Session ID: Session Classification:

Similar documents
Security and Identity. Kevin Harris Account Technology Strategist Microsoft Corporation

Elements to a Secure Environment Becoming Resilient Towards Modern Cyberthreats. Windows XP Support Has Ended Why It Concerns You

Trustworthy Computing

Hi and welcome to the Microsoft Virtual Academy and

MBAM Self-Help Portals

Bypassing Local Windows Authentication to Defeat Full Disk Encryption. Ian Haken

Introducing Windows 8

BitLocker Network Unlock & BitLocker support for Encrypted Drives

MICROSOFT BITLOCKER ADMINISTRATION AND MONITORING (MBAM)

BitLocker Encryption for non-tpm laptops

BitLocker Drive Encryption Hardware Enhanced Data Protection. Shon Eizenhoefer, Program Manager Microsoft Corporation

Protecting Data with Short- Lived Encryption Keys and Hardware Root of Trust. Dan Griffin DefCon 2013

IDENTITY & ACCESS. Privileged Identity Management. controlling access without compromising convenience

Managing BitLocker Encryption

F5 and Microsoft Exchange Security Solutions

Whitepaper Enhancing BitLocker Deployment and Management with SimplySecure. Addressing the Concerns of the IT Professional Rob Weber February 2015

Windows XP Support stops on 8. April 2014

Navigating Endpoint Encryption Technologies

DriveLock and Windows 7

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

Software Token Security & Provisioning: Innovation Galore!

Windows 8 Security. Security Response. November, 2011

STRONGER AUTHENTICATION for CA SiteMinder

Windows 8.1 Vs OSX 10.1 Versus ios Security

Security and Compliance. Robert Nottoli Principal Technology Specialist Microsoft Corporation

DELL. Unified Server Configurator Security Overview. A Dell Technical White Paper. By Raja Tamilarasan, Wayne Liles, Marshal Savage and Weijia Zhang

UEFI Implications for Windows Server

Disk Encryption. Aaron Howard IT Security Office

Maximizing customer protections

Introduction to BitLocker FVE

DriveLock and Windows 8

Security Overview for Windows Vista. Bob McCoy, MCSE, CISSP/ISSAP Technical Account Manager Microsoft Corporation

Microsoft MVP (Enterprise / Azure Security 9 Years) Microsoft Certified Trainer (20 years) Founder: Cybercrime Security Forum!

Windows Phone 8 Security Overview

MCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features

Full Drive Encryption Security Problem Definition - Encryption Engine

Operating System Security

University of Rochester Sophos SafeGuard Encryption for Windows Support Guide

TechnoLabs Software Services Pvt Ltd. Enterprise Mobility - Mobile Device Security

Strategies for Firmware Support of Self-Encrypting Drives

Patterns for Secure Boot and Secure Storage in Computer Systems

CHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device

Using BitLocker As Part Of A Customer Data Protection Program: Part 1

Customer PCI 3.0 Changes = New Opportunity For You. Giles Witherspoon-Boyd SecurityMetrics

Factory-Installed, Standards-Based Hardware Security. Steven K. Sprague President & CEO, Wave Systems Corp.

Strong Authentication for Secure VPN Access


EMBASSY Remote Administration Server (ERAS) BitLocker Deployment Guide

Protect Sensitive Data Using Encryption Technologies. Ravi Sankar Technology Evangelist Microsoft Corporation

Firmware security features in HP Compaq business notebooks

T21: Microsoft Windows Server and Client Security Donald E. Hester, Maze Associates

Encrypting with BitLocker for disk volumes under Windows 7

CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS

Strong authentication of GUI sessions over Dedicated Links. ipmg Workshop on Connectivity 25 May 2012

Critical Security Controls

How Microsoft runs IT. Ludwig Wilhelm CIO Central & Eastern Europe Microsoft IT

MAESON MAHERRY. 3 Factor Authentication and what it means to business. Date: 21/10/2013

ADDING STRONGER AUTHENTICATION for VPN Access Control

User Manual. HitmanPro.Kickstart User Manual Page 1

70-685: Enterprise Desktop Support Technician

Overview of Windows 10 Requirements for TPM, HVCI and SecureBoot

How to Secure Infrastructure Clouds with Trusted Computing Technologies

PCI Compliance 3.1. About Us

Use of tablet devices in NHS environments: Good Practice Guideline

Windows BitLocker Drive Encryption Step-by-Step Guide


Windows 7. Noen nyheter. Olav Tvedt, Deployment Ranger Microsoft

Self-Service, Anywhere

Windows 7, Enterprise Desktop Support Technician

Longmai Mobile PKI Solution

Securing Corporate Data and Making Life Easier for the IT Admin Benefits of Pre Boot Network Authentication Technology

About the Authors About the Technical Editor

FileDrawer An Enterprise File Sharing and Synchronization (EFSS) solution.

Mobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords. Mika Devonshire Associate Product Manager

Cybersecurity Health Check At A Glance

ICT Security. High-Quality Information and Know How Protection. Design and implementation of security. Covering almost all of ICT security

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

RSA SecurID Two-factor Authentication

CCEVS Approved Assurance Continuity Maintenance Report

OBM (Out of Band Management) Overview

A Guide to Managing Microsoft BitLocker in the Enterprise

Ovation Security Center Data Sheet

Security Considerations in Cloud Deployments Matthew Garrett

Description of Actual State Sensor Types for the Software Asset Management (SWAM) Capability. 7 Jul 2014

Full Disk Encryption Drives & Management Software. The Ultimate Security Solution For Data At Rest

UNCLASSIFIED CPA SECURITY CHARACTERISTIC REMOTE DESKTOP. Version 1.0. Crown Copyright 2011 All Rights Reserved

Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking

Security Best Practices for Microsoft Azure Applications

Kingston KC300 Security Toolbox

How To Achieve Pca Compliance With Redhat Enterprise Linux

Recipe for Mobile Data Security: TPM, Bitlocker, Windows Vista and Active Directory

Did you know your security solution can help with PCI compliance too?

YubiKey Integration for Full Disk Encryption

BM482E Introduction to Computer Security

Windows Operating Systems. Basic Security

Secure Storage. Lost Laptops

Cedric Rajendran VMware, Inc. Security Hardening vsphere 5.5

McAfee Deep Safe. Security beyond the OS. Kai-Ping Seidenschnur Senior Security Engineer. October 16, 2012

Windows 7. Qing Liu Michael Stevens

Section 12 MUST BE COMPLETED BY: 4/22

Transcription:

Session ID: Session Classification:

Protecting Data with Encryption Access Control

Protect Sensitive Data Protect and Manage Threats Groundbreaking Malware Resistance Protects the client, data, and corporate resources by making the client inherently secure and less vulnerable from the effects from malware. Pervasive Device Encryption Simplifies provisioning and compliance management the of encrypted drives on the widest variety of PC form factors and storage technologies Protect Access to Resources Modernized Access Control Modernizes access control and data management while increasing data security within the enterprise.

Legacy Boot BIOS OS Loader (Malware) OS Start Modern Boot Native UEFI Verified OS Loader Only OS Start

# Feature TPM 1.2/2.0 UEFI 2.3.1 1 BitLocker: Volume Encryption X 2 BitLocker: Volume Network Unlock X X 3 Trusted Boot: Secure Boot X 4 Trusted Boot: ELAM X 5 Measured Boot X 6 Virtual Smart Cards X 7 Certificate Storage (Hardware Bound) X 8 Address Space Layout Randomization (ASLR) X 9 Visual Studio Compiler X 10 More

Training Requirements Design Implementation Verification Release Response

Windows 7 BIOS OS Loader (Malware) 3 rd Party Drivers (Malware) Anti-Malware Software Start Windows Logon Windows 8 Native UEFI Windows 8 OS Loader Anti-Malware Software Start 3 rd Party Drivers Windows Logon

Windows 7 BIOS MBR & Boot Sector OS Loader Kernel Initialization 3 rd Party Drivers Anti-Malware Software Start Windows 8 UEFI Windows 8 OS Loader Windows Kernel & Drivers Anti-Malware Software 3 rd Party Drivers Remote Attestation

Client Health Claim Secure Boot prevents malicious OS loader UEFI Boot 1 Windows OS Loader Windows Kernel and Drivers Boot Policy AM Policy AM Software 3 Measurements of components including AM software are Client retrieves TPM stored in the TPM measurements of client and sends it to Remote Attestation Service TPM 5 Client attempts provides Client to access resource. Health Claim. Server Server requests Client reviews Health and grants Claim. access to healthy clients. Remote Resource (File Server) AM software is started before all 3 rd party software 2 3 rd Party Software Windows Logon Client 47 6 Remote Attestation Service issues Client Health Claim to Client Remote Attestation Service

Simplify provisioning and deployment Provide reporting (e.g.: compliance & audit) Reduce costs (e.g.: Simplified Recovery We can use MBAM v1.0 to get greater value from BitLocker. We can ensure that BitLocker is enabled and that we are compliant with corporate encryption mandates without taxing our employees or IT staff. Bob Johnson Director of IT, BT U.S. and Canada Improving compliance and security Integrating with existing systems (e.g.: SCCM) Reducing costs (e.g.: Self Service, Decreased Risk)

Length PIN Password (a-z) Password (complex) Picture Password 1 10 26 n/a 2,554 2 100 676 n/a 1,581,773 3 1,000 17,576 81,120 1,155,509,083 4 10,000 456,976 4,218,240 5 100,000 11,881,376 182,790,400 6 1,000,000 308,915,776 7,128,825,600 7 10,000,000 8,031,810,176 259,489,251,840 8 100,000,000 208,827,064,576 8,995,627,397,120

Growth of users and data Distributed computing Regulatory and Business Compliance Budget Constraints??

CSO/CIO department I need to have the right compliance controls to keep me out of jail Infrastructure Support I don t know what data is in my repositories and how to control it Content Owner Is my important data appropriately protected and compliant with regulations how do I audit this IW I don t know if I am complying with my organization s polices

Identify data Control access Audit access Protect data Manual tagging by content owners Expression based access conditions with support for user claims, device claims and file tags Central audit policies that can be applied across multiple file servers Automatic RMS protection for Office documents based on file tags Automatic classification (tagging) Central access policies targeted based on file tags Expression based auditing conditions with support for user claims, device claims and file tags Near real time protection soon after the file is tagged Application based tagging Access denied remediation Policy staging audits to simulate policy changes in a real environment Extensibility for non Office RMS protectors

Ground Breaking Malware Resistance Fundamentally resistant and resilient against attacks Always protected with an in-box anti-malware solution Protects users and data from internet based threats Pervasive Device Encryption Encryption is pervasive on all devices Fast provisioning of encrypted devices Simplified user experience with single sign-in options Modernized Access Control Secure always connected and always managed from anywhere Easy to use and deploy strong multifactor authentication Access control automatically adapts to a changing environment Ensures connections and access are only granted to healthy and secure devices

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information