The First Six Steps to Securing Remote Locations 1

Similar documents
Securing Your Most Sensitive Data

WatchGuard Total Security Complete network protection in a single, easy-to-deploy solution.

10 easy steps to secure your retail network

Teradata and Protegrity High-Value Protection for High-Value Data

Altitude Software. Data Protection Heading 2018

COMPLETING THE PAYMENT SECURITY PUZZLE

The Top 6 WAF Essentials to Achieve Application Security Efficacy

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

The Honest Advantage

A Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud

PREPARE & PREVENT. The SD Comprehensive Cybersecurity Portfolio for Business Aviation

PCI DSS Compliance. White Paper Parallels Remote Application Server

Multilayered technology, machine learning and human expertise working together to provide comprehensive security for all platforms.

Best Practices for PCI DSS Version 3.2 Network Security Compliance

MOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner

Simplify PCI Compliance

OUR SECURITY DELIVERED YOUR WAY

What is a mobile protection product?

Entertaining & Effective Security Awareness Training

PCI DSS 3.1 is here. Are you ready? Mike Goldgof Sr. Director Product Marketing

eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments

Angelo Gentili Head of Business Development, EMEA Region, PartnerNET

Machine Learning and Advanced Analytics to Address Today s Security Challenges

Multilayered technology, machine learning and human expertise working together to provide comprehensive security for all platforms.

Clearing the Path to PCI DSS Version 2.0 Compliance

Eliminate Your Network Blind Spots with Complete Visibility

Make security part of your client systems refresh

AND FINANCIAL CYBER FRAUD INSTITUTIONS FROM. Solution Brief PROTECTING BANKING

The simplified guide to. HIPAA compliance

Tracking and Reporting

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

PAYMENT CARD INDUSTRY DATA SECURITY STANDARD (PCI DSS)

Carbon Black PCI Compliance Mapping Checklist

Ensuring Desktop Central Compliance to Payment Card Industry (PCI) Data Security Standard

ALTITUDE DOESN T MAKE YOU SAFE. Satcom Direct s Comprehensive Cyber Security Portfolio for Business Aviation

Introduction to Cloud Networking. Company and Product Overview

Maximizing IT Security with Configuration Management WHITE PAPER

Cybersecurity The Evolving Landscape

VANGUARD WHITE PAPER VANGUARD INSURANCE INDUSTRY WHITEPAPER

Transform your network and your customer experience. Introducing SD-WAN Concierge

WHITE PAPERS. INSURANCE INDUSTRY (White Paper)

Oracle Database Vault

AKAMAI CLOUD SECURITY SOLUTIONS

Total Security Management PCI DSS Compliance Guide

It s About the Data, Stupid.

WHITE PAPER. Applying Software-Defined Security to the Branch Office

WHITEPAPER HEALTHCARE S KEY TO DEFEATING CYBERATTACKS

74% 2014 SIEM Efficiency Report. Hunting out IT changes with SIEM

Security and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director /

mhealth SECURITY: STATS AND SOLUTIONS

EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS

4 Ways to Protect Your Organization from a Data Breach

PCI Compliance. What is it? Who uses it? Why is it important?

A Comprehensive Guide to Remote Managed IT Security for Higher Education

Complying with PCI DSS 3.0

Cybersecurity in Higher Ed

CISO View: Top 4 Major Imperatives for Enterprise Defense

Supercharge Your SIEM: How Domain Intelligence Enhances Situational Awareness

The Value Of NEONet Cybersecurity. Why You Need To Protect Your The Value Of NEOnet Cybersecurity. Private Student Data In Ohio

LOGmanager and PCI Data Security Standard v3.2 compliance

Healthcare in the Public Cloud DIY vs. Managed Services

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

SYMANTEC DATA CENTER SECURITY

SECURITY PLATFORM FOR HEALTHCARE PROVIDERS

6 Vulnerabilities of the Retail Payment Ecosystem

As Enterprise Mobility Usage Escalates, So Does Security Risk

with Advanced Protection

WatchGuard Technologies

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Securing Your Airspace with WatchGuard s Wireless Intrusion Prevention (WIPS)

Insurance Industry - PCI DSS

INSIDE. Integrated Security: Creating the Secure Enterprise. Symantec Enterprise Security

Security and PCI Compliance for Retail Point-of-Sale Systems

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

SD-WAN Solution How to Make the Best Choice for Your Business

What is HIPPA/PCI? Understanding HIPAA. Understanding PCI DSS

Mitigating Risks with Cloud Computing Dan Reis

CROWDSTRIKE FALCON FOR THE PUBLIC SECTOR

Protecting Health Information

VMware vcloud Air Network Service Providers Ensure Smooth Cloud Deployment

The Devil is in the Details: The Secrets to Complying with PCI Requirements. Michelle Kaiser Bray Faegre Baker Daniels

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

User-to-Data-Center Access Control Using TrustSec Design Guide

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

How Identity as a Service Makes UCaaS/SaaS Integrations More Scalable, Productive, and Secure

Cisco Stealthwatch Improves Threat Defense with Network Visibility and Security Analytics

HIMSS 15 Doing Better Business in the Era of Data Security and Privacy

Privileged Account Security: A Balanced Approach to Securing Unix Environments

Automating the Top 20 CIS Critical Security Controls

Disk Encryption Buyers Guide

Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution

HIPAA Regulatory Compliance

What are PCI DSS? PCI DSS = Payment Card Industry Data Security Standards

Retail Security in a World of Digital Touchpoint Complexity

Protecting Your Data in the Cloud. Ulf Mattsson Chief Technology Officer ulf.mattsson [at] protegrity.com

SECURING DEVICES IN THE INTERNET OF THINGS

Meeting FFIEC Meeting Regulations for Online and Mobile Banking

Cyber Security Guidelines for Public Wi-Fi Networks

CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n

Transcription:

Solutions for the Distributed Enterprise The First Six Steps to Securing Remote Locations 1

Table of Contents What is a Distributed Enterprise... 3 Market Drivers... 5 What Problems... 7 Step 1: Centralized Security Policy... 9 Step 2: Secure Communications Between Locations... 11 Step 3: Secure the POS... 13 Step 4: Attain regulatory compliance... 15 Step 5: Secure guest Wi-Fi hotspots... 17 Step 6: Gain greater visibility... 19 How WatchGuard enables Distributed Enterprises... 20 What Is a Distributed Enterprise? A Distributed Enterprise is a type of company that generally has both a corporate headquarters and remote sites, which employs a highly centralized system for controls and management. In addition to managing and securing a traditional corporate headquarters and remote employee sites, Distributed Enterprises must also support multiple locations that operate like a typical small business. This relationship between a centralized entity and many independent business locations is especially common in the retail, hospitality, medical, and financial industries and creates unique network security challenges. In this ebook, we ll explain the most common security challenges faced by Distributed Enterprises, and more importantly, what you can do about them. 2 3

Evolving regulatory standards are forcing organizations in many industries to upgrade security systems. Market drivers Consumer and regulatory pressures are forcing Distributed Enterprises across the world to make adjustments to both the technologies they purchase, and the policies they enforce. Evolving regulatory standards are forcing organizations in many industries to upgrade security systems. Retail, hospitality, and healthcare organizations face significant losses if they fail to comply with Payment Card Industry Data Security Standard (PCI DSS) and/or the Health Insurance Portability and Accountability Act (HIPAA). Organizations of all sizes have begun to take notice of the dramatic increase in the volume of data breaches. Cyber crime is becoming increasingly popular due to the increased profits, and access to sophisticated malware is more readily available than ever before. Data privacy and protection laws are in place in over 80 countries worldwide. 48% 4 A month doesn t pass without another high-profile corporation falling victim to a data breach, and the negative publicity is inescapable. Businesses ranging from Target, to Sony Pictures, to Ashley Madison, have all been plastered across the headlines following major breaches of customer data, and their reputations may never fully recover. Consumers no longer view Wi-Fi hotspots as a pleasant convenience. Now, fast and reliable wireless internet access is expected. Customers, guests, patients, and vendors all have one thing in common: the overwhelming desire for Wi-Fi. The need for advanced networking technology has become increasingly common. Basic networking equipment doesn t offer the flexibility that Distributed Enterprises need to facilitate modern requirements in technology, including the adoption of cloud services, network segmentation, VLANs, and dynamic routing. New threats rise 48% each year. Gartner reported that 4.9 Billion Things connected to the internet in 2015. 5

COFFEE XTM devices have tremendous horsepower to let us do what we need to do, while protecting our networks with application filtering, IPS, web-blocking, spam-blocking, https, and more... Seeing the performance and level of protection we get we are very happy with the investment we made in our WatchGuard deployment. ~ Daniel Mullikin, Network Administrator, Shari s COFFEE COFFEE What Problems Distributed Enterprises are subject to several unique security challenges, in addition to the significant challenges faced by traditional enterprises. For this modern, far-reaching organization, centralized security policy is critical, as is the ease of deployment of the security solution at the remote business location. Once security is deployed, the ability to maintain visibility across their entire network for compliance reporting, health monitoring, and business intelligence purposes is equally as important. Unlike traditional enterprise organizations, these remote business sites are generally filled with consumers, all looking for Wi-Fi access. Business owners have to figure out how to offer, secure, and even benefit from this demand. Finally, all businesses must achieve compliance with the growing number of standards for security compliance like PCI DSS and HIPAA, which require constant management and auditability of vulnerable systems and data. 6 7

Solutions for the Distributed Enterprise Step 1 60% of breaches How can I define security policy for my network and ensure that policy is implemented and active at every location? are due to human errors - Verizon Data Breach Report 2015 Centralized Security Policy The NCR Network and Security Services (NSS) team is excited about using WatchGuard s rapid deployment technology as part of our Site Shield service. Installing and configuring firewall devices in this manner will strengthen our ability to deploy NSS quickly and cost-effectively. ~ Lenny Zeltser, Director of Product Management at NCR 8 For any Distributed Enterprise, the able to define centralized security policy is a must-have. Centrally defined rules regarding acceptable network usage, data storage and transfer, and handling of sensitive customer and payment information must be easily deployed and managed. Also, since technical expertise at the remote locations is generally very rare, this centrally defined policy must be very easy to deploy and manage at each location. Organizations need to standardize on a configuration template which can be deployed centrally. Given the scarcity of IT resources in a Distributed Environment, deployments must occur in a quick and cost-effective manner. Management of acceptable policies needs to be centrally managed to ensure consistent rules and timely software upgrades. 9

Solutions for the Distributed Enterprise Step 2 Deploying WatchGuard was a simple installation process at GlobalHunt. Setting up VPN was like child play as WatchGuard Drag and Drop feature took only a few seconds, How do I secure communication between HQ and all of my remote business locations? Corporate Headquarters ~ Jagdish Chandra, Manager IT at GlobalHunt India Pvt Ltd. Secure Communications Between Locations 10 Although remote locations often operate as independent small businesses, there is a constant requirement for sensitive information such as corporate resources, customer records, and payment data to be shared between the corporate headquarters and each site. Dangers of sending sensitive communication over the open web present significant security risks. Distributed enterprise organizations need a way to secure all communications between their corporate HQ and remote employee and business locations. Map data 2015 Google Establishing an encrypted network connection, known as a Virtual Private Network (VPN), between the HQ and the remote location, or between two remote locations will ensure that all communications are secure. 11 11

Step 3 56million customer records stolen from Home Depot using POS malware. - Verizon Data Breach Report 2015 How can I segment our POS network from the other traffic at each location and get that payment information back to HQ in a safe and compliant way? Remote Location Corporate Headquarters Secure the POS Put simply, strong security, properly done! ~ Andy Evers, IT Manger, Red Carnation Hotels Credit cards have been a convenience to businesses and consumers alike for over 50 years. These small pieces of plastic make transacting easy, but securing those transactions in our connected world is a different story entirely. Purpose-built malware is popping up every day, designed specifically to compromise point of sale (POS) systems. For the Distributed Enterprise, cash-only is simply not an option. Organizations must accept and transmit customer payment information, which creates a unique set of security challenges for both the remote site and the corporate HQ. Remote locations that process credit card transactions must utilize best-in-class network security technologies to not only protect and monitor their payment systems, but to also separate the network used for payment transactions from the rest of their network and all other information systems. Also, as the target of many dedicated attacks, organizations must employ solutions for protecting their POS systems from advanced and zero day malware threats. Sophisticated UTM appliances can offer Distributed Enterprises all of the advanced network protection they need from one easy-to-deploy offering. 12 13

Step 4 $5,000 to $500,000 fines for not being PCI compliant. How can I achieve and report on regulatory compliance? - focusonpci.com Attain regulatory compliance 14 WatchGuard s centralized logging and reporting capabilities really help us stay on top of the network, and we also use the PCI reports they generate. ~ Daniel Mullikin, Network Administrator, Shari s Restaurants In recent years, regulatory bodies have been tasked with establishing data security standards and requirements, which are designed to protect both businesses and consumers from theft, fraud, and other damages. Although these compliance standards are valuable, they can generate serious challenges for IT professionals. Security systems need regular updates to correspond with the ever-evolving compliance standards. In addition, data storage and transmission systems need to be constantly monitored for unauthorized usage and access. Organizations that fail to comply with PCI DSS, HIPAA, and other global standards, are subject to enforcement actions and fines. Businesses within the retail, healthcare, and hospitality markets are especially sensitive to regulatory compliance. Related aspects of PCI DSS, HIPAA, and other major regulatory compliance standards can be achieved leveraging UTM security appliances as they enable segmentation of network traffic and secure transfer of sensitive information between sites. Modern network visibility tools offer the ability to set alerts and automated reports on security events that are relevant to the compliance standard, including data-leakage, malware, and unauthorized user access. Maintaining clear visibility for auditing purposes is also a requirement for maintaining compliance. 15

Step 5 Being able to create a good wireless network with access points in every third room has been very cost effective for us, which is an important consideration. How can I offer guest Wi-Fi services without compromising the security of my overall network? ~ James Priory, Headmaster, Portsmouth Grammar School Secure guest Wi-Fi hotspots 16 Wireless internet access is becoming an increasingly common service offered to customers, guests, and patients. Distributed Enterprises that choose to offer guest Wi-Fi must be aware of the associated liability. Users can often jump from the guest network to the corporate network, giving them access to sensitive employee and customer data. Businesses also assume liability for any copyright infringement that results from guests illegally downloading content such as media. Organizations must balance the need for tight security, while at the same time providing a fast and seamless Wi-Fi experience for their customers, especially as the number of connected devices continues to grow. Organizations that choose to offer Wi-Fi hotspots must implement technologies and processes that adhere to data security standards, including PCI DSS and HIPAA. Wi-Fi performance is a large influencer of customer satisfaction, so all security technologies must offer line speed performance during times of peak usage. Both firewall and wireless access point technologies must allow for network segmentation, which separates guests from sensitive corporate data. Full UTM, Data Loss Prevention and Advanced Malware protection are essential in protecting the wireless network from targeted and evolving threats. 17

Step 6 of businesses actively monitor and analyze security intelligence. - pwc.com How can I monitor all network traffic and network connected devices from one single management console? Gain greater visibility 18 I look at the central dashboard every day. It is up on my screen and it gives me real-time visibility or near-time visibility to the bandwidth usage at each one of our 43 sites. ~ Daniel Mullikin, Network Administrator, Shari s Restaurants Data breaches are taking longer to catch each year. This isn t due to a lack of security, but rather a lack of visibility. Small technology environments often struggle to pinpoint every threat that enters the network, and that lack of visibility compounds as environments become larger and more distributed. Capturing log data is a step in the right direction, but that data is useless without the tools to distil out relevant security events. Organizations need the ability to monitor traffic flowing throughout the network, both at corporate headquarters and remote locations. Complete network visibility is required for both real-time and historical traffic. Traffic flowing through the network, at all locations, must be made plainly visible to the IT department. Distributed Enterprise organizations need visibility tools which translate oceans of data into actionable threat intelligence that can be utilized at the remote site and by headquarters alike. Alerts are required to notify admins of any event they deem significant. Dashboards are needed to easily identify trends and security threats. In addition to dashboards and alerts, historical reports must be maintained in order to establish baselines, which are critical in identifying abnormal network activity. 19

WatchGuard enables Distributed Enterprises to secure the network of every remote location through consistent, simple, and rapid deployment of enterprise-grade security, threat intelligence, and wireless technologies. Leveraging WatchGuard s portfolio of Firebox Unified Threat Management (UTM) appliances and Wireless Access Points, Distributed Enterprises can easily configure, deploy, and manage consistent, enterprise-grade network security and secure wireless across all remote locations without the need for technical expertise at each location. In addition to providing best-in-class, easy-to-deploy security, the company s actionable threat intelligence platform, Dimension, delivers centralized visibility across an organization s entire network. This visibility is critical for tracking and managing network health, reporting on compliance requirements, identifying and combating possible network threats, and assisting with proactive business decision-making. www.watchguard.com/distributedenterprise 2015 WatchGuard Technologies, Inc. All rights reserved. WGCE66881_111915

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback