Designing an Enterprise GIS Security Strategy. Michael E Young CISSP
|
|
- Cameron Goodman
- 6 years ago
- Views:
Transcription
1 Designing an Enterprise GIS Security Strategy Michael E Young CISSP
2 Agenda Introduction Esri s Security Strategy Federal Security Metric Tools Enterprise-Wide Security Mechanisms Product Security Cloud Computing Security Esri Security Compliance Summary and Next Steps
3 Introduction - Michael E Young - Esri Senior Enterprise Security Architect - FISMA C&A Application Security Officer - Certified Information Systems Security Professional (CISSP) Application Security Risks Diagram OWASP 2010
4 Introduction What is a secure GIS? Integration with other enterprise components? - Directory Services / LDAP / MS Active Directory Meeting security standards requirements? Security Certifications & Accreditations? - FDCC / FISMA / DIACAP User Application Interfaces? - ADF, MS Silverlight, Adobe Flex, JavaScript, Rich Clients Application built-in vs. separate security products? - ArcGIS Token Service / 3 rd Party Single-Sign-On products So far, nobody has found a silver bullet for security
5 Introduction Designing an Enterprise GIS Security Strategy Identify your Security Needs - Assess your environment - Datasets, Systems - Sensitivity, Categorization Understand Security Options - Enterprise GIS Resource Center - Enterprise-wide Security Mechanisms - Application Specific Options - Utilize patterns Implement Security as a Business Enabler - Improve appropriate availability of information
6 Introduction Designing an Enterprise GIS Security Strategy Security Risk Management Process Diagram - Microsoft
7 Esri s Security Strategy
8 Esri s Security Strategy Trends Esri Products Discrete products and services supplemented by 3 rd party security Enterprise system with embedded and 3 rd party security IT Trend Isolated Systems Integrated Systems with discretionary access
9 Esri s Security Strategy Secure GIS Products - Incorporate security industry best practices - Trusted geospatial services across the globe - Meet both individual user needs and entire organizations Secure GIS Solution Guidance - Enterprise Resource Center Website - Esri security patterns
10 Esri s Security Strategy Security Patterns Esri provides security implementation patterns - Best practice security guidance Leverages National Institute of Standards and Technology (NIST) Patterns based on risk level - Basic Security - Standard Security - Advanced Security Identify your risk level - Formal process NIST Informal process To prioritize information security and privacy initiatives, organizations must assess their business needs and risks
11 Esri s Security Strategy Foundational Security Principles CIA Security Triad Defense in Depth
12 Esri s Security Strategy Defense in Depth Authentication Authorization Data and Assets Physical Controls Policy Controls Technical Controls Filters Encryption Logging
13 Federal Security Metric Tools
14 Federal Security Metric Tools The 2010 State of Cybersecurity from the Federal CISO s Perspective
15 Federal Security Metric Tools CAG - Consensus Audit Guidelines 20 prioritized IT security controls - Automation is key - Map to NIST Let us know if this is important to your Agency US State Department demonstrated more than 80% reduction in "measured" security risk through the rigorous automation and measurement of the Top 20 Controls
16 Federal Security Metric Tools SCAP Security Content Automation Protocol Standard to communicate vulnerability information - Automate compliance, manage vulnerabilities, perform security measurements - Evaluate policy compliance for standards Used by Esri as part of the FDCC self-certification
17 Federal Security Metric Tools NIST / FISMA FISMA C&A utilizes NIST security controls Esri security patterns based on these controls
18 Enterprise-wide Security Mechanisms
19 Enterprise-Wide Security Mechanisms Overview
20 Enterprise-Wide Security Mechanisms Authentication Three ArcGIS Authentication Schemes - Web Traffic via HTTP 1. Web Services 2. Web Applications - Intranet Traffic via DCOM 3. Local Connections
21 Enterprise-Wide Security Mechanisms Authentication Access Restricted Authentication Method Protocol Description Encryption None HTTP Default Internet Connections N/A Web Service or Web Application Basic Digest Windows Integrated Java EE Container HTTP (SSL optional) HTTP (SSL optional) Browser built-in pop-up login dialog box. Web container provides challenge for credentials Basic None, unless using SSL Container Managed Client Certificates PKI Smart Cards HTTPS Server authenticates client using a public key certificate PKI Managed Web Application Only.NET Form-based Java ArcGIS Managed HTTP (SSL optional) HTTP (SSL optional) Application provides its own custom login and error pages. ArcGIS Server provides login page for Java Web App None, unless using SSL None, unless using SSL Web Service Only Esri Token HTTP (SSL optional) Local Windows Integrated DCOM Cross Platform, Cross API Authentication Default Local Connections OS Groups AGSUser. AGSAdmin AES-128bit OS Managed
22 Enterprise-Wide Security Mechanisms Authentication User and Role Storage Options Java Options - Default Apache Derby - External Database - LDAP - MS Active Directory John Cindy Jim Limited Admin Regions.NET Options - Default - Windows Users and Groups - MS SQL Server Express - Custom Provider Users Roles - Instructions for Active Directory and Oracle Providers available
23 Enterprise-Wide Security Mechanisms Authorization Role Based Access Control Esri COTS - Assign access with ArcGIS Manager - Service Level Authorization across web interfaces - Services grouped in folders utilizing inheritance 3 rd Party - RDBMS Row Level or Feature Class Level - Versioning with Row Level degrades RDBM performance - Alternative - SDE Views Custom - Limit GUI - Rich Clients via ArcObjects - Web Applications - Sample code Links in ERC - Microsoft s AzMan tool
24 Enterprise-Wide Security Mechanisms Filters 3 rd Party Options Firewalls Reverse Proxy - MS free reverse proxy for IIS 7 (Windows 2008) Web Application Firewall - Open Source option ModSecurity Anti-Virus Software Intrusion Detection / Prevention Systems Limit applications able to access geodatabase
25 Enterprise-Wide Security Mechanisms Filters Firewall Friendly Scenario Web Application Firewall in DMZ File Geodatabase in DMZ One-way replication via HTTP(s) Deployed to each web server for performance Internet users access to subset of Geodatabase Internet DMZ Intranet WAF Web Web HTTP HTTP GIS GIS DCOM Use Database HTTP Database SQL Author & Publish
26 Enterprise-Wide Security Mechanisms Filters Why no Reverse Proxy in DMZ? - One-off component / no management, minimal filtering Multi-Function Web Service Gateways - Store SSL Certificates / SSL Acceleration - URL Rewrite - Web Application Firewall External Internal DMZ
27 Enterprise-Wide Security Mechanisms Encryption 3 rd Party Options Network - IPSec (VPN, Internal Systems) - SSL (Internal and External System) File Based - Operating System BitLocker - GeoSpatially enabled PDF s combined with Certificates - Hardware (Disk) RDBMS - Transparent Data Encryption - Low Cost Portable Solution - SQL Express 2008 w/tde
28 Enterprise-Wide Security Mechanisms Logging/Auditing Esri COTS - Geodatabase history - May be utilized for tracking changes - ArcGIS Workflow Manager - Track Feature based activities - ArcGIS Server 10 Logging 3 rd Party - New user tag allows tracking of user requests - Web Server, RDBMS, OS, Firewall - Consolidate with a SIEM 86 % of victims had evidence of the breach in their logs, yet 61 % of the breaches were discovered by a third party *Verizon's 2010 Data Breach Investigations Report
29 Product Security Rich Client Mobile ArcGIS Server Cloud Services
30 Rich Client Security Desktop Explorer
31 Rich Client Security ArcGIS Desktop Client typically with most access to sensitive data Variety of system connections - Direct Connect RDBMS - Application Connect SDE - HTTP Service GeoData Service - Integration with Token Service - Windows native authentication - SSL and IPSec Utilization ArcObject Development Options - Record user-initiated GIS transactions - Fine-grained access control - Edit, Copy, Cut, Paste and Print
32 Rich Client Security ArcGIS Explorer Communication Explorers for different users or topics Focused data and functions in one place You manage and customize Sales Explorer Centrally managed configurations Marketing Explorer Your customers Explorer Your main office
33 Mobile Phone Security ArcPad ArcGIS Mobile
34 Mobile Phone Security More - Platforms - ArcPad - ArcGIS Mobile - iphone - Android - Windows - Functionality/Storage - User-base Leads to - Increased Hacker Attention
35 Mobile Phone Security ArcPad AXF Data file - Password protect and encrypt Memory Cards - Encrypt ArcGIS Server users and groups - Limit publishers Internet connection - Secure ArcPad synch traffic
36 Mobile Phone Security ArcGIS Mobile Security Touch Points SDE permissions Server authentication Communication Device access Storage Service authorization Project access Data access
37 Mobile Phone Security Mobile GeoData Service - HTTPS (SSL) or VPN tunnel Web Service - Credentials - Filter by OS / IP / Unique Device Identifier - Token Service Encrypt data at Rest - Windows Mobile Crypto API - 3 rd Party tools for entire storage system
38 ArcGIS Server Security
39 ArcGIS Server Security Pop Quiz Defaults Is Communication Across Wire Secure by Default? - No - Communication via ArcGIS Server and all clients is cleartext by default - Secure web communication with an SSL Certificate - Secure internal DCOM communication with IPSec
40 ArcGIS Server Security Pop Quiz - Filters Is a reverse proxy required for secure Internet facing deployments? - No - Some customers implement to eliminate DCOM traffic across firewalls - Used with Web Application Firewall improves security posture
41 ArcGIS Server Security Pop Quiz Guidance Is there Security Hardening Guidance? - Yes - Check out the ERC Implementation Gallery - Next update expected Q Version 10 Win 2k8
42 ArcGIS Server Security Pop Quiz - Configuration Should Everyone group be assigned to root in ArcGIS Manager? - Depends - Everyone will have access to your services by default - OK for Basic security risk environments - NOT recommended for any Standard or Advanced security - Deny by default used in higher risk environments
43 ArcGIS Server Security Security Model
44 ArcGIS Server Security User Local Access to SOM Windows - Access managed by operating system of SOM machine Solaris and Linux - Users managed by ArcGIS Server Manager Add users to appropriate group - Simplistic access levels (None, Read, Full) agsusers u View and access services agsadmin u Add, delete, or modify services u Start, stop, or pause services u Add, remove, or modify server directories u Create Web mapping applications u Add or remove SOC machines u View statistical information
45 ArcGIS Server Security Server Data Access Share folders that contain GIS resources - Grant SOC account Read and/or Write permission to the folder Add SOC as a user of your database - Grant SOC account Read and/or Write permission to each geodatabase
46 ArcGIS Server Security Management User Interface Access ArcGIS Services Directory - Available as part of ArcGIS Server installation - Typically not exposed for Standard security needs to public REST API Admin - Manages access to local ArcGIS Services Directory - Maintains REST cache - Requires membership in agsadmin group - Recommend to configure no public access ArcGIS Manager - Recommend to configure no public access
47 ArcGIS Server Security GIS resource access Local security Web security Internet Intranet Service capabilities Web editing ArcGIS Server
48 ArcGIS Server Security Implementing Web Access Control 1. Define user/role store 2. Assign users to roles 3. Assign roles to resources 4. Enable security
49 ArcGIS Server Security Authenticating to services with Token What is a token? Why do you need it? - Services don t have a logon user interface How does it work? - ArcGIS Server Token Service Where do you get it? - Request a Token from Token Service
50 ArcGIS Server Security Web Service API Security Options Embed Token Token Web Server ArcGIS SOAP/REST Bind token in a proxy page Proxy page Token Secured container Write full logon access to the token service (e.g., ArcGIS Desktop, custom application ) Token User Password Token server
51 ArcGIS Server Security Flowing web user identity down to the database Integrated Security Model (ISM) Flow web user identity to database via proxy user - Logging - Non-repudiation across all architecture tiers for high risk security environments - Row-Level Security - Database driven security model for high-risk security environments Current Status - Customer scenarios collected - Simple configuration performance validation completed % performance overhead - More complex scenarios to be validated next - Basic documentation online for Java ArcGIS Server
52 ArcGIS Server Security ISM Initial Validation Configuration - Web Server - MS IIS - Application Server - Java ArcGIS Server 10 - LDAP (Derby) Users & Groups Security Provider - Oracle Database - Proxy user sessions - Table level access
53 ArcGIS Server Security Row Level Security With ISM Virtual Private Database (VPD) - Transparently modifies requests Oracle Label Security (OLS) Optional add-on Provides interface for row-level security - Presents partial table view
54 ArcGIS Server Security Version 10 Security Enhancements AGS Manager - Searchable user/roles - Application Level User Activity Logging Database level security option - Added to REST API - Passes user context to database - Control all data access at data tier Web Service Interface Security Improvements
55 ArcGIS Server Security Amazon ArcGIS Server For Amazon - Esri built ArcGIS Server Amazon Machine Image (AMI) - Deploy to Amazon Elastic Compute Cloud (EC2) instance Addressing Security - Current AMI not hardened beyond Windows 2008 Server defaults - Typical Firewall Entries for Cloud implementations - ArcGIS Server - Port 80/443 for IIS & Remote desktop - Enterprise GeoDB AMI - Port 5151 Biggest Cloud Computing Concern is Security and Privacy
56 Cloud Computing Security
57 Cloud Computing Security Is Cloud computing safe? - Classic answer: It depends Security Benefits - Virtualization / Automation - Expedite secure configurations with images - Broad network access - Reduce removable media needs - Segmentation - Public data -> Cloud & sensitive -> Internal - Potential economies of scale - Lower cost backup copies of data - Self-service technologies - Apply security controls on demand
58 Cloud Computing Security 2010 Cloud Computing Risks
59 Cloud Computing Security Risks Vendor Practice Dependence - Potential sub-standard security controls - Loss of governance over data Vendor Lock-In - Services termination data loss - Portability - Lost internal capabilities to support Sharing resources (Multi-tenancy) - Access to other s data - Unclear security responsibilities - Increased data transmitted = Increased disclosure risk Deployment Model Threat Exposure Levels - Private = Lowest Community = More Highest = Public
60 Cloud Computing Security Which cloud service model? System Admin Access (IaaS) - ArcGIS Server on Amazon EC2 - Federal Terremark Cloud - Private Cloud Developer Access (PaaS) - Esri Web Mapping APIs (JavaScript, Flex, Silverlight) - Microsoft Azure ArcGIS Applications End User Solutions (SaaS) - ArcGIS.com - Business Analyst Online - ArcGIS Explorer Online
61 Cloud Computing Security Which cloud deployment model? Cloud Deployment Location - Public (e.g Amazon) - Private (e.g. Internal Corporate) Primary driver -> Security Agencies segmenting datasets to mitigate cloud risks - Public clouds for public datasets - Private clouds for sensitive datasets June 2010 IDC IT Executive Survey - Preference for using a private versus a public cloud - 55% - Private cloud was more appealing than a public cloud - 22% - Equally appealing Organizations from the midmarket up, will have a mix of public & private
62 Cloud Computing Security What are your security needs? Assess your security needs - Data sensitivity - Public domain, sensitive, classified - User types - Public, internal - Categorize security needs - Basic, standard, advanced Most public cloud implementations are basic - Security similar to social networking sites (Facebook) - Most GIS users have only basic security needs
63 Cloud Computing Security Best practices Similar to internal ops - Break up tiers - Protect in transit - Protect at rest - Credential management - Built-in OS Firewalls - AGS App Security
64 Cloud Computing Security ArcGIS Server on Amazon EC2 Default Deployment Default - Web and App Tiers combined Scaling out - Elastic Load Balancing - What about supporting infrastructure? Scaling Out
65 Cloud Computing Security ArcGIS Server on Amazon EC2 Minimize your administrative attack surface
66 Cloud Computing Security Amazon EC2 Security Secured physical facilities Logically secure EC2 instances Configurable firewall to control ingress access Standard ArcGIS Server security Optional multifactor authentication
67 Cloud Computing Security Cloud Directive White House urging Federal agencies to adopt - Clear focus on streamlining infrastructure management, improving service, and saving money - Security concerns continue to hold agencies back Cloud Security Status - Half of those who have implemented cloud apps DO NOT KNOW if they have experienced a breach Are government cloud information security standards available? - Requested by 91% of Agencies Statistics from 2010 Symantec Break in the Cloud Report
68 Cloud Computing Security FedRAMP Work in Progress Standard Cross-agency Cloud security C&A process - Initial standard for Low and Moderate security Esri actively engaged in working groups & commenting period Esri actively identifying interested Agencies - FedRAMP initially focused on large user base systems or used by multiple Federal agencies
69 Esri Security Compliance
70 Esri Security Compliance Security Patterns Esri security implementation patterns - Leverage NIST security controls - Based on same standards as FISMA C&A process - Not provided as full certification compliance representations As validated, patterns released in Enterprise GIS Resource Center
71 Esri Security Compliance Desktop Software FDCC (Federal Desktop Core Configuration) certified - Esri fully supports and tests product compatibility since Starting with Windows 7 name changing to USGCB - United States Government Configuration Baseline PKI (Public Key Infrastructure) w/ CAC or PIV - Common customer deployment
72 Esri Security Compliance ArcGIS Server Configurable for FIPS encryption requirements - ArcGIS Server.NET requires a workaround procedure Security hardening guidelines available - Whitepaper update in couple months - Win 2k8 and ArcGIS 10 - Based on in-the-field lessons learned and test environment
73 Esri Security Compliance Hosting Services 2010 SAS 70 type 1 audit of ArcGIS.com FISMA certification and accreditation - Esri hosts low risk category environments - Each solution currently requires a separate certification FedRAMP standard for cloud deployments - Actively reviewing / feedback this due this week - Let us know if you are interested
74 Esri Security Compliance Summary Esri provides security due diligence with our solutions, but is not a security software company Utilize 3 rd party security software for high level IA functions Many successful Esri high risk security deployments - International - ISO 17799/2700X, BS 7799, Common Criteria (CC) - Federal - FISMA (NIST), DITSCAP/DIACAP - Industry - HIPPA, SOX, PCI Esri is Fully Committed to Federal Security Requirements
75 Summary and Next Steps
76 Summary Security is NOT about just a technology - Understand your organizations GIS risk level - Utilize Defense-In-Depth Secure Best Practice Guidance is Available - Check out the Enterprise GIS Resource Center! - Drill into details by mechanism or application type - Professional Services Enterprise GIS Security Assessment Cloud Computing for GIS Has Arrived - Security is evolving quickly - Security in the cloud is a shared responsibility
77 Next Steps Supporting Secure Solutions Your Feedback and Insight Today is Essential - Current Security Issues - Upcoming Security Requirements - Feedback on Integrated Security Model - Suggestions for the Enterprise Resource Center - Areas of concern Not addressed Today Contact Us At: Enterprise Security esinfo@esri.com Michael Young myoung@esri.com
78 Session Evaluation Reminder Session Attendees: Please turn in your session evaluations.... Thank you
79
Designing an Enterprise GIS Security Strategy
2013 Esri International User Conference July 8 12, 2013 San Diego, California Technical Workshop Designing an Enterprise GIS Security Strategy Michael E. Young Esri UC2013.T Technical Workshop op. Agenda
More informationArcGIS Online A Security, Privacy, and Compliance Overview. Andrea Rosso Michael Young
ArcGIS Online A Security, Privacy, and Compliance Overview Andrea Rosso Michael Young ArcGIS Online A Multi-Tenant System Portal Portal Portal ArcGIS Online Agenda Online Platform Security Deployment Architecture
More informationIntroduction to ArcGIS Server Architecture and Services. Amr Wahba
Introduction to ArcGIS Server 10.1 - Architecture and Services Amr Wahba awahba@esri.com Agenda Architecture Features Publishing Security Cloud Powerful GIS capabilities Delivered as Web services To help
More informationSecuring ArcGIS Services
Federal GIS Conference 2014 February 10 11, 2014 Washington DC Securing ArcGIS Services James Cardona Agenda Security in the context of ArcGIS for Server Background concepts Access Securing web services
More informationArcGIS Enterprise Security: An Introduction. Randall Williams Esri PSIRT
ArcGIS Enterprise Security: An Introduction Randall Williams Esri PSIRT Agenda ArcGIS Enterprise Security for *BEGINNING to INTERMIDIATE* users ArcGIS Enterprise Security Model Portal for ArcGIS Authentication
More informationArcGIS for Server: Security
DevSummit DC February 11, 2015 Washington, DC Michael Sarhan Esri msarhan@esri.com Agenda Review Basic Security Workflow - ArcGIS Server Roles and Identity Stores - Authentication - Authorization: Securing
More information2013 AWS Worldwide Public Sector Summit Washington, D.C.
Washington, D.C. Web Mapping and Security A View From Esri Bonnie Stayer Solutions Engineer Dan O Leary Director, D.C. Software Development Center Introduction Cloud security affected by many moving parts
More informationSecuring ArcGIS Server Services An Introduction
2013 Esri International User Conference July 8 12, 2013 San Diego, California Technical Workshop Securing ArcGIS Server Services An Introduction David Cordes & Derek Law Esri - Redlands, CA Agenda Security
More informationArcGIS Server and Portal for ArcGIS An Introduction to Security
ArcGIS Server and Portal for ArcGIS An Introduction to Security Jeff Smith & Derek Law July 21, 2015 Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context
More informationManaging and Auditing Organizational Migration to the Cloud TELASA SECURITY
Managing and Auditing Organizational Migration to the Cloud 1 TELASA SECURITY About Me Brian Greidanus bgreidan@telasasecurity.com 18+ years of security and compliance experience delivering consulting
More informationSecurity overview Setup and configuration Securing GIS Web services. Securing Web applications. Web ADF applications
Implementing Security for ArcGIS Server for the Microsoft.NET NET Framework Tom Brenneman Sud Menon Schedule Security overview Setup and configuration Securing GIS Web services Using the token service
More informationImplementing Security for ArcGIS Server Java Solutions
Implementing Security for ArcGIS Server Java Solutions Shreyas Shinde Jay Theodore ESRI Developer Summit 2008 1 Schedule 75 minute session 60 65 minute lecture 10 15 minutes Q & A following the lecture
More informationArcGIS Enterprise Security: An Introduction. Gregory Ponto & Jeff Smith
ArcGIS Enterprise Security: An Introduction Gregory Ponto & Jeff Smith Agenda ArcGIS Enterprise Security Model Portal for ArcGIS Authentication Authorization Building the Enterprise Encryption Collaboration
More informationSoftLayer Security and Compliance:
SoftLayer Security and Compliance: How security and compliance are implemented and managed Introduction Cloud computing generally gets a bad rap when security is discussed. However, most major cloud providers
More informationLiferay Security Features Overview. How Liferay Approaches Security
Liferay Security Features Overview How Liferay Approaches Security Table of Contents Executive Summary.......................................... 1 Transport Security............................................
More informationArcGIS Server Web Server Web Applications WWW. Applications. ArcGIS Server Manager. GIS Server. Data. Desktop GIS. ArcGIS Desktop (content author) SOM
ArcGIS Server on Linux and Unix Architecture and Deployment Recommendations Peter D Souza and Ravi Narayanan Developer Summit 2007 1 Our Assumptions Familiarity with ArcGIS Server Familiarity with Solaris
More informationSecurity Readiness Assessment
Security Readiness Assessment Jackson Thomas Senior Manager, Sales Consulting Copyright 2015 Oracle and/or its affiliates. All rights reserved. Cloud Era Requires Identity-Centric Security SaaS PaaS IaaS
More informationPKI is Alive and Well: The Symantec Managed PKI Service
PKI is Alive and Well: The Symantec Managed PKI Service Marty Jost Product Marketing, User Authentication Lance Handorf Technical Enablement, PKI Solutions 1 Agenda 1 2 3 PKI Background: Problems and Solutions
More informationDreamFactory Security Guide
DreamFactory Security Guide This white paper is designed to provide security information about DreamFactory. The sections below discuss the inherently secure characteristics of the platform and the explicit
More informationDeploying to the Cloud: A Case study on the Development of EHNAC s Cloud Enabled Accreditation Program (CEAP)
Deploying to the Cloud: A Case study on the Development of EHNAC s Cloud Enabled Accreditation Program (CEAP) May 16, 2016 Speakers Ron Moser, Managing Director, Moserhaus Consulting, LLC and Sr. Consultant,
More informationAn Introduction to GIS for developers
An Introduction to GIS for developers Part 4: GIS Sharing Canserina Kurnia & Tom Shippee Agenda Web GIS ArcGIS Online Cloud-based ArcGIS Server ArcGIS Server on-premises ArcGIS a complete platform discover,
More informationSecurity & Compliance in the AWS Cloud. Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web
Security & Compliance in the AWS Cloud Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web Services @awscloud www.cloudsec.com #CLOUDSEC Security & Compliance in the AWS Cloud TECHNICAL & BUSINESS
More informationArcGIS Enterprise: Portal Administration BILL MAJOR CRAIG CLEVELAND
ArcGIS Enterprise: Portal Administration BILL MAJOR CRAIG CLEVELAND Agenda Welcome & Introduction to ArcGIS Enterprise Portal for ArcGIS - Basic Configuration - Advanced Configuration - Deploying Apps
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V3.0, MAY 2017 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationIntroduction to AWS GoldBase
Introduction to AWS GoldBase A Solution to Automate Security, Compliance, and Governance in AWS October 2015 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document
More informationAxway Validation Authority Suite
Axway Validation Authority Suite PKI safeguards for secure applications Around the world, banks, healthcare organizations, governments, and defense agencies rely on public key infrastructures (PKIs) to
More informationK12 Cybersecurity Roadmap
K12 Cybersecurity Roadmap Introduction Jason Brown, CISSP Chief Information Security Officer Merit Network, Inc jbrown@merit.edu @jasonbrown17 https://linkedin.com/in/jasonbrown17 2 Agenda 3 Why Use the
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationAccelerating the HCLS Industry Through Cloud Computing
Accelerating the HCLS Industry Through Cloud Computing Use cloud computing to accelerate life sciences and healthcare specific workloads, and meet the unique computation, storage, security, and compliance
More informationSecurity & Compliance in the AWS Cloud. Amazon Web Services
Security & Compliance in the AWS Cloud Amazon Web Services Our Culture Simple Security Controls Job Zero AWS Pace of Innovation AWS has been continually expanding its services to support virtually any
More informationCloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud Services http://www.cloud-council.org/deliverables/cloud-customer-architecture-for-securing-workloads-on-cloud-services.htm Webinar April 19,
More informationBelarc Product Description
Belarc Product Description BelManage Base Belarc's architecture is based on a single enterprise-wide server and database. There is no requirement to maintain local servers or scanners. Belarc's discovery
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.7)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.7) Directions and Instructions for completing this assessment The answers provided
More informationSECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry
SECURITY ON AWS By Max Ellsberry AWS Security Standards The IT infrastructure that AWS provides has been designed and managed in alignment with the best practices and meets a variety of standards. Below
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationIntroduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview
IBM Watson on the IBM Cloud Security Overview Introduction IBM Watson on the IBM Cloud helps to transform businesses, enhancing competitive advantage and disrupting industries by unlocking the potential
More informationAPPLICATION & INFRASTRUCTURE SECURITY CONTROLS
APPLICATION & INFRASTRUCTURE SECURITY CONTROLS ON THE KINVEY PLATFORM APPLICATION KINVEY PLATFORM SERVICES END-TO-END APPLICATION & INFRASTRUCTURE SERCURITY CONTROLS ENTERPRISE DATA & IDENTITY 2015 Kinvey,
More informationVirtual Machine Encryption Security & Compliance in the Cloud
Virtual Machine Encryption Security & Compliance in the Cloud Pius Graf Director Sales Switzerland 27.September 2017 Agenda Control Your Data In The Cloud Overview Virtual Machine Encryption Architecture
More informationSAP Security in a Hybrid World. Kiran Kola
SAP Security in a Hybrid World Kiran Kola Agenda Cybersecurity SAP Cloud Platform Identity Provisioning service SAP Cloud Platform Identity Authentication service SAP Cloud Connector & how to achieve Principal
More informationThe Device Has Left the Building
The Device Has Left the Building Mobile Security Made Easy With Managed PKI Christian Brindley Principal Systems Engineer, Symantec Identity and Information Protection Agenda 1 2 3 Mobile Trends and Use
More informationPCI DSS Compliance. White Paper Parallels Remote Application Server
PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3
More informationData Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle
Data Security and Privacy : Compliance to Stewardship Jignesh Patel Solution Consultant,Oracle Agenda Connected Government Security Threats and Risks Defense In Depth Approach Summary Connected Government
More informationSAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts
SAP Cybersecurity Solution Brief Objectives Solution Benefits Quick Facts Secure your SAP landscapes from cyber attack Identify and remove cyber risks in SAP landscapes Perform gap analysis against compliance
More informationSecurity+ SY0-501 Study Guide Table of Contents
Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators
More informationThe Emerging Role of a CDN in Facilitating Secure Cloud Deployments
White Paper The Emerging Role of a CDN in Facilitating Secure Cloud Deployments Sponsored by: Fastly Robert Ayoub August 2017 IDC OPINION The ongoing adoption of cloud services and the desire for anytime,
More informationSecurity and Compliance at Mavenlink
Security and Compliance at Mavenlink Table of Contents Introduction....3 Application Security....4....4....5 Infrastructure Security....8....8....8....9 Data Security.... 10....10....10 Infrastructure
More informationSecuring Office 365 with MobileIron
Securing Office 365 with MobileIron Introduction Office 365 is Microsoft s cloud-based productivity suite. It includes online versions of Microsoft s most popular solutions, like Exchange and SharePoint,
More informationNOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect
NOTHING IS WHAT IT SIEMs: COVER PAGE Simpler Way to Effective Threat Management TEMPLATE Dan Pitman Principal Security Architect Cybersecurity is harder than it should be 2 SIEM can be harder than it should
More informationArcGIS for Server: Administration and Security. Amr Wahba
ArcGIS for Server: Administration and Security Amr Wahba awahba@esri.com Agenda ArcGIS Server architecture Distributing and scaling components Implementing security Monitoring server logs Automating server
More informationSolutions Business Manager Web Application Security Assessment
White Paper Solutions Business Manager Solutions Business Manager 11.3.1 Web Application Security Assessment Table of Contents Micro Focus Takes Security Seriously... 1 Solutions Business Manager Security
More informationWatson Developer Cloud Security Overview
Watson Developer Cloud Security Overview Introduction This document provides a high-level overview of the measures and safeguards that IBM implements to protect and separate data between customers for
More informationOptiSol FinTech Platforms
OptiSol FinTech Platforms Payment Solutions Cloud enabled Web & Mobile Platform for Fund Transfer OPTISOL BUSINESS SOLUTIONS PRIVATE LIMITED #87/4, Arcot Road, Vadapalani, Chennai 600026, Tamil Nadu. India
More information1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7
1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7 ORACLE PRODUCT LOGO 20. oktober 2011 Hotel Europa Sarajevo Platform
More informationVirtustream Cloud and Managed Services Solutions for US State & Local Governments and Education
Data Sheet Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education Available through NASPO ValuePoint Cloud Services VIRTUSTREAM CLOUD AND MANAGED SERVICES SOLUTIONS
More informationGLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications
GLOBALPROTECT Prevent Breaches and Secure the Mobile Workforce GlobalProtect extends the protection of Palo Alto Networks Next-Generation Security Platform to the members of your mobile workforce, no matter
More informationMIS Week 9 Host Hardening
MIS 5214 Week 9 Host Hardening Agenda NIST Risk Management Framework A quick review Implementing controls Host hardening Security configuration checklist (w/disa STIG Viewer) NIST 800-53Ar4 How Controls
More informationArcGIS for Server Michele Lundeen
ArcGIS for Server 10.1 Michele Lundeen Summary Vision Installation and Configuration Architecture Publishing Functional Enhancements Cloud Migration and Best Practices Powerful GIS capabilities Delivered
More informationM2M / IoT Security. Eurotech`s Everyware IoT Security Elements Overview. Robert Andres
M2M / IoT Security Eurotech`s Everyware IoT Security Elements Overview Robert Andres 23. September 2015 The Eurotech IoT Approach : E2E Overview Application Layer Analytics Mining Enterprise Applications
More informationArcGIS Online. The Road Ahead Geoff Mortson
ArcGIS Online The Road Ahead Geoff Mortson gmortson@esricanada.com ArcGIS Online Easily create and share maps Delivered as intelligent maps Access on virtually any device anyone, anywhere Compliments and
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationSecuring ArcGIS for Server. David Cordes, Raj Padmanabhan
Securing ArcGIS for Server David Cordes, Raj Padmanabhan Agenda Security in the context of ArcGIS for Server User and Role Considerations Identity Stores Authentication Securing web services Protecting
More informationThe Business of Security in the Cloud
The Business of Security in the Cloud Dr. Pamela Fusco Vice President Industry Solutions Solutionary Inc. CISSP, CISM, CHSIII, IAM, NSA/CSS Adjunct Faculty Promises Promises The promise of cloud computing
More informationManaging Your Privileged Identities: The Choke Point of Advanced Attacks
Managing Your Privileged Identities: The Choke Point of Advanced Attacks Shirief Nosseir EMEA Alliances Director Identity & API Management Tuesday, 16 May 2017 Agenda Why Privileged Access Management Why
More informationLAN protected by a Firewall. ArcGIS Server. Web Server. GIS Server. Reverse Proxy. Data
Implementing Security for ArcGIS Server Java Solutions Shreyas Shinde Introductions Who are we? Developers for ArcGIS Server Java Who are you? ArcGIS Server developers p developers GIS Administrators for
More informationSecurity Operations & Analytics Services
Security Operations & Analytics Services www.ecominfotech.biz info@ecominfotech.biz Page 1 Key Challenges Average time to detect an attack (Dwell time) hovers around 175 to 210 days as reported by some
More informationMicrosoft Core Solutions of Microsoft SharePoint Server 2013
1800 ULEARN (853 276) www.ddls.com.au Microsoft 20331 - Core Solutions of Microsoft SharePoint Server 2013 Length 5 days Price $4290.00 (inc GST) Version B Overview This course will provide you with the
More informationW H IT E P A P E R. Salesforce Security for the IT Executive
W HITEPAPER Salesforce Security for the IT Executive Contents Contents...1 Introduction...1 Background...1 Settings Related to Security and Compliance...1 Password Settings... 1 Session Settings... 2 Login
More informationMicrosoft SharePoint Server 2013 Plan, Configure & Manage
Microsoft SharePoint Server 2013 Plan, Configure & Manage Course 20331-20332B 5 Days Instructor-led, Hands on Course Information This five day instructor-led course omits the overlap and redundancy that
More informationThe Nasuni Security Model
White Paper Nasuni enterprise file services ensures unstructured data security and privacy, enabling IT organizations to safely leverage cloud storage while meeting stringent governance and compliance
More informationBYOD Success Kit. Table of Contents. Current state of BYOD in enterprise Checklist for BYOD Success Helpful Pilot Tips
Table of Contents Current state of BYOD in enterprise Checklist for BYOD Success Helpful Pilot Tips 2 Current State of BYOD in the Enterprise Defining BYOD Bring-Your-Own-Device (BYOD): a business practice
More informationManaging Microsoft 365 Identity and Access
Course MS-500T01-A: Managing Microsoft 365 Identity and Access Page 1 of 3 Managing Microsoft 365 Identity and Access Course MS-500T01-A: 1 day; Instructor-Led Introduction Help protect against credential
More informationSecure & Unified Identity
Secure & Unified Identity for End & Privileged Users Copyright 2015 Centrify Corporation. All Rights Reserved. 1 Key Point #1: Perimeter is Dissolving Making Identity Matter Most You must plant a strong
More informationIntroduction. The Safe-T Solution
Secure Application Access Product Brief Contents Introduction 2 The Safe-T Solution 3 How It Works 3 Capabilities 4 Benefits 5 Feature List 6 6 Introduction As the world becomes much more digital and global,
More informationFencing the Cloud. Roger Casals. Senior Director Product Management. Shared vision for the Identity: Fencing the Cloud 1
Fencing the Cloud with Identity Roger Casals Senior Director Product Management Shared vision for the Identity: Fencing the Cloud 1 Disclaimer Copyright 2014 Symantec Corporation. All rights reserved.
More informationLearning What s New in ArcGIS 10.1 for Server: Administration
Esri Mid-Atlantic User Conference December 11-12th, 2012 Baltimore, MD Learning What s New in ArcGIS 10.1 for Server: Administration Derek Law Product Manager Esri - Redlands ArcGIS for Server Delivering
More informationCriminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud
Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud Introduction The Criminal Justice Information Security (CJIS) Policy is a publically accessible document that contains
More informationTEL2813/IS2820 Security Management
TEL2813/IS2820 Security Management Security Management Models And Practices Lecture 6 Jan 27, 2005 Introduction To create or maintain a secure environment 1. Design working security plan 2. Implement management
More informationArcGIS in the Cloud. Andrew Sakowicz & Alec Walker
ArcGIS in the Cloud Andrew Sakowicz & Alec Walker Key Takeaways How to Identify Organizational Strategy & Priorities Esri s Cloud Offerings A Broad Spectrum Successfully Executing Your Strategy The Cloud
More informationSecuring your Standards Based Services. Rüdiger Gartmann (con terra GmbH) Satish Sankaran (Esri)
Securing your Standards Based Services Rüdiger Gartmann (con terra GmbH) Satish Sankaran (Esri) Agenda What are your security goals? Access control Standards and interoperability User management and authentication
More informationWhy the cloud matters?
Why the cloud matters? Speed and Business Impact Expertise and Performance Cost Reduction Trend Micro Datacenter & Cloud Security Vision Enable enterprises to use private and public cloud computing with
More informationWHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365
WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365 Airwatch Support for Office 365 One of the most common questions being asked by many customers recently is How does AirWatch support Office 365? Customers often
More informationSecurity Enhancements
OVERVIEW Security Enhancements February 9, 2009 Abstract This paper provides an introduction to the security enhancements in Microsoft Windows 7. Built upon the security foundations of Windows Vista, Windows
More informationAwareness Technologies Systems Security. PHONE: (888)
Awareness Technologies Systems Security Physical Facility Specifications At Awareness Technologies, the security of our customers data is paramount. The following information from our provider Amazon Web
More informationDeveloping Enterprise Cloud Solutions with Azure
Developing Enterprise Cloud Solutions with Azure Java Focused 5 Day Course AUDIENCE FORMAT Developers and Software Architects Instructor-led with hands-on labs LEVEL 300 COURSE DESCRIPTION This course
More informationEn partenariat avec CA Technologies. Genève, Hôtel Warwick,
SIGS Afterwork Event in Geneva API Security as Part of Digital Transformation Projects The role of API security in digital transformation Nagib Aouini, Head of Cyber Security Services Defense & Cyber Security
More informationSecurity Architecture
Security Architecture RDX s top priority is to safeguard our customers sensitive information. Introduction RDX understands that our customers have turned over the keys to their sensitive data stores to
More informationArcGIS 10.3 Server on Amazon Web Services
ArcGIS 10.3 Server on Amazon Web Services Copyright 1995-2016 Esri. All rights reserved. Table of Contents Introduction What is ArcGIS Server on Amazon Web Services?............................... 5 Quick
More informationGet the Most Out of GoAnywhere: Achieving Cloud File Transfers and Integrations
Get the Most Out of GoAnywhere: Achieving Cloud File Transfers and Integrations Today s Presenter Dan Freeman, CISSP Senior Solutions Consultant HelpSystems Steve Luebbe Director of Development HelpSystems
More informationTechnical Overview of DirectAccess in Windows 7 and Windows Server 2008 R2. Microsoft Windows Family of Operating Systems
Technical Overview of in Windows 7 and Windows Server 2008 R2 Microsoft Windows Family of Operating Systems Published: January 2009 This document supports a preliminary release of a software product that
More informationSOLUTION BRIEF CA API MANAGEMENT. Enable and Protect Your Web Applications From OWASP Top Ten With CA API Management
SOLUTION BRIEF CA API MANAGEMENT Enable and Protect Your Web Applications From OWASP Top Ten With CA API Management 2 SOLUTION BRIEF ENABLE AND PROTECT YOUR WEB APPLICATIONS WITH CA API MANAGEMENT ca.com
More informationTRACKVIA SECURITY OVERVIEW
TRACKVIA SECURITY OVERVIEW TrackVia s customers rely on our service for many mission-critical applications, as well as for applications that have various compliance and regulatory obligations. At all times
More informationQuickBooks Online Security White Paper July 2017
QuickBooks Online Security White Paper July 2017 Page 1 of 6 Introduction At Intuit QuickBooks Online (QBO), we consider the security of your information as well as your customers and employees data a
More informationGDPR Update and ENISA guidelines
GDPR Update and ENISA guidelines 2016 [Type text] There are two topics that should be uppermost in every CISO's mind, how to address the growing demand for Unified Communications (UC) and how to ensure
More informationCloud Security. Copyright Ramesh Nagappan. All rights reserved.
Cloud Security 1 Cloud Security Week 1 Lecture 1 Ramesh Nagappan Harvard University Extension School Brandeis University GPS 2 Week 1 Lecture - 1 Course Introduction Evolution of Cloud Computing Introduction
More informationAWS continually manages risk and undergoes recurring assessments to ensure compliance with industry standards.
Security Practices Freshservice Security Practices Freshservice is online IT service desk software that allows IT teams of organizations to support their users through email, phone, website and mobile.
More informationVMware, SQL Server and Encrypting Private Data Townsend Security
VMware, SQL Server and Encrypting Private Data Townsend Security 724 Columbia Street NW, Suite 400 Olympia, WA 98501 360.359.4400 Today s Agenda! Compliance, standards, and best practices! Encryption and
More informationCloud-Security: Show-Stopper or Enabling Technology?
Cloud-Security: Show-Stopper or Enabling Technology? Fraunhofer Institute for Secure Information Technology (SIT) Technische Universität München Open Grid Forum, 16.3,. 2010, Munich Overview 1. Cloud Characteristics
More informationEnhanced Privacy ID (EPID), 156
Index A Accountability, 148 ActiveDirectory, 153 Amazon AWS EC2, 168 Anonymity, 148 Asset tagging, 96 Attestation definition, 65 dynamic remote attestation techniques, 66 IMA, 67 Intel Trust Attestation
More informationWITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:
SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE Protecting your business assets and sensitive data requires regular vulnerability assessment,
More informationIPM Secure Hardening Guidelines
IPM Secure Hardening Guidelines Introduction Due to rapidly increasing Cyber Threats and cyber warfare on Industrial Control System Devices and applications, Eaton recommends following best practices for
More information