A8.1 Asset Management Responsibility for assets: To identify organisational assets and define appropriate protection responsibilities.

Transcription

1 A8.1 Asset Management Responsibility for assets: To identify organisational assets and define appropriate protection responsibilities Inventory of assets. Tripwire IP360 provides comprehensive host and network profiling through an agentless, non-intrusive and low bandwidth solution. An ideal foundation for discovering every system on your network. Dell Software Asset Manager allows you to discover and track hardware and software asset inventory. With Asset Manager, you can also automatically generate usage reports matched to your software purchases and entitlements. A8.2 Information classification: To ensure that information receives an appropriate level of protection in accordance with its importance to the organisation Classification of information. Labelling of information. Titus Classification Suite is a tool kit with plugins for Microsoft Office, Windows operating systems, Microsoft SharePoint and mobile devices. This suite of software requires end users to classify information upon creation. A combination of visual marking/labelling for human handling and meta-data marking for protective software handling that information ensures classified materials are handled appropriately Handling of classified assets. Ultra AEPs UltraEncrypt range provides point to point encryption for separated or remote networks. Highly classified assets can be sent in fully encrypted tunnels created and verified using PKI. Infinigate UK, Railway Arch 8 Chancel Street, London SE1 0UR, England ( Page 1

2 A8.3 Media Handling: To prevent unauthorised disclosure, modification, removal or destruction of information stored on media Management of removable media. Wave Data Protection Suite can ensure that removable media is restricted to pre-approved items. In addition it can also ensure that any removable media used to store information is encrypted therefore reducing the risk of stolen or lost devices. A9.1 Access Control Business requirement of access control: To limit access to information and information processing facilities Access to networks and networking services. Dell Software Privilege Access Manager provides a scheduled period of access to network devices and resources for administrators and high risk users. This removes the need to create permanent access thus reducing the attack surface. A9.2 User access management: To ensure authorised user access and to prevent unauthorised access to systems and services. PowerBroker Password Safe allows users and helpdesk teams to request access for a specified period of time to a resource such as a server or database. Subject to approval, access is provided and recorded for review. Passwords are never supplied and optionally changed after each use preventing unauthorised access outside of the agreed schedule. Infinigate UK, Railway Arch 8 Chancel Street, London SE1 0UR, England ( Page 2

3 User registration and de-registration. User access provisioning. Dell Software Active Administrator is interface to Microsoft Active Directory, allows easy user account creation, modification, removal and group membership. Delegation and role based access means administrators with specific tasks can be given appropriate access for that task only Management of privileged access rights. Dell Software Identity Manager enables you to understand what is in your environment and who has access to it, while providing employees with only the appropriate access necessary to perform their jobs Review of user access rights. Dell Software Enterprise Reporter collects and reports on permissions of shares, files and folders, printers, Registry keys and services for comprehensive Windows Server permission reporting. Dell Software Identity Manager allows security teams to review permissions on file repositories and their contents via an interactive diagram Removal or adjustment of access rights. Dell Software Active Administrator is interface to Microsoft Active Directory, allows easy user account creation, modification, removal and group membership. Delegation and role based access means administrators with specific tasks can be given appropriate access for that task only. Infinigate UK, Railway Arch 8 Chancel Street, London SE1 0UR, England ( Page 3

4 A9.4 System and application access control: To prevent unauthorised access to systems and applications Secure log-on procedures. Ultra AEP UltraEncrypt includes a remote worker element which permits one terminal to join the cryptographic community of interest provided by the larger deployment. The UltraEncrypt range offers both CAPS certified OFFICIAL and SECRET models. SecurAccess is a soft token two-factor authentication solution providing authentication via mobile phone apps, laptops, SMS and voice calls. Support for RADIUS, ADFS and RDP services are all available. Dell Software Defender is a two-factor authentication provider for RADIUS enabled services. Tokens are supplied to users which generates a six digit code, this is entered at logon to prove the users identity. HID ActivIdentity is available as a physical appliance or virtual machine which provides a converged authentication platform for both logical and virtual access. Users can be assigned a OTP in the form of physical tokens or smart phone application, or usage of a smart card to gain access to resources which require additional authentication security. Infinigate UK, Railway Arch 8 Chancel Street, London SE1 0UR, England ( Page 4

5 9.4.3 Password management system. Dell Software Privilege Password Manager is a password storage solution which can provide one time accounts to administrators at the time of request. This means the real password is never exposed. All passwords are stored encrypted to AES-256. PowerBroker Password Safe provides a secure password storage solution which can distribute one time accounts to requesters subject to approval. This means the actual password is never exposed and it can automatically be reset once it has been used Use of privileged utility programs. PowerBroker for Winows/UNIX is a granular permission assignment solution which allows administrative access to designated items within the operating system whilst maintaining the accounts existing privilege elsewhere. This means some of the less risky tasks such as updating an out of date PDF viewer can be allowed within providing blanket administrative privileges. A10.1 Cryptography Cryptographic controls: To ensure proper and effective use of cryptography to protect the confidentiality, authenticity and/or integrity of information Key management. Ultra AEP UltraSafe is the world s only FIPS140-2 level 4 validated HSM. This unit stores both the cryptographic private keys and has a power randomiser chip for generating unpredictable private keys. Infinigate UK, Railway Arch 8 Chancel Street, London SE1 0UR, England ( Page 5

6 A11.1 Physical and Environmental Security Secure Areas: To prevent unauthorised physical access, damage and interference to the organisations information and information processing facilities Physical entry controls. Securing offices, rooms and facilities. HID ActivIdentity is available as a physical appliance or virtual machine which provides a converged authentication platform for both logical and virtual access. Users can be assigned smart passes which can permit access to authorised spaces, unlocking doors with the touch of card. A12.1 Operations Security Operational procedures and responsibilities: To ensure correct and secure operations of information processing facilities Change management. Dell Software Change Auditor is a utility available for Active Directory, Exchange, Lync, SharePoint, SQL Server, SonicWALL and VMWare. This tool inspects for changes in these environments and reports on the environmental parameters of that change. For example, who made the change? And when? Tripwire Enterprise provides FIM functionality for file systems, network devices, hyper-visors, directories and databases. Files or elements are monitored for any additions, deletions or modifications upon which a notification or action can be triggered. Infinigate UK, Railway Arch 8 Chancel Street, London SE1 0UR, England ( Page 6

7 A12.2 Protection from malware: To ensure that information and information processing facilities are protected against malware Controls against malware FailSafe is a network sniffing solution which looks for indications of malware infections using a number of engines and a case analyser. FailSafe will detect file movements, malicious communication and automation to name but a few, this is then analysed and a risk applied to that asset. A12.3 Backup: To protect against loss of data Informational Backup. Dell Software Recovery Manager takes snapshot backups of Active Directory, Exchange and SharePoint which allows for individual online restoration of objects. A12.4 Logging and event monitoring: To record events and generate evidence Event logging. Tripwire Log Center is a mixed agent and agent-less based system information and events management solution. Logs are correlated and comparison and reports producible for long term trend analysis. A12.5 Control of operational software: To ensure the integrity of operational software. Infinigate UK, Railway Arch 8 Chancel Street, London SE1 0UR, England ( Page 7

8 Installation of software on operational systems. CyberSecurity provides network administrators with an ability to compare all platforms in their environment with a previous clean version. This means that any malware infection, installation of software or malicious manipulation of that operating system can not only be discovered, but also remediated. A12.6 Technical vulnerability management: To prevent exploitation of technical vulnerabilities Management of technical vulnerabilities. Tripwire IP360 is an agent-less vulnerability assessment tool which scans services, devices and servers for known vulnerabilities. Feeds are updated daily and assessments produced in report format. Remediation instructions are presented with each report. Retina is Beyond Trust vulnerability assessment tool which can analyse and provide feedback on vulnerabilities and security flaws found on a number of different host types. Remediation instructions and high detailed reports are provided for a variety of different organisational roles Restrictions on software installation. CyberSecurity provides network administrators with an ability to compare all platforms in their environment with a previous clean version. This means that any malware infection, installation of software or malicious manipulation of that operating system can not only be discovered, but also remediated. Infinigate UK, Railway Arch 8 Chancel Street, London SE1 0UR, England ( Page 8

9 A13.1 Communication Security Network security management: To ensure the protection of information in networks and its supporting information processing facilities Security of network services. Ultra AEP UltraEncrypt range provides point to point encryption for separated or remote networks. Highly classified assets can be sent in fully encrypted tunnels created and verified using PKI. A13.2 Information Transfer: To maintain the security of information transferred within an organisation and with any external entity Information transfer policies and procedures MOVEit is a suite of file transfer solutions which can provide both user to user and system to system workflows. All files are encrypted at rest to AES 256-bit and movements logged in a tamper evident database. Files can be revoked and removed under specific conditions, ensuring the file is always handled securely Electronic messaging. EMS Encryption is a cloud based encryption platform. Redirecting outbound with a level of sensitivity to this service encrypts the and therefore protecting it from disclosure to unintended parties. Infinigate UK, Railway Arch 8 Chancel Street, London SE1 0UR, England ( Page 9

10 A14.1 System acquisition, development and maintenance Security requirements of information systems: To ensure that information security is an integral part of information systems across the entire lifecycle. This also includes the requirements for information systems which provide services over public networks Securing applications services on public networks. AppWall is a web application firewall solution which when placed in front of a web page or other web based resource can be used to detect and prevent many of the most common exploits. For example SQL injections, screen scraping and high numbers of requests. Infinigate UK, Railway Arch 8 Chancel Street, London SE1 0UR, England ( Page 10