Customer confidential 1 Privilege Management Sean Moore Solutions Specialist.

Slides:



Advertisements
Similar presentations
InterScan AppletTrap Zhang Hong Trend Micro, AppletTrap Team (Nanjing)
Advertisements

BalaBit Shell Control Box
Remote Desktop Services
Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
ISV Partner Alliance Value Policy Policy Management for Microsoft® System Center.
Avaya – Proprietary. Use pursuant to the terms of your signed agreement or Company policy. idEngines® Avaya Identity Engines And Mobile Device Management.
The Most Analytical and Comprehensive Defense Network in a Box.
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
Validata Release Coordinator Accelerated application delivery through automated end-to-end release management.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Net Optics Virtualization Solutions Deployment Case Study Intelligent Access and Monitoring Architecture Solutions.
Lexmark Print Management
Centrix Software Application discovery and management 8 November 2012 Richard Pegden Director of Product Marketing.
© 2012 Lathrop & Gage LLP ILTA SOS Webinar: Remove Administrator Rights and Secure a Law Firm’s Greatest Asset- Its Reputation Sean M. Power Chief Information.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
Solution Briefing Business Productivity in Action Keynote.
Website Hardening HUIT IT Security | Sep
Course 201 – Administration, Content Inspection and SSL VPN
Microsoft ® Official Course Module 9 Configuring Applications.
IT-Partners Limited © 2011 IT Partners Limited Y OUR IT SOLUTION P ARTNERS Managing Director Confidential Data Loss Prevention Sunny Ho 1.
Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
CredoGov VDI Introduction James Gunn
NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
(2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers Image from this Site Presenters: Aron Eisold, Matt Mickelson, Bryce Nelson,
[Name / Title] [Date] Effective Threat Protection Strategies.
Microsoft Installer Technologies and patch management approaches.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
User Manager Pro Suite Taking Control of Your Systems Joe Vachon Sales Engineer November 8, 2007.
Module 7: Fundamentals of Administering Windows Server 2008.
A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.
Compatibility and Interoperability Requirements
HIPS Host-Based Intrusion Prevention System By Ali Adlavaran & Mahdi Mohamad Pour (M.A. Team) Life’s Live in Code Life.
© Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Centralized Security Management with Cyberoam Central.
Module 5: Configuring Internet Explorer and Supporting Applications.
SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.
Section 11: Implementing Software Restriction Policies and AppLocker What Is a Software Restriction Policy? Creating a Software Restriction Policy Using.
© Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Centralized Security Management with Cyberoam Central.
Troubleshooting Security Issues Lesson 6. Skills Matrix Technology SkillObjective Domain SkillDomain # Monitoring and Troubleshooting with Event Viewer.
Nexthink V5 Demo Security – Malicious Anomaly. Situation › Avoid damage resulting from the incident itself and the cost of the unplanned response › Protection.
RST Labs Sandboxing Mobile Code Execution Environments Timothy Hollebeek.
Paul Cooke - CISSP Director Microsoft Session Code: CLI322.
1 Computer Maintenance Software Configuration: Evaluating Software Packages, Software Licensing, and Computer Protection through the Installation and Maintenance.
BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.
Microsoft Desktop Virtualization Kiran N R Optimized Desktop – TSP Microsoft Corporation.
User and Device Management
(2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers Image from this Site Presenters: Aron Eisold, Matt Mickelson, Bryce Nelson,
Copyright © New Signature Who we are: Focused on consistently delivering great customer experiences. What we do: We help you transform your business.
Building a Sound Security and Compliance Environment for Dynamics AX Frank Vukovits Dennis Christiansen Fastpath, Inc.
By: Matt Winkeler.  PCI – Payment Card Industry  DSS – Data Security Standard  PAN – Primary Account Number.
1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.
Taking on Tomorrow's Challenges Today Taking on Tomorrow's Challenges Today Almost every organisation has been attacked …. But most don’t know about it!
Advanced Endpoint Security Data Connectors-Charlotte January 2016
Your Partner for Superior Cybersecurity
Application Communities
Six Steps to Secure Access for Privileged Insiders and Vendors
Accenture Proprietary, All Rights Reserved, Not for Distribution
The Game has Changed… Ready or Not! Andrew Willetts Technologies, Inc.
HARDENING CLIENT COMPUTERS
Six Steps to Secure Access for Privileged Insiders and Vendors
Virtualization & Security real solutions
By: Tekeste Berhan Habtu Chief Executive Officer Venue: African Union
Check Point Connectra NGX R60
Building an Integrated Security System Microsoft Forefront code name “Stirling” Ravi Sankar Technology Evangelist | Microsoft
Optimizing Your Software Licensing Investment Senior Managing Analyst
NSX Data Center for Security
Comodo Dome Data Protection
OSL150 – Get Hands on with Ivanti Endpoint Security
Cybriant Partner Partner Program White Label Materials
Presentation transcript:

Customer confidential 1 Privilege Management Sean Moore Solutions Specialist

Customer confidential 2 2 AGENDA AppSense Privilege Management Demo Q & A Trusted Installers Application Admin Rights Discovery Web and Application Installation Application NAC License Management Selective Elevation Auditing Customer Challenges Business Value

Customer confidential 3 Customer Challenges Increased risk Lack of productivity High costs 24% higher cost (Gartner) Higher support cost Application compatibility Over licensing situations 24% higher cost (Gartner) Higher support cost Application compatibility Over licensing situations 97% higher risk (Verizon) Higher malware infection Overuse of admin rights Auditing/Compliance 97% higher risk (Verizon) Higher malware infection Overuse of admin rights Auditing/Compliance Limit users ability to change Inability to perform necessary actions Balance risk vs reward Limit users ability to change Inability to perform necessary actions Balance risk vs reward Source: Gartner, ID G ebk_en_xg.pdf

Customer confidential 4 Business Value of Privilege Management Simple business case:  Up to 24% reduction in TCO  97% improvement in risk avoidance  Net increase in productivity Source: Gartner, ID G ebk_en_xg.pdf So why does the graph rise again with higher cost the more you lockdown?

Customer confidential 5 Privilege Management Control application access and reduce license requirements Reduce risk and eliminate misuse of user privilege Lower desktop support costs by up to 24% Gartner: Save $1,278 per desktop per year* Meet regulatory compliance and governance requirements Benefit Identify applications requiring admin privileges Block malicious code from execution Central control of all privileges Manage device access and licensing Auditing/Reporting Capabilities

Customer confidential 6 Trusted Application Execution Explicitly allow or block applications Prevent unproductive desktop usage Block untrusted code/malware Java, Scripts, ActiveX and executables Requirement Static Application executable Trusted vendor (Signing cert) Hash and signature Path variables Time of day/schedule Dynamic Trusted Ownership Capabilities

Customer confidential 7 Application Admin Rights Discovery Provide IT insight into which applications require admin rights Policy Control to remove admin rights without causing disruption Allow apps to run without compromising least privilege Requirement Detect which applications require admin privileges Passive detection and reporting Analyze application data from multiple endpoints Convert discovery to rules Capabilities

Customer confidential 8 Web and Application Installation Users need to install web apps and regular apps: Web Conferencing, Adobe, Flash, Silverlight Anything from a particular trusted vendor Requirement Selectively allow approved applications to be installed Leverage prebuilt “snippets” Minimize app re-packaging and update costs Installation from network share Capabilities

Customer confidential Demo

Customer confidential 10 Application Network Access Control Control and limit 3 rd party contractors on site network access Report on access, by who, from what device & location Requirement Provides control based on user, not on PC based firewall Delivers per application control Regulatory compliance auditing of user access Limit what areas of the network a user or application can access Capabilities

Customer confidential 11 License Enforcement by Device Applications delivered via XenApp/RDSH require a license for every device that can potentially access the server Reduce over-licensing situations Control devices authorized to use the applicat ion Requirement Recognized by Microsoft® for enforcing device based licensing Application access defined by which devices are permitted Comply with licensing agreement based on number of devices Capabilities

Customer confidential Another Demo

Customer confidential 13 Selective Elevation Application requires elevation to run User requires elevation to access control panel applet Need to allow users to “self-elevate” with auditing Challenge / Response for users Requirement Remediate application compatibility issues – cannot run as “user” Transparently allow users to run as admin for selected capabilities Control child processes Real time User code to elevate Capabilities

Customer confidential 14 Auditing Monitor before enforcement begins Report on compliance once enforced Discover applications that require elevation Requirement Understand who is doing what in the environment Understand and monitor users before rule implementation Log activity for compliance audits Understand application operation functionality Capabilities

Customer confidential Yet Another Demo

Customer confidential 16 AppSense - Privilege Management  Maintain environment in desired state  Increased visibility into application landscape  Enforce licensing, ensure compliance  Reduces support calls  User acceptance

Customer confidential Thank you

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.