web security | data security | security © 2010 Websense, Inc. All rights reserved. Strategy for Defense Against Web-based Advanced Persistent Threats Anand Tapikar, Regional Presales Manager
Agenda 2 ๏ Modern Threats ๏ Threat Channels ๏ Web 2.0 and outbound data loss ๏ Threat Vector ๏ Defense Strategies ๏ Unified security management ©2010 All Rights Reserved. Websense, Inc.
Phishing attacks Confidential data leaks Drive by download attacks Malware download Blended threats © 2010 Websense, Inc. All rights reserved.3 Modern threats
Threat Channels © 2010 Websense, Inc. All rights reserved.4 Corpora te Webmail Instant Messagin g Host ed Applic ations Bl og s L oc al W ea th er File Shari ng Y ou Tu be Vi de os Net worki ng Web 2.0 Sites Popular websites Web mails Instant messaging Corporate corporate laptops connected to home Broadband USB/ removable media Proxy avoidance tools
Web 2.0 and Outbound Data Loss The challenge – enable Facebook and other interactive sites, while preventing outbound data loss. Interactivity has established the Web as a primary data loss vector data loss #2 Threat to Enterprise Security - Inadvertent Exposure of Confidential Information 92% IDC
Business perimeters are fading out Remote users Cloud applications Internet enabled applications Increase use of web 2.0 Technology Lag Vulnerability exposed in common applications © 2010 Websense, Inc. All rights reserved.6 Threat vectors
Proactive rather than reactive Align security strategy to compliment the business Layered and integrated security defense Fix business processes that leads to data leaks Don’t just leave alerts open in the system drive it to closure User awareness © 2010 Websense, Inc. All rights reserved.7 Defense Strategies
8 Top 100 sites Next 1 million sitesNext 100 million sites THE DYNAMIC WEB Constantly changing content Millions of varied pages per site Legitimate sites compromised Legacy security systems obsolete Requires real-time content analysis THE KNOWN WEB Current events, regional, genre sites Less user-generated content Reputation, URL databases fairly effective THE UNKNOWN WEB Junk, personal, scam, adult, etc. Million of new sites appear daily Reputation and URL databases can’t keep up Requires real-time categorization and real-time security scanning Web Traffic
Technology available today ThreatsTechnologies/ Approach Threats from web 2.0URL filtering with Real time scanning Infected popular sitesReal time content scanning, Gateway level antivirus Blended threats SPAM and content control with backend integration with URL filter Data loss through Web, , IM, USB, print channels DLP solutions Attacks through Https (encrypted ) channels, Proxy avoidance tools SSL decryption Remote laptop connected to broadband Remote filtering solutions, Hosting URL solution New /unknown attacksIntelligence sharing, Alert monitoring, security metric reporting, user awareness
Unified security management Intelligence Sharing Web Security Data Security Security unified web and content security Single View of all the controls and logs © 2010 Websense, Inc. All rights reserved. Security Monitoring Change management as per business requirements Risk Assessments
Threats are coming from multi channels so our responses also needs to cover multiple channels Make Security control part of business recovery/continuity Don’t just leave to IT, involve business representative Have proper change management and security workflow Continuous focus on user awareness © 2010 Websense, Inc. All rights reserved.11 Summary
web security | data security | security © 2010 Websense, Inc. All rights reserved. Thank You