(Presented by Eric Nobel)

Slides:



Advertisements
Similar presentations
IT Asset Management Status Update 02/15/ Agenda What is Asset Management and What It Is Not Scope of Asset Management Status of Key Efforts Associated.
Advertisements

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
Which server is right for you? Get in Contact with us
0-1 Team # Status Report (1 of 4) Client Contact –Point 1 –Point 2 Team Meetings –Point 1 –Point 2 Team Organization –Point 1 –Point 2 Team #: Team Name.
0-1 Team # Status Report (1 of 4) Client Contact –Status Point 1 –Status Point 2 Team Meetings –Status Point 1 –Status Point 2 Team Organization –Description.
Managing BYOD Legal IT’s Next Great Challenge. Agenda  The BYOD Trend – benefits and risks  Best practices for managing mobile device usage  Overview.
Website Hardening HUIT IT Security | Sep
Will you need your umbrella?.  Objective: Explain the Cloud In business terms, so you can see if it will benefit you.  Agenda: 12:00 – Welcome and Introductions.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
11 SECURITY TEMPLATES AND PLANNING Chapter 7. Chapter 7: SECURITY TEMPLATES AND PLANNING2 OVERVIEW  Understand the uses of security templates  Explain.
Microsoft and Community Tour 2011 – Infrastrutture in evoluzione Community Tour 2011 Infrastrutture in evoluzione.
OCTAVE-S on TradeSolution Inc.. Introduction Phase 1: Critical Assets and threats Phase 2: Critical IT Components Phase 3: Changes Required in current.
DC-B312 BitLocker Improvements in Windows 8 MBAM 2.0 Investment Areas and Key New Features Deploying MBAM 2.0MBAM 2.0 End User Experience.
Information Technology at Emory Information Technology Division Technical Services IT Briefing Agenda 8/19/04 SW Distribution Update CSD Updates –iCommand.
Company small business cloud solution Client UNIVERSITY OF BEDFORDSHIRE.
IT Support Packs. CUSTOMER SEGMENT IT Service Desk teams who provide internal and external support to traditional systems including desktops, laptops.
INNOVATE THROUGH MOTIVATION MSP Services Overview KEVIN KIRKPATRICK – OWNER, MSP INC LOGO.

There are two common types of VPS  Managed VPS  unmanaged VPS.  In the managed VPS vender is responsible for all over the maintenance of server means.
Virtual Private Network (VPN)
HUB International: Software & Common Applications
Managed Desktop Andrea Beesing April 5, 2016.
Prof. Jong-Moon Chung’s Lecture Notes at Yonsei University
UNM Encryption Services in Development
Printing (Net-Print) Joanne Button August 23rd 2016.
IT Service Management Suite
Network Service Laurie Collinsworth 10/18/2016.
SharePoint Online (Office 365)
Telephone Service Andrea Beesing November 15, 2016.
PCI Compliance Service
Web and Video Conferencing
Andrea Beesing September 6, 2016
Enterprise Content Management
Video Streaming and Hosting
IT Service Desk Service
Digital Signage M Scott Walters 4 Oct 2016.
Domain Name Service (DNS) Network Registry
Course Management System (Blackboard)
Scanning and Digitizing
Mobile Device Encryption
Wi-Fi Network Service Laurie Collinsworth 10/18/2016.
Backup, Archive & Recovery
Electronic Lab Notebook (LabArchives)
Managed Server Service
Antivirus Service Rob Bandler May 17, 2016.
Plagiarism Detection (Turnitin)
Classroom Polling Service (i>clicker)
Confluence Wiki Vicky Mikula July 26th 2016.
Event Technical Support
Online Training (Lynda.com)
Lecture Capture Service (Panopto)
Password Escrow Service
Data Center Service Brian Messenger 11/15/2016.
Service Owner: Andrea Beesing 9 February 2016
Antiphishing & Verified Communications
Cloudification Sarah Christen 1/26/2016.
Microsoft SharePoint Server 2016
Objectives Differentiate between the different editions of Windows Server 2003 Explain Windows Server 2003 network models and server roles Identify concepts.
Document Storage and Collaboration
Infrastructure, Data Center & Managed Services
Unisecure Data Centers Has Extended Support For Data Backup and Storage. Philadelphia, US, 4th September 2018 | Unisecure is one of the Data Center Solutions.
I have many checklists: how do I get started with cyber security?
SharePoint On Premises
CHANGE MANAGEMENT FOR WINDOWS OS
Data Security for Microsoft Azure
Increase and Improve your PC management with Windows Intune
Agenda The current Windows XP and Windows XP Desktop situation
AEP Retirement and updates in reselling Academic licensing
John Taylor, Deputy CISO Martin Myers, IT Architect
Presentation transcript:

(Presented by Eric Nobel) Disk & File Encryption Rob Bandler 21 June 2016 (Presented by Eric Nobel)

Agenda Introductions Service Description Value Proposition Metrics Costs Security More Information Q&A

Introductions Service owner: Rob Bandler Service manager: Eric Nobel Other service delivery team members: Meryl Bursic Lillian Isacks Tim Bradish, Tom Horton, Glenn Larratt Kris Barth, Pete Caforio (Desktop Engineering)

Service Description Service name: Disk & File Encryption Product(s): Windows devices: Microsoft BitLocker Administration and Monitoring (MBAM) via Configuration Manager 2012 (CM2012) or standalone BitLocker Macintosh devices: FileVault2 via Casper or standalone FileVault2 Pretty Good Privacy (PGP) (sunsets October 2016) Brief text description: Disk and file encryption is available to all faculty, staff, and students at no cost for both major platforms (Windows and Macintosh) and both institutionally- and personally-owned devices. Encryption is the process of scrambling data to make it unreadable to anyone who does not possess the proper key Available to: MBAM – CM2012 subscribers only via their Technical Support Provider (TSP) FileVault2 via Casper – Casper subscribers only via their TSP MBAM, BitLocker and FileVault2 (standalone) - all Faculty, Staff, TSPs, and Students Fee? No Service tier: One

Value Proposition Value proposition Customer impact Key benefits Mitigates risk of unauthorized data access in the event of asset loss Campus site license for MBAM – no additional fee Native/free solutions for non-Cornell owned &/or non-managed/personally owned devices Customer impact Little to no impact on functionality Improved security of data Key benefits Saving institutional money & improved data security in the event of asset loss Provides compliance with Cornell University Policy 5.10 “Information Security” Ease of use, reliability, and maintainability will be vastly better with the native solutions Flexible models for standalone, managed, or unmanaged devices

Metrics FY16 Q3 FY 16 Q3 Metrics User/Unit* 2,965 Service & Support Hours 58 Customer Contacts (questions, requests, etc…) 6 Availability 100% Changes (upgrades, patches, etc.) 2 600 - Casper/FileVault2 (now @ 639) 956 - CM/MBAM (now there are 925 fully encrypted) = 1556 1409 – PGP (376 unique users and 442 unique host names/devices) Q3 total = 2965 MBAM server reports 1462 devices, 1295 of which are Compliant with deployed policies the primary reasons for non-compliant are: “System Partition not available or large enough” and “Unable to find compatible TPM” CURRENT TOTOAL DEVICES ENCRYPTED ACROSS ALL PRODUCTS = 3301 * NOTE: User/Unit = devices encrypted with PGP or BitLocker

Current Costs Cost to deliver the current service: FY 16 Total Cost $64,156 Hardware & Software $16,091 Labor $42,233 Staff Support $2,916 Administrative Overhead $21.63 per encrypted device Cost per device: $21.63 Fee for service: No

Future Costs Cost to deliver the service: Cost per device: $16.41 FY 17 Estimated Cost $48,657 Hardware $2,000 Labor $42,233 Staff Support $2,212 Administrative Overhead $16.41 per encrypted device Cost / device continues to go down as more user get onboard with the central encryption services $14.74 per encrypted device based on current number of encrypted devices and estimated costs….will continue to change.... Cost per device: $16.41 Fee for service: No

Security What risks does use of the service mitigate? Financial loss Reputational harm Information security and data loss How does the service mitigate risks? Secure/consistent default Group Policy Object (GPO) configuration provided Makes data access by outsiders virtually impossible in the event of asset loss

More Information Service web page: Service level expectations: http://www.it.cornell.edu/services/bitlocker/ http://www.it.cornell.edu/services/filevault/ http://www.it.cornell.edu/services/pgp/ Start here: http://www.it.cornell.edu/services/ and click on “Security” Service level expectations: https://www.it.cornell.edu/services/sle.cfm?doc=73 Service catalog entry: https://catalog.it.cornell.edu/admin/21 Service quarterly report: http://cio.cornell.edu/resources/it-reports-documents-and-presentations/itcornell-quarterly-metrics/disk-and-file

More Information

Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.