowacki, CISSP - ISSAP. Security & Management Solutions Specialist Microsoft Canada Michael.Nowacki@Microsoft.com

Michael Nowacki, CISSP - ISSAP. Security & Management Solutions Specialist Microsoft Canada Michael.Nowacki@Microsoft.com Michael Nowacki, CISSP - ISSAP Security & Management Solutions Specialist Microsoft Canada Michael.Nowacki@Microsoft.com More advanced Application-oriented More frequent Profit motivated Too many point

More information

Tech Brief. Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks

Tech Brief. Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks Tech Brief Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks Introduction In today s era of increasing mobile computing, one of the greatest challenges

More information

Anirudh Singh Rautela Security & Privacy Initiative Lead & Product Marketing Manager Security Microsoft

Anirudh Singh Rautela Security & Privacy Initiative Lead & Product Marketing Manager Security Microsoft Anirudh Singh Rautela Security & Privacy Initiative Lead & Product Marketing Manager Security Microsoft Integrated security eases defense in depth architecture deployment Adoption of open standards allows

More information

T21: Microsoft Windows Server and Client Security Donald E. Hester, Maze Associates

T21: Microsoft Windows Server and Client Security Donald E. Hester, Maze Associates T21: Microsoft Windows Server and Client Security Donald E. Hester, Maze Associates Microsoft Windows Server and Client Security Windows 7, Vista and Server 2008 R2 Donald E. Hester CISSP, CISA, CAP, MCT,

More information

Prepared for: The American Association of State Highway and Transportation Officials. Julian Soh Microsoft Corporation. Julian.Soh@microsoft.

Prepared for: The American Association of State Highway and Transportation Officials. Julian Soh Microsoft Corporation. Julian.Soh@microsoft. Prepared for: The American Association of State Highway and Transportation Officials Julian Soh Microsoft Corporation Julian.Soh@microsoft.com This is a directional view into Windows investments for businesses

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

1. Introduction to DirectAccess. 2. Technical Introduction. 3. Technical Details within Demo. 4. Summary

1. Introduction to DirectAccess. 2. Technical Introduction. 3. Technical Details within Demo. 4. Summary 1. Introduction to DirectAccess 2. Technical Introduction 3. Technical Details within Demo 4. Summary Section 2: Technical Introduction Solution Overview Compliant Client Compliant Client Internet

More information

Security and Compliance. Robert Nottoli Principal Technology Specialist Microsoft Corporation robnotto@microsoft.com

Security and Compliance. Robert Nottoli Principal Technology Specialist Microsoft Corporation robnotto@microsoft.com Security and Compliance Robert Nottoli Principal Technology Specialist Microsoft Corporation robnotto@microsoft.com DISCLAIMER FOR DOCUMENTATION REGARDING PRE-RELEASED SOFTWARE This document supports a

More information

Total Defense Endpoint Premium r12

Total Defense Endpoint Premium r12 DATA SHEET Total Defense Endpoint Premium r12 Overview: Total Defense Endpoint Premium Edition r12 offers comprehensive protection for networks, endpoints and groupware systems from intrusions, malicious

More information

With a little bit of IPv6 magic: Windows 7 DirectAccess

With a little bit of IPv6 magic: Windows 7 DirectAccess With a little bit of IPv6 magic: Windows 7 DirectAccess Click to edit Master subtitle style Thomas Treml Technologieberater Microsoft Deutschland GmbH Thomas.Treml@microsoft.com Networking and Access Landscape

More information

Did you know your security solution can help with PCI compliance too?

Did you know your security solution can help with PCI compliance too? Did you know your security solution can help with PCI compliance too? High-profile data losses have led to increasingly complex and evolving regulations. Any organization or retailer that accepts payment

More information

Addressing Cloud Computing Security Considerations

Addressing Cloud Computing Security Considerations Addressing Cloud Computing Security Considerations with Microsoft Office 365 Protect more Contents 2 Introduction 3 Key Security Considerations 4 Office 365 Service Stack 5 ISO Certifications for the Microsoft

More information

Windows 7, Enterprise Desktop Support Technician

Windows 7, Enterprise Desktop Support Technician Course 50331D: Windows 7, Enterprise Desktop Support Technician Page 1 of 11 Windows 7, Enterprise Desktop Support Technician Course 50331D: 4 days; Instructor-Led Introduction This four-day instructor-ledcourse

More information

Windows 7, Enterprise Desktop Support Technician Course 50331: 5 days; Instructor-led

Windows 7, Enterprise Desktop Support Technician Course 50331: 5 days; Instructor-led Lincoln Land Community College Capital City Training Center 130 West Mason Springfield, IL 62702 217-782-7436 www.llcc.edu/cctc Windows 7, Enterprise Desktop Support Technician Course 50331: 5 days; Instructor-led

More information

Ovation Security Center Data Sheet

Ovation Security Center Data Sheet Features Scans for vulnerabilities Discovers assets Deploys security patches transparently Allows only white-listed applications to run in workstations Provides virus protection for Ovation Windows workstations

More information

Windows 7. Qing Liu Qing.Liu@chi.frb.org Michael Stevens Michael.Stevens@chi.frb.org

Windows 7. Qing Liu Qing.Liu@chi.frb.org Michael Stevens Michael.Stevens@chi.frb.org Windows 7 Qing Liu Qing.Liu@chi.frb.org Michael Stevens Michael.Stevens@chi.frb.org 1 Overview 1. Financial Institution s Preliminary Steps 2. User Interface 3. Data Protection 4. User and Group Changes

More information

ICT Professional Optional Programmes

ICT Professional Optional Programmes ICT Professional Optional Programmes Skills Team are a Microsoft Academy with new training rooms and IT labs in our purpose built training centre in Ealing, West London. We offer a range of year-long qualifications

More information

Mobile Network Access Control

Mobile Network Access Control Mobile Network Access Control Extending Corporate Security Policies to Mobile Devices WHITE PAPER Executive Summary Network Access Control (NAC) systems protect corporate assets from threats posed by devices

More information

"Charting the Course... ... to Your Success!" MOC 50331 D Windows 7 Enterprise Desktop Support Technician Course Summary

Charting the Course... ... to Your Success! MOC 50331 D Windows 7 Enterprise Desktop Support Technician Course Summary Description Course Summary This course provides students with the knowledge and skills needed to isolate, document and resolve problems on a Windows 7 desktop or laptop computer. It will also help test

More information

74% 96 Action Items. Compliance

74% 96 Action Items. Compliance Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on July 02, 2013 11:12 AM 1 74% Compliance 96 Action Items Upcoming 0 items About PCI DSS 2.0 PCI-DSS is a legal obligation mandated

More information

Security Controls for the Autodesk 360 Managed Services

Security Controls for the Autodesk 360 Managed Services Autodesk Trust Center Security Controls for the Autodesk 360 Managed Services Autodesk strives to apply the operational best practices of leading cloud-computing providers around the world. Sound practices

More information

Windows 7, Enterprise Desktop Support Technician

Windows 7, Enterprise Desktop Support Technician Windows 7, Enterprise Desktop Support Technician Course Number: 70-685 Certification Exam This course is preparation for the Microsoft Certified IT Professional (MCITP) Exam, Exam 70-685: Pro: Windows

More information

70-685: Enterprise Desktop Support Technician

70-685: Enterprise Desktop Support Technician 70-685: Enterprise Desktop Support Technician Course Introduction Course Introduction Chapter 01 - Identifying Cause and Resolving Desktop Application Issues Identifying Cause and Resolving Desktop Application

More information

Achieving PCI-Compliance through Cyberoam

Achieving PCI-Compliance through Cyberoam White paper Achieving PCI-Compliance through Cyberoam The Payment Card Industry (PCI) Data Security Standard (DSS) aims to assure cardholders that their card details are safe and secure when their debit

More information

Course Description. Course Audience. Course Outline. Course Page - Page 1 of 12

Course Description. Course Audience. Course Outline. Course Page - Page 1 of 12 Course Page - Page 1 of 12 Windows 7 Enterprise Desktop Support Technician M-50331 Length: 5 days Price: $2,795.00 Course Description This five-day instructor-led course provides students with the knowledge

More information

How to Secure Your Environment

How to Secure Your Environment End Point Security How to Secure Your Environment Learning Objectives Define Endpoint Security Describe most common endpoints of data leakage Identify most common security gaps Preview solutions to bridge

More information

Secure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation

Secure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation Secure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation Rev 5058-CO900C Agenda Control System Network Security Defence in Depth Secure Remote Access Examples

More information

About the Authors About the Technical Editor

About the Authors About the Technical Editor Acknowledgments p. xiii About the Authors p. xv About the Technical Editor p. xix Foreword p. xxi Planning Platform Security p. 1 Reviewing the Gore Security Principles p. 2 Planning a Secure Platform

More information

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9 NETASQ & PCI DSS Is NETASQ compatible with PCI DSS? We have often been asked this question. Unfortunately, even the best firewall is but an element in the process of PCI DSS certification. This document

More information

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0 EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single

More information

Module 3: Resolve Software Failure This module explains how to fix problems with applications that have problems after being installed.

Module 3: Resolve Software Failure This module explains how to fix problems with applications that have problems after being installed. CÔNG TY CỔ PHẦN TRƯỜNG CNTT TÂN ĐỨC TAN DUC INFORMATION TECHNOLOGY SCHOOL JSC LEARN MORE WITH LESS! 50331 - Windows 7, Enterprise Desktop Support Technician Duration: 5 days About this Course This five-day

More information

DriveLock and Windows 7

DriveLock and Windows 7 Why alone is not enough CenterTools Software GmbH 2011 Copyright Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise

More information

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)

More information

Ovation Security Center Data Sheet

Ovation Security Center Data Sheet Features Scans for vulnerabilities Discovers assets Deploys security patches easily Allows only white-listed applications in workstations to run Provides virus protection for Ovation Windows stations Aggregates,

More information

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

2. From a control perspective, the PRIMARY objective of classifying information assets is to: MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected

More information

Introduction to BitLocker FVE

Introduction to BitLocker FVE Introduction to BitLocker FVE (Understanding the Steps Required to enable BitLocker) Exploration of Windows 7 Advanced Forensic Topics Day 3 What is BitLocker? BitLocker Drive Encryption is a full disk

More information

How we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz)

How we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz) How we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz) Domain.Local DC Client DomainAdmin Attack Operator Advise Protect Detect Respond

More information

Secure Your Mobile Workplace

Secure Your Mobile Workplace Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in

More information

Course 20688A: Managing and Maintaining Windows 8

Course 20688A: Managing and Maintaining Windows 8 Course 20688A: Managing and Maintaining Windows 8 Length: 5 Days Audience(s): IT Professionals Level: 200 Delivery Method: Instructor-led (classroom) About this Course In this course, students learn how

More information

Retention & Destruction

Retention & Destruction Last Updated: March 28, 2014 This document sets forth the security policies and procedures for WealthEngine, Inc. ( WealthEngine or the Company ). A. Retention & Destruction Retention & Destruction of

More information

Section 12 MUST BE COMPLETED BY: 4/22

Section 12 MUST BE COMPLETED BY: 4/22 Test Out Online Lesson 12 Schedule Section 12 MUST BE COMPLETED BY: 4/22 Section 12.1: Best Practices This section discusses the following security best practices: Implement the Principle of Least Privilege

More information

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015 NETWORK ACCESS CONTROL AND CLOUD SECURITY Tran Song Dat Phuc SeoulTech 2015 Table of Contents Network Access Control (NAC) Network Access Enforcement Methods Extensible Authentication Protocol IEEE 802.1X

More information

Protecting Your Organisation from Targeted Cyber Intrusion

Protecting Your Organisation from Targeted Cyber Intrusion Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology

More information

How Microsoft runs IT. Ludwig Wilhelm CIO Central & Eastern Europe Microsoft IT

How Microsoft runs IT. Ludwig Wilhelm CIO Central & Eastern Europe Microsoft IT How Microsoft runs IT Ludwig Wilhelm CIO Central & Eastern Europe Microsoft IT 2 Source: Accenture Cloudrise: Rewards & Risks at the Dawn of Cloud Computing, November 2010 3 Source: Accenture Cloudrise:

More information

Windows Server. Introduction to Windows Server 2008 and Windows Server 2008 R2

Windows Server. Introduction to Windows Server 2008 and Windows Server 2008 R2 Copyright 2006-2013 MilliByte SS Windows Server DƏRS Introduction to Windows Server 2008 and Windows Server 2008 R2 Functionality of Windows Server 2008 Windows Server 2008 Editions 1 Microsoft Hyper-V

More information

TNC is an open architecture for network access control. If you re not sure what NAC is, we ll cover that in a second. For now, the main point here is

TNC is an open architecture for network access control. If you re not sure what NAC is, we ll cover that in a second. For now, the main point here is 1 2 This slide shows the areas where TCG is developing standards. Each image corresponds to a TCG work group. In order to understand Trusted Network Connect, it s best to look at it in context with the

More information

MS 20688 Managing and Maintaining Windows 8

MS 20688 Managing and Maintaining Windows 8 P a g e 1 of 9 MS 20688 Managing and Maintaining Windows 8 About this Course In this course, students learn how to plan and implement the installation, management, and maintenance of Windows 8. Course

More information

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013 CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control

More information

Locking down a Hitachi ID Suite server

Locking down a Hitachi ID Suite server Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime

More information

Business Ready Security

Business Ready Security Business Ready Security Steve Scholz Microsoft Education steve.scholz@microsoft.com Protect everywhere, access anywhere Identity Simplify the security experience, manage compliance Highly Secure & Interoperable

More information

DeltaV Cyber Security Solutions

DeltaV Cyber Security Solutions TM DeltaV Cyber Security Solutions A Guide to Securing Your Process A long history of cyber security In pioneering the use of commercial off-the-shelf technology in process control, the DeltaV digital

More information

Creating A Culture of Security and Privacy in the Digital Age. Dave Welsh Microsoft Corporation dmwelsh@microsoft.com

Creating A Culture of Security and Privacy in the Digital Age. Dave Welsh Microsoft Corporation dmwelsh@microsoft.com Creating A Culture of Security and Privacy in the Digital Age Dave Welsh Microsoft Corporation dmwelsh@microsoft.com Situation Computers worldwide: 663 million1 Web users worldwide, 2004: 719,334,756,

More information

Windows 7, Enterprise Desktop Support Technician

Windows 7, Enterprise Desktop Support Technician MS50331 Längd: 5 dagar Windows 7, Enterprise Desktop Support Technician Detta är den bredaste, mest djuplodande kursen för dig som arbetar som Supporttekniker och behöver vara champion på Windows när frågorna

More information

PCI Requirements Coverage Summary Table

PCI Requirements Coverage Summary Table StillSecure PCI Complete Managed PCI Compliance Solution PCI Requirements Coverage Summary Table January 2013 Table of Contents Introduction... 2 Coverage assumptions for PCI Complete deployments... 2

More information

Web Security Update. A Radicati Group, Inc. Webconference. The Radicati Group, Inc. Copyright March 2010, Reproduction Prohibited

Web Security Update. A Radicati Group, Inc. Webconference. The Radicati Group, Inc. Copyright March 2010, Reproduction Prohibited The Radicati Group, Inc. www.radicati.com Web Security Update A Radicati Group, Inc. Webconference The Radicati Group, Inc. Copyright March 2010, Reproduction Prohibited 9:30 am, PT March 25, 2010 Speakers

More information

Payment Card Industry Data Security Standard

Payment Card Industry Data Security Standard Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security

More information

Configuring and Administering Windows 7

Configuring and Administering Windows 7 Configuring and Administering Windows 7 Length: 5 days Overview This five-day instructor-led course provides students with the knowledge and skills to configure and administer Microsoft Windows 7 as a

More information

Inspection of Encrypted HTTPS Traffic

Inspection of Encrypted HTTPS Traffic Technical Note Inspection of Encrypted HTTPS Traffic StoneGate version 5.0 SSL/TLS Inspection T e c h n i c a l N o t e I n s p e c t i o n o f E n c r y p t e d H T T P S T r a f f i c 1 Table of Contents

More information

IBM Endpoint Manager for Core Protection

IBM Endpoint Manager for Core Protection IBM Endpoint Manager for Core Protection Device control and endpoint protection designed to guard against malware and loss of sensitive data Highlights Delivers real-time endpoint protection against viruses,

More information

Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)?

Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)? SaaS vs. COTS Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)? Unlike COTS solutions, SIMCO s CERDAAC is software that is offered as a service (SaaS). This offers several

More information

Chapter 4 Application, Data and Host Security

Chapter 4 Application, Data and Host Security Chapter 4 Application, Data and Host Security 4.1 Application Security Chapter 4 Application Security Concepts Concepts include fuzzing, secure coding, cross-site scripting prevention, crosssite request

More information

Course 50322B: Configuring and Administering Windows 7

Course 50322B: Configuring and Administering Windows 7 Course 50322B: Configuring and Administering Windows 7 Length: Delivery Method: 5 Days Instructor-led (classroom) About this Course This five-day instructor-led course provides students with the knowledge

More information

SecureAge SecureDs Data Breach Prevention Solution

SecureAge SecureDs Data Breach Prevention Solution SecureAge SecureDs Data Breach Prevention Solution In recent years, major cases of data loss and data leaks are reported almost every week. These include high profile cases like US government losing personal

More information

Protecting Networks and Data with Public Key Infrastructure (PKI)

Protecting Networks and Data with Public Key Infrastructure (PKI) Protecting Networks and Data with Public Key Infrastructure (PKI) MARK B. COOPER PRESIDENT & FOUNDER MARK@PKISOLUTIONS.COM WWW.PKISOLUTIONS.COM @PKISOLUTIONS What is PKI? Organizations need enhanced security

More information

MOBILITY & INTERCONNECTIVITY. Features SECURITY OF INFORMATION TECHNOLOGIES

MOBILITY & INTERCONNECTIVITY. Features SECURITY OF INFORMATION TECHNOLOGIES MOBILITY & INTERCONNECTIVITY Features SECURITY OF INFORMATION TECHNOLOGIES Frequent changes to the structure of enterprise workforces mean that many are moving away from the traditional model of a single

More information

Solution Recipe: Improve Networked PC Security with Intel vpro Technology

Solution Recipe: Improve Networked PC Security with Intel vpro Technology Solution Recipe: Improve Networked PC Security with Intel vpro Technology Preface Intel has developed a series of unique Solution Recipes designed for channel members interested in providing complete solutions

More information

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014 Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security

More information

Elements to a Secure Environment Becoming Resilient Towards Modern Cyberthreats. Windows XP Support Has Ended Why It Concerns You

Elements to a Secure Environment Becoming Resilient Towards Modern Cyberthreats. Windows XP Support Has Ended Why It Concerns You Elements to a Secure Environment Becoming Resilient Towards Modern Cyberthreats Windows XP Support Has Ended Why It Concerns You Protect Detect Respond 1 02 Windows XP support has ended Windows XP support

More information

Kaspersky Endpoint Security 10 for Windows. Deployment guide

Kaspersky Endpoint Security 10 for Windows. Deployment guide Kaspersky Endpoint Security 10 for Windows Deployment guide Introduction Typical Corporate Network Network servers Internet Gateway Workstations Mail servers Portable media Malware Intrusion Routes Viruses

More information

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and

More information

IREBOX X. Firebox X Family of Security Products. Comprehensive Unified Threat Management Solutions That Scale With Your Business

IREBOX X. Firebox X Family of Security Products. Comprehensive Unified Threat Management Solutions That Scale With Your Business IREBOX X IREBOX X Firebox X Family of Security Products Comprehensive Unified Threat Management Solutions That Scale With Your Business Family of Security Products Comprehensive unified threat management

More information

Operating System Security

Operating System Security Operating System Security Klaus Schütz Windows OS Security Microsoft Redmond Before I start My VP love(d) me A frustrated friend 1 Agenda Evolution of Threats Client vs. Server Security Operating System

More information

Business process efficiency is improved with task management, alerts, notifications and automated process workflows.

Business process efficiency is improved with task management, alerts, notifications and automated process workflows. UNCLASSIFIED 23/02/2015 v3.3 Cobweb Hosted SharePoint 3.0 Service Description Cobweb Hosted SharePoint is a web-based document collaboration tool that helps you maximise productivity in a truly flexible,

More information

Best Practices for DanPac Express Cyber Security

Best Practices for DanPac Express Cyber Security March 2015 - Page 1 Best Practices for This whitepaper describes best practices that will help you maintain a cyber-secure DanPac Express system. www.daniel.com March 2015 - Page 2 Table of Content 1 Introduction

More information

Security Considerations for DirectAccess Deployments. Whitepaper

Security Considerations for DirectAccess Deployments. Whitepaper Security Considerations for DirectAccess Deployments Whitepaper February 2015 This white paper discusses security planning for DirectAccess deployment. Introduction DirectAccess represents a paradigm shift

More information

System Security Policy Management: Advanced Audit Tasks

System Security Policy Management: Advanced Audit Tasks System Security Policy Management: Advanced Audit Tasks White Paper October 6, 2005 2005 Altiris Inc. All rights reserved. ABOUT ALTIRIS Altiris, Inc. is a pioneer of IT lifecycle management software that

More information

The Education Fellowship Finance Centralisation IT Security Strategy

The Education Fellowship Finance Centralisation IT Security Strategy The Education Fellowship Finance Centralisation IT Security Strategy Introduction This strategy outlines the security systems in place to optimise, manage and protect The Education Fellowship data and

More information

Industrial Security for Process Automation

Industrial Security for Process Automation Industrial Security for Process Automation SPACe 2012 Siemens Process Automation Conference Why is Industrial Security so important? Industrial security is all about protecting automation systems and critical

More information

Cisco Advanced Services for Network Security

Cisco Advanced Services for Network Security Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs

More information

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements I n t r o d u c t i o n The Payment Card Industry Data Security Standard (PCI DSS) was developed in 2004 by the PCI Security Standards

More information

Training Name Installing and Configuring Windows Server 2012

Training Name Installing and Configuring Windows Server 2012 Training Name Installing and Configuring Windows Server 2012 Exam Code 70 410 At Course Completion After completing this course, students will be able to: Install and configure Windows Server 2012. Describe

More information

White Paper How Noah Mobile uses Microsoft Azure Core Services

White Paper How Noah Mobile uses Microsoft Azure Core Services NoahMobile Documentation White Paper How Noah Mobile uses Microsoft Azure Core Services The Noah Mobile Cloud service is built for the Microsoft Azure platform. The solutions that are part of the Noah

More information

MS-50292 - MCITP: Windows 7 Enterprise Desktop Support Technician Boot Camp

MS-50292 - MCITP: Windows 7 Enterprise Desktop Support Technician Boot Camp MS-50292 - MCITP: Windows 7 Enterprise Desktop Support Technician Boot Camp Table of Contents Introduction Audience At Completion Prerequisites Microsoft Certified Professional Exams Student Materials

More information

Proven LANDesk Solutions

Proven LANDesk Solutions LANDesk Solutions Descriptions Proven LANDesk Solutions IT departments face pressure to reduce costs, reduce risk, and increase productivity in the midst of growing IT complexity. More than 4,300 organizations

More information

PCI Requirements Coverage Summary Table

PCI Requirements Coverage Summary Table StillSecure PCI Complete Managed PCI Compliance Solution PCI Requirements Coverage Summary Table December 2011 Table of Contents Introduction... 2 Coverage assumptions for PCI Complete deployments... 2

More information

Step-by-Step Guide to Securing Windows XP Professional with Service Pack 2 in Small and Medium Businesses

Step-by-Step Guide to Securing Windows XP Professional with Service Pack 2 in Small and Medium Businesses Step-by-Step Guide to Securing Windows XP Professional with Service Pack 2 in Small and Medium Businesses 2004 Microsoft Corporation. All rights reserved. This document is for informational purposes only.

More information

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0 Security Guide BlackBerry Enterprise Service 12 for ios, Android, and Windows Phone Version 12.0 Published: 2015-02-06 SWD-20150206130210406 Contents About this guide... 6 What is BES12?... 7 Key features

More information

Objectif. Participant. Prérequis. Remarque. Programme. Windows 7, Enterprise Desktop Support Technician (seven)

Objectif. Participant. Prérequis. Remarque. Programme. Windows 7, Enterprise Desktop Support Technician (seven) Objectif This five-day instructor-ledcourse provides students with the knowledge and skills needed to isolate, document and resolve problems on a Windows 7 desktop or laptop computer. It will also help

More information

Human Factors in Information Security

Human Factors in Information Security University of Oslo INF3510 Information Security Spring 2014 Workshop Questions Lecture 2: Security Management, Human Factors in Information Security QUESTION 1 Look at the list of standards in the ISO27000

More information

Windows 7. Noen nyheter. Olav Tvedt, Deployment Ranger Microsoft

Windows 7. Noen nyheter. Olav Tvedt, Deployment Ranger Microsoft Windows 7 Noen nyheter Olav Tvedt, Deployment Ranger Microsoft Agenda Sikkerhet for mobile brukere Bitlocker Bitlocker to go Applocker Branch Cache Sikkerhet For Mobile Brukere Securing Anywhere Access

More information

Introduction to Cyber Security / Information Security

Introduction to Cyber Security / Information Security Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be

More information

MOC 6435A Designing a Windows Server 2008 Network Infrastructure

MOC 6435A Designing a Windows Server 2008 Network Infrastructure MOC 6435A Designing a Windows Server 2008 Network Infrastructure Course Number: 6435A Course Length: 5 Days Certification Exam This course will help you prepare for the following Microsoft exam: Exam 70647:

More information

Networking: EC Council Network Security Administrator NSA

Networking: EC Council Network Security Administrator NSA coursemonster.com/uk Networking: EC Council Network Security Administrator NSA View training dates» Overview The EC-Council's NSA certification looks at network security from a defensive view. The NSA

More information

Wireless Network Quality of Service WHITE PAPER

Wireless Network Quality of Service WHITE PAPER Wireless Network Quality of Service WHITE PAPER Executive Summary Most wireless deployments rely on cellular data networks for connectivity, which have bandwidth constraints. The quality of service (QoS)

More information

The self-defending network a resilient network. By Steen Pedersen Ementor, Denmark

The self-defending network a resilient network. By Steen Pedersen Ementor, Denmark The self-defending network a resilient network By Steen Pedersen Ementor, Denmark The self-defending network - a resilient network What is required of our internal networks? Available, robust, fast and

More information

Sophos for Microsoft SharePoint startup guide

Sophos for Microsoft SharePoint startup guide Sophos for Microsoft SharePoint startup guide Product version: 2.0 Document date: March 2011 Contents 1 About this guide...3 2 About Sophos for Microsoft SharePoint...3 3 System requirements...3 4 Planning

More information