The risks and rewards of Social Media and Enterprise 2.0

Similar documents
APP-ID. A foundation for visibility and control in the Palo Alto Networks Security Platform

Security 2.0: Balancing Business Enablement and Information Security

Palo Alto Networks Stallion Spring Seminar -Tech Track. Peter Gustafsson, June 2010

App-ID. PALO ALTO NETWORKS: App-ID Technology Brief

1110 Cool Things Your Firewall Should Do. Extend beyond blocking network threats to protect, manage and control application traffic

Hardening the Education. with NGFW. Narongveth Yutithammanurak Business Development Manager 23 Feb 2012

A Comprehensive CyberSecurity Policy

Palo Alto Networks PAN-OS

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

BUILDING A NEXT-GENERATION FIREWALL

Next-Generation Firewall Overview

Take Back Control: Increase Security, Empower Employees, Protect the Business

Rethinking Security: The Need For A Security Delivery Platform

Future-ready security for small and mid-size enterprises

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

IBM Security Network Protection Solutions

NetDefend Firewall UTM Services

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

A Guide to Closing All Potential VDI Security Gaps

Cisco Self Defending Network

The Invisible Threat of Modern Malware Lee Gitzes, CISSP Comm Solutions Company

Go mobile. Stay in control.

Securing the Empowered Branch with Cisco Network Admission Control. September 2007

Cisco ASA Next-Generation Firewall Services

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

Getting the Most Out of Your Next-Generation Firewall

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

IBM Next Generation Intrusion Prevention System

DECRYPT SSL AND SSH TRAFFIC TO DISRUPT ATTACKER COMMUNICATIONS AND THEFT

Most Common Security Threats (cont.)

SOCIAL NETWORKING IN TODAY S BUSINESS WORLD

GET CLOUD EMPOWERED. SEE HOW THE CLOUD CAN TRANSFORM YOUR BUSINESS.

Building Resilience in a Digital Enterprise

The Top 6 WAF Essentials to Achieve Application Security Efficacy

SteelGate Overview. Manage perimeter security and network traffic to ensure operational efficiency, and optimal Quality of Service (QoS)

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

Security Gap Analysis: Aggregrated Results

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Reduce Your Network's Attack Surface

Cisco ASA 5500 Series IPS Edition for the Enterprise

IT & DATA SECURITY BREACH PREVENTION

UTM Firewall Registration & Activation Manual DFL-260/ 860. Ver 1.00 Network Security Solution

AKAMAI CLOUD SECURITY SOLUTIONS

NCIRC Security Tools NIAPC Submission Summary Juniper IDP 200

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

New methods to protect the network. Deeper visibility with Cisco NGFW Next Generation Firewall

The Credential Phishing Handbook. Why It Still Works and 4 Steps to Prevent It

Ritz Camera Leverages Whitelisting for Picture Perfect Security

with Advanced Protection

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

Thanks for attending this session on April 6 th, 2016 If you have any question, please contact Jim at

Rethinking VDI: The Role of Client-Hosted Virtual Desktops. White Paper Virtual Computer, Inc. All Rights Reserved.

Cato Cloud. Solution Brief. Software-defined and Cloud-based Secure Enterprise Network NETWORK + SECURITY IS SIMPLE AGAIN

HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS

SECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011

Cisco s Appliance-based Content Security: IronPort and Web Security

Agenda. Today s IT Challenges. Symantec s Collaborative Architecture. Symantec TM Endpoint Management Suite. Connecting Symantec Technologies Today

Business Strategy Theatre

Comparison of Firewall, Intrusion Prevention and Antivirus Technologies

10 ways to securely optimize your network. Integrate WAN acceleration with next-gen firewalls to enhance performance, security and control

Network. Arcstar Universal One

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

XenApp, XenDesktop and XenMobile Integration

PREPARE & PREVENT. The SD Comprehensive Cybersecurity Portfolio for Business Aviation

Symantec Client Security. Integrated protection for network and remote clients.

Networking Drivers & Trends

Security for the Cloud Era

Securing Your Business Against the Diversifying Targeted Attacks Leonard Sim

The Next Generation Security Platform. Domenico Stranieri Pre- Sales Engineer Palo Alto Networks EMEA Italy

Cisco Firepower NGFW. Anticipate, block, and respond to threats

NETACEA / WHITE PAPER DNS VS JAVASCRIPT

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

The Application Usage and Risk Report End User Application Trends in the Enterprise - Country Specific Findings

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

Trend Micro Guide and solution to help embrace Consumerization and BYOD. James Walker EMEA Product Marketing Manager 26 September 2012

CompTIA. SY0-401 EXAM CompTIA Security+ Certification Exam. m/ Product: Demo. For More Information:

THE ACCENTURE CYBER DEFENSE SOLUTION

Make Cloud the Most Secure Environment for Business. Seth Hammerman, Systems Engineer Mvision Cloud (formerly Skyhigh Networks)

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

BUFFERZONE Advanced Endpoint Security

Rethinking Security CLOUDSEC2016. Ian Farquhar Distinguished Sales Engineer Field Lead for the Gigamon Security Virtual Team

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

WHITEPAPER. How to secure your Post-perimeter world

Technical Overview of DirectAccess in Windows 7 and Windows Server 2008 R2. Microsoft Windows Family of Operating Systems

MX Sizing Guide. 4Gon Tel: +44 (0) Fax: +44 (0)

The Problem with Privileged Users

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

BUFFERZONE Advanced Endpoint Security

Securing Today s Mobile Workforce

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

KERIO TECHNOLOGIES KERIO WINROUTE FIREWALL 6.3 REVIEWER S GUIDE

Copyright 2011 Trend Micro Inc.

3 Ways Businesses Use Network Virtualization. A Faster Path to Improved Security, Automated IT, and App Continuity

A Unified Threat Defense: The Need for Security Convergence

Client Health Key Features Datasheet. Client Health Key Features Datasheet

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

Cloud Security: Constant Innovation

Huawei NIP2000/5000 Intrusion Prevention System

White paper. Keys to Oracle application acceleration: advances in delivery systems.

Preparing your network for the next wave of innovation

Transcription:

The risks and rewards of Social Media and Enterprise 2.0 (and why your role is so important) John Rezabek CISSP jrezabek@paloaltonetworks.com

enterprise 2.0 applications take many forms Enterprise 2.0 has arrived

user expectations of enterprise 2.0 applications

five things to know about enterprise 2.0 Risks Work Life Rewards Internet Enterprise Home Life 1. Driven by new generation of addicted Internet users smarter than you? 2. Full, unrestricted access to everything on the Internet is a right 3. They re creating a giant social system - collaboration, group knowledge 4. Not waiting around for IT support or endorsement IT is irrelevant 5. Result - a Social Enterprise full of potential risks and rewards

how will you respond to this challenge? How can I regain control of enterprise 2.0? What value do these applications provide to my business? What is my organization s risk tolerance for these applications? How can I safely enable the right applications? Where do I start?

start by understanding what s really happening Application Usage and Risk Report Findings 720 large enterprises worldwide 900+ different applications Employees have created Enterprise 2.0 Rewards Enterprises are embracing social networking apps Proven to deliver measurable value to business Risks Incoming threats are increasing Potential for data leakage is increasing Existing security infrastructure ineffective Page 6

what are the risks and rewards of these apps? Commonly Detected Enterprise 2.0 Applications youtube facebook sharepoint gmail twitter 94% 94% 91% 87% 83% webex 60% google-talk 48% 0% 20% 40% 60% 80% 100%

sharepoint reward - coca-cola Coca-Cola Enterprises Centralized platform to promote initiatives to highly distributed workforce 72,000 people in 431 facilities around the globe 30,000 SharePoint users Benefits Productivity and customer focus Companywide intranet IT transformation Effective remote teams Deskless worker access

sharepoint rewards other success stories 33% improvement in process for enhancing of 3,400 products Faster time-to-market through enhanced communications Connect users across 47 countries Immediate savings of $250,000

sharepoint risks even with multi-layer security Threats Found in Organizations Where SharePoint is Deployed SQL (19) IIS (17) SharePoint (1) ASP.net (1) 0 5 10 15 20 Critical High Medium In total, more than 220,000 SharePoint threat instances were found. More than 30% of SharePoint deployments are rogue

another reason sharepoint is hard to control Most Frequently Detected "Dynamic" Applications 100% 80% 60% 40% 83% 78% 77% 73% 60% 60% 55% 54% 51% 42% 20% 0% Sharepoint itunes MS RPC Skype BitTorrent MSN Voice Ooyla Mediafire emule Teamviewer

what should you do with sharepoint?

facebook a useful enterprise 2.0 application The most popular communications tool on planet Earth 600 million + users and growing rapidly Average user has 130 friends People spend over 500 billion minutes per month on Facebook More than 70 translations available on the site Risk - More than 550,000 active applications on Facebook Reward - More than 250,000 websites have integrated with Facebook

Social Networking: Facebook Dominates Facebook was found in 96% of enterprises Facebook consumes 80% of the total social networking bandwidth; Passive aspects of Facebook make up over 92% of Facebook traffic Active aspects are minimal

facebook rewards marketing and support Invests 25% of marketing spend on social networking apps On-line support community reduced support costs - $.25 vs. $12 per interaction Launched GTI exclusively through and other social networking applications

facebook reward virgin atlantic

facebook risks to consider Facebook-specific worms (Koobface) Delivers messages to 'friends' of a Facebook user whose computer has been infected Prompts user to download Adobe Flash update; installs trojan virus instead Obfuscated/shortened links Click here to download malware, not watch BBC video Data leakage Users often say too much and post too much Facebook applications Install an application = install a threat

facebook risk 500,000 3 rd party apps

what should you do with facebook? Balance risk and rewards Block Facebook? Allow Facebook? Other option?

beyond sharepoint and facebook What about the risks and rewards of these applications?

should all employees be allowed to tweet?

what files are employees sharing?

is it ok to bypass security controls?

Applications Are The Threat Vector US$3.8M stolen from small school district in New York State Zeus banking trojan stole credentials, enabled transfers All but US$500K recovered Increasingly, new and old threats using social networks Social network-specific (e.g., Koobface, FBAction) New life for old threats (e.g., Zeus/Zbot) Huge user populations, high degree of trust, liberal use of SSL

Social Networking: Strengths Reaching new people, deepening existing relationships Reduction in cost of sales/marketing (disintermediation) Reduction in cost of support Reduced time to collaborate

Social Networking: Weaknesses Virtually Unmanaged Today Few policies Existing policies aren t enforceable Savvy users Security models too restrictive Coarse allow/deny

Social Networking: Opportunities Evolve security policies Evolve controls Make risk management/securi ty relevant

Top 10 Social Networking Threats Social networking worms Phishing bait Trojan vector Data leaks Shortened/obfuscated links Botnet command and control It s a data source Cross-Site Request Forgery (CSRF) Impersonation Trust

Social Networking is A Hotbed of Risk Data Loss/Leakage Unauthorized employee file transfer, data sharing Network Intrusion New avenue for threats to enter the organization Image Damage Mis-treat your customers/constituents at your own peril Compliance Using unapproved applications, unaudited Operations Costs Excessive bandwidth consumption, desktop cleanup Productivity Uncontrolled, excessive use for non-work/mission related purposes

the underlying cause of the security problem Firewalls should see and control applications, users, and threats...... but they only show you ports, protocols, and IP addresses all meaningless!

What You See with Port-Based FW + Application Control Add-on Page 2011 Palo Alto Networks. Proprietary and Confidential.

What You See with a True Next-Generation Firewall

Your Control With Port-based Firewall Add-on

Existing Infrastructure Hasn t Kept Up Applications have changed Any port or random ports Evasive SSL encrypted Tunneled within other apps or protocols Users feel entitled to use any application New employees = always on, always connected

adding more stuff doesn t solve the problem Internet Complexity and cost increase Performance decreases Still no visibility or control of enterprise 2.0

Some attempts with Slow Multi-Pass Architecture UTM? IPS Policy AV Policy URL Filtering Policy IPS Signatures AV Signatures Firewall Policy HTTP Decoder IPS Decoder AV Decoder & Proxy Port/Protocol-based ID Port/Protocol-based ID Port/Protocol-based ID Port/Protocol-based ID L2/L3 Networking, HA, Config Management, Reporting L2/L3 Networking, HA, Config Management, Reporting L2/L3 Networking, HA, Config Management, Reporting L2/L3 Networking, HA, Config Management, Reporting -Based upon arcane technology -Still Can t Control Applications -Can t scale for multigig networks -increased complexity works against principals of security Page 36

intelligence and control belongs in the firewall The firewall is the right place to address the emerging security challenges It sees all traffic It defines the trust boundaries of the network It is the device that most tightly integrates with security operations It is the most pervasive product deployed

time to transition to next generation firewalls 1. Identify applications regardless of port, protocol, evasive tactic or SSL 2. Identify users regardless of IP address 3. Identify and prevent potential threats associated with all high risk applications 4. Granular policy-based control over applications, users, functionality 5. Multi-gigabit, in-line deployment with no performance degradation

solutions from industry s most visionary vendor Firewall + IPS + URL + AV + Policy + Reporting + Performance Exceeds requirements for NGFW defined by Gartner

innovations that transform the firewall App-ID Identify 1,200+ applications User-ID Identify every user by name Content-ID Scan and control all content

hardware architecture optimized for performance

total visibility into applications, users, content Filter on Skype What else is Harris using Page 42 Filter on Skype and user Harris

Your Control With a Next-Generation Firewall Only allow the apps you need Safely enable the applications relevant to your business»the ever-expanding universe of applications, services and threats Page»Traffic limited to approved business use cases based on App and User»Attack surface reduced by orders of magnitude 2011 Palo Alto Networks. Proprietary and Confidential.»Complete threat library with no blind spots Bi-directional inspection Scans inside of SSL Scans inside compressed files Scans inside proxies and tunnels

unprecedented level of enterprise 2.0 control Now you can minimize risks, maximize rewards Block bad apps to reduce attack surface Allow all application functions Allow, but only certain functions Allow, but scan to remove threats Allow, but only for certain users Allow, but only for certain time periods Decrypt where appropriate Shape (QoS) to optimize use of bandwidth and various combinations of the above

fewer policies, but greater control Very simple, yet very powerful, control of applications, users, and content

learn more about more than 1,300 applications

now you can respond to this challenge! How can I regain control of enterprise 2.0? What value do these applications provide to my business? What is my organization s risk tolerance for these applications? How can I safely enable the right applications? Where do I start?

what does your enterprise 2.0 look like? Request a free Application Visibility and Risk report Take back control of your network Make Enterprise 2.0 work for your business

Policy Gather Listen Redefine Model re-think or refine Recommendations Blindly blocking is somewhat draconian; blindly allowing is a CLM Safe enablement is your new mantra Controls Visibility and control of applications, users, and content is key Allow, but controls are critical

Conclusions Social networking and social media applications are here to stay High use, High risk, high reward Applications and users are adept at circumventing controls Changes in network security required can t blindly allow, can t blindly block. Need safe enablement Can t Do Security 1.0 in Enterprise 2.0 World Existing controls inadequate Adding more appliances isn t the answer Next-Generation Firewalls Can Help Identify and control applications, users, content Safe enablement: no more flashlights and whack-a-mole

About Palo Alto Networks Palo Alto Networks is the Network Security Company Founded in 2005 by security visionary Nir Zuk Next-generation firewalls that identify / control 1,300+ applications Innovations: App-ID, User-ID, Content-ID 4,500+ customers in 60+ countries, 24/7 support Most Visionary in Gartner 2010 Enterprise Firewall MQ Fastest growing firewall vendor in the world

thank you!

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback