10 Best Practices to Protect Your Network presented by Saalex Information Technology and Citadel Group

Transcription

1 10 Best Practices to Protect Your Network presented by Saalex Information Technology and Citadel Group Presented by: Michael Flavin and Stan Stahl

2 Saalex Information Technology Overview Saalex Information Technology has been around over 12 years Service both Federal Government and Private Sector Businesses from Santa Barbara to Los Angeles IT Services and Solutions Company offering Infrastructure, Cloud Computing, Business Continuity, HIPAA/IT Security & Compliance and Managed IT Services Recently Awarded Inc. 500 Fastest Growing Co s List! Senior Technicians have a combined 30 years of experience managing infrastructure and supporting networks with up to 10 million daily users (Realtor.com)

3 What Can SaalexIT do for you? Services and Solutions Support IT Managed Services 24x7x365 Help Desk Cloud Hosting Services and Office 365 In the Cloud Data Backup, Disaster Recovery (Saalex Vault) FREE Cyber Security and Network Assessment Tools Security: End-to-End Security, Network Protection IT Solutions: Network Upgrades, Exchange, Hardware, Software Procurement & Support

4 What s on the mind of our business customers today?

5 The Saalex Top 10 List for Securing your Network 1. Quarterly Security Audit 2. Wireless Networks 3. Physical Security 4. Encryption/Strong Password 5. Actively managed Antivirus and Malware 6. Next Gen Firewall Technology 7. Audit/Logging 8. Business Continuity 9. Virtualization 10. End Users

6 Top 10 Techniques #1 Quarterly Security Audits Quarterly Security Audit Components Vulnerability Testing: Vulnerability Analysis is the process of identifying vulnerabilities on a network; provides an overview of the flaws that exist on the system. Saalex uses Rapid Fire Penetration Testing: is an active practice wherein ethical hackers are employed to simulate an attack and test the network and systems resistance; goes on to provide an impact analysis of the flaws identifies the possible impact of the flaw on the underlying network, operating system, database etc. Social Engineering in the context of information security, is understood to mean the art of manipulating people into performing actions or divulging confidential information Kevin Mitnick Reformed computer criminal and later security consultant points out that it is much easier to trick someone into giving a password for a system than to spend the effort to crack into the system. [21] 21 Wikipedia

7 Top 10 Techniques #1 Quarterly Security Audit Quarterly Security Audit - Components Phishing is the act of attempting to acquire information such as usernames, passwords, credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity via electronic communications Wi-Fi Testing. We would run tools to find rogue hotspots, honeypots, poorly configured devices, and check for weak encryption. We like Wi-Fi Analyzer Industry Compliance relating to IT Security (e.g. PCI, HIPAA, SSAE 16, CARF) Check for compliance with PCI Standards, looking for security vulnerabilities such as poorly coded web applications, lack of monitoring, insecure services not removed, lack of access controls Physical Security Review - Physical Security of your IT environment like Locked Cabinets, Elevated, Limited Access for servers.

8 Top 10 Techniques #2 Wireless Networks Strong Encryption don t just use WEP; use WPA2 Change Passwords at regular intervals; Centrally Managed access points Guest Network rhythm of changing passwords Strong Passwords

9 Top 10 Techniques #3 Physical Security Physical Security: Locked Cabinet for Servers, Backups, etc. Elevated to prevent damage Limited Access can anyone get in? Controls appoint someone to monitor

10 Top 10 Techniques #4 Encryption and Passwords Encrypt/Strong Password Laptop Encryption Strong Passwords Multiform Authentication Mobile management OTP or Texting Services

11 Top 10 Techniques #5 Centrally Managed Antivirus/Antimalware Centralized managed antivirus and antimalware Update your network seamlessly Auditing, Inventory Identifying threats of infections mitigate spreading Even with this protection, malicious code can still be put on common websites, such as CNN, FOX, MSNBC, etc. exposing employees' web browsers to malicious code unknowingly

12 Top 10 Techniques #6 Next Gen Firewall Why are they different, what can they do better? Next Generation Firewall technologies offer integrated, highperformance protection against today's wide range of advanced threats targeting your applications, data, and users. Stop threats BEFORE they get into your environment!!! Next generation firewall technology with Application Control allows you to identify and control applications on networks and endpoints regardless of port, protocol, and IP address used. Integrated Intrusion Prevention System (IPS) offers a wide range of features that can be used to monitor and block malicious network activity.

13 Top 10 Techniques #6 Next Gen Firewall Next Generation Firewalls will identify the user from a list of names, IP addresses and Active Directory group memberships that it maintains locally. The connection request will be allowed only if the user belongs to one of the permitted user groups, and the assigned firewall policy will be applied to all traffic to and from that user.

14 Top 10 Techniques #7 Audit Logging Audit/Logging understand who had access to your machines and when to have a trail in case the worst happens... From Date: 08/01/2013 REMOTE ACCESS AUDIT LOG To Date: 08/28/2013 User Type User Name Resource Name SAAZ Agent Type Reason Session Start Time Session End Time Data Center Time User Status ITS User Robert Sebastian SAAZ Sever Agent ITS User LMI Session Request 8/28/2013 8:55:11 AM Active NOC User NOC SAAZ Sever Agent Alert ID:2013/08/ emrans 8/28/2013 1:11:23 PM 8/28/2013 1:17:48 PM 8/28/2013 6:10:38 AM Active NOC 8/28/ :03:25 User NOC SAAZ Sever Agent Alert ID:2013/08/ \tanwira 8/28/2013 7:03:43 AM 8/28/2013 7:04:50 AM AM Active ITS User Austin Pittman SAAZ Sever Agent ITS User LMI Session Request 8/27/ :08:50 8/27/2013 6:08:57 PM 8/27/2013 6:40:31 PM AM Active ITS User Austin Pittman SAAZ Sever Agent ITS User LMI Session Request 8/27/2013 4:12:45 PM 8/27/2013 4:44:55 PM 8/27/2013 9:12:38 AM Active ITS User Austin Pittman SAAZ Sever Agent ITS User LMI Session Request 8/27/2013 3:52:28 PM 8/27/2013 4:00:09 PM 8/27/2013 8:52:23 AM Active NOC User NOC Alert ID:2013/08/ sameer SAAZ Sever Agent maru AVNS 8/27/2013 4:14:49 AM 8/27/2013 4:21:46 AM 8/26/2013 9:14:40 PM Active 8/26/ :58:39 ITS User Austin Pittman SAAZ Sever Agent ITS User LMI Session Request 8/26/2013 5:58:42 PM 8/26/2013 7:31:28 PM AM Active ITS User Austin Pittman SAAZ Sever Agent ITS User LMI Session Request 8/26/ :21:59 8/26/2013 5:22:06 PM 8/26/2013 6:58:45 PM AM Active ITS User Austin Pittman SAAZ Sever Agent ITS User LMI Session Request 8/25/ :10:09 8/26/2013 5:10:13 AM 8/26/2013 5:19:09 AM PM Active ITS User Austin Pittman SAAZ Sever Agent ITS User LMI Session Request 8/25/ :09:57 8/26/2013 5:10:00 AM 8/26/2013 5:12:26 AM PM Active

15 Business Continuity - Confirm backups Full Data Stack Test and Verify On-site/off site DR Virtualization Top 10 Techniques #8 Business Continuity

16 Top 10 Techniques #9 Virtualization AKA Private Cloud Virtualization or Cloud Computing (private or public cloud) Use Case Doctor s office uses ipad to get MRI on cloud; no data resident on device Useful for - remote or seasonal employees Easy to create Virtual Desktops Quick Demo Cloud public, private, hybrid What is the cloud? It is the use of computing resources (hardware and software) that are delivered as a service over a network (typically the Internet). What types of services? (gmail, Hotmail, yahoo mail), Backups (mozy, carbonite), applications (office, salesforce, facebook)

17 Top 10 Techniques and finally #10 Your Users! The End Users!!!! Training on best practices and relentless security consciousness Examples: Passwords (enforce) not on stickies! Unknown USB plugged into environment Think Before you Click Phishing communicate with users Physical Security Don t buy a virus Never share the same or give out passwords Don t log onto other users machines

18 SaalexIT Ready to leverage the Experts in IT? Contact Info: Sales Michael (805) or [email protected] or: [email protected] Or follow us on the Web and Social Media: Facebook: www. LinkedIn: Website Blog:

19 Cyber Security Management Structure Stan Stahl, Ph.D. President Citadel Information Group Phone: Copyright Citadel Information Group, Inc. All Rights Reserved.

20 Meeting the Cybercrime Challenge: Proactively Manage All Three Elements of Information Risk Information Security Management Copyright Citadel Information Group. All Rights Reserved. 20

21 Cyber Security Management Strategy Proactively manage information security just as you proactively manage finance, services, donations and other critical operational functions. 1. Implement formal risk-driven information security policies and standards 2. Identify, document and control sensitive information 3. Train and educate personnel 4. Manage IT Infrastructure from an information security point of view * * Also known to lower costs, improve user productivity and raise organizational morale Copyright Citadel Information Group. All Rights Reserved. 21

22 Information Security Management System ISO 27001, Annex ISO A5: Security Policy A6: Organization A7: Asset Management A8: Human Resources A9: Physical / Environmental A10: Communication & Operations Management A11: Access Control A12: Acquisition, Development & Maintenance A13: Incident Management A14: Business Continuity A15: Compliance Information Security Management System Continuous Process Improvement Engine Demonstrate Continuous Process Improvement of Organization's Ability to Secure Sensitive Information Copyright Citadel Information 9/29-30/ Group. All Rights Reserved.

23 Information Security Management Maturity Model Based upon Software Engineering Institute SE CMMi Copyright Citadel Information Group. All Rights Reserved. 23

24 The Final Word It is said that if you know your enemies and know yourself, you will not be imperiled in a hundred battles, If you do not know your enemies but do know yourself, you will win one and lose one, If you do not know your enemies nor yourself, you will be imperiled in every single battle. Copyright Citadel Information Group. All Rights Reserved. 24