George L. Heron Technology Officer, SafeNet, Inc..

Slides:

Advertisements

Similar presentations

Encrypting Wireless Data with VPN Techniques

Advertisements

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.

Supporting The Mobile Client: Expanding Our Borders John Guidone Manager, Desktop Technologies and Dawn E. Colonese Manager, Help Desk & Client Access.

Chapter 10. Understand the importance of establishing a health care organization-wide security program. Identify significant threats—internal, external,

1 Intel / Shiva VPN Solutions Stephen Wong System Engineer.

Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

1 MIS 2000 Class 22 System Security Update: Winter 2015.

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program or UCSF Campus VPN.

Virtual Private Networks and IPSec

Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.

IS Network and Telecommunications Risks

FIT3105 Smart card based authentication and identity management Lecture 4.

Data Encryption Overview South Seas Corporation Jared Owensby.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Business Data Communications, Fourth Edition Chapter 10: Network Security.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.

Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Smart Card Deployment David Gautrey IT Manager – Microsoft New Zealaand Microsoft Corporation.

Copyright Microsoft Corp Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.

Information Security Information Technology and Computing Services Information Technology and Computing Services

Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.

OV Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.

1 Chapter 8 Securing Information Systems. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Chapter 2 Information Security Overview The Executive Guide to Information Security manual.

RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.

Securing Information Systems

Computer Networks NYUS FCSIT Spring 2008 Milos STOLIC, Bs.C. Teaching Assistant

Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

PROJECT PAPER ON BLUEFIRE MOBILE SECURITY. BY PONNURU VENKATA DINESH KUMAR STUDENT ID # A0815 PROFESSOR – VICKY HSU CS-426.

Security Chapter 8 Objectives Societal impact of information and information technology –Explain the meaning of terms related to computer security and.

© NeoAccel, Inc. TWO FACTOR AUTHENTICATION Corporate Presentation.

1.1 System Performance Security Module 1 Version 5.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 3: VPN and Encryption Technology.

70-411: Administering Windows Server 2012

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

Www. engineersportal.in. OUTLINES Network & Network Security Need of Network Security Methods of Network Security Firewall Firewall’s Works Firewall’s.

1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.

©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Network Access Technology: Secure Remote Access S Prasanna Bhaskaran.

Virtual Private Network (VPN) Topics Discussion What is a VPN? What is a VPN?  Types of VPN  Why we use VPN?  Disadvantage of VPN  Types of.

Dominick Bennese, Jyl Mangooni, Steve Lorson GROUP 5.

Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.

Ch9QQ T F 1.Hacking is an example of unauthorized access. T F 2.A Trojan horse is a type of malware that masquerades as another type of program. T F 3.A.

1 Class 15 System Security. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access,

Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.

11 SECURING NETWORK COMMUNICATION Chapter 9. Chapter 9: SECURING NETWORK COMMUNICATION2 OVERVIEW  List the major threats to network communications. 

Internet Security and Authentication Issues (for a Machine with a Fruit on the Front) Rodney Thayer.

1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.

Last Minute Security Compliance - Tips for Those Just Starting 10 th National HIPAA Summit April 7, 2005 Chris Apgar, CISSP – President Apgar &

Potential vulnerabilities of IPsec-based VPN

Texas Technology Forum The Future of Mobile Technology Trends and Issues July 16, 2009.

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

Chapter 14 Network Encryption

Virtual Private Network (VPN)

©2001 Check Point Software Technologies Ltd. - Proprietary & Confidential outline What is a VPN? What is a VPN?  Types of VPN.

CPT 123 Internet Skills Class Notes Internet Security Session B.

Deploying Mobility Securely. The Risks It’s just my calendar! Theft and loss Personal device ownership Malicious software Cracking and hacking.

VPN. CONFIDENTIAL Agenda Introduction Types of VPN What are VPN Tokens Types of VPN Tokens RSA How tokens Work How does a user login to VPN using VPN.

BYOD: An IT Security Perspective. What is BYOD? Bring your own device - refers to the policy of permitting employees to bring personally owned mobile.

©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. Securing Your Data in Endpoint and Mobile Environments Frank Suijten Security.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

Joe Knight’s Company VPN Policy. What is VPN? Virtual Private Network (VPN) will allow you all as users to remote into the network from home or anywhere.

Internet security for the home Paul Norton MEng(Hons) MIEE Electronic engineer working for Pascall Electronics Ltd. on the Isle of Wight A talk on Internet.

Presentation transcript:

George L. Heron Technology Officer, SafeNet, Inc.

Planet PDA Spring 2003 Abstract This presentation will cover: >Proper and workable approaches for dealing with wireless security >Techniques for securing a wireless device >Available and effective security technologies >The #1 vulnerability with wireless devices (and #2, #3,...)

Planet PDA Spring 2003 “Holy Smokes … where’s my PDA?!” It has happened to everyone. If your PDA is lost or stolen: >personal information is exposed >your latest data entries are lost >and if tied into your corporate enterprise... your entire network security is compromised!

Planet PDA Spring 2003 The Need for Wireless Security

Planet PDA Spring 2003 Security Risks Physical >Loss or theft  hacker accesses data files, keys Visual >Nosy neighbors on planes, trains & automobiles Electronic >Packet sniffers on Internet >Weak or no encryption >Weak or no authentication (simple passwords) > sniffer out in corporate office parking lot

Planet PDA Spring 2003 What’s an IT Manager to Do? >Recognize the problems >Get regular notifications of threats >Study the technologies, alternatives, vendors >Stay current with OS service packs & app updates >Allocate appropriate budget >Purchase appropriate software & licenses >Limit corporate PDA purchases to specific list >Develop procedures & policies for remote usage >Train the corporate population >Develop written policies for remote access >Consider a managed service

Planet PDA Spring 2003 Specifics, Please! >Enforce use of solid passwords >Utilize built-in security mechanisms >Provide immutable forced policies >Use standard & well-maintained antivirus programs >Use file encryption for internal data, folders, etc. >Provide “device access control” – smart card, token >Enforce use of encrypted connections, VPN tunnels! >Provide and maintain a good firewall

Planet PDA Spring 2003 Electronic Security Mechanisms Protocol >IPSec is the best, WEP, SSL Keys >768-bit, 1024-bit most common >RSA signatures most common, ECC >Preshared secrets today, public keys tomorrow Encrypting Algorithms >TDES most common, AES coming Authentication >2-Factor (RSA SecurID), Certificates, PINs >Biometrics

Planet PDA Spring 2003 Getting Security Policy to All Corporate Users

Planet PDA Spring 2003 Wireless Phones, PDAs, Laptops are All Network Devices

Planet PDA Spring 2003 Intelligence Agency Technical ExpertHacker Top 10 Remote Security Risks Risk 1: PDA “local data” storage is exposed (contacts and messages) Risk 2: Clear transmission of application data Risk 3: PDA user data access via desk stand Risk 4: PDA “applications” access via desk stand (Trojan Horse) Risk 5: PDA Device to PDA Device communications are not encrypted (RIM)

Planet PDA Spring 2003 Intelligence Agency Technical ExpertHacker Top 10 Remote Security Risks Risk 6: Risk 7: No Authentication for device or network access Risk 8: Device Encryption Keys Risk 9: User applications are not secured (insertion of Trojan Horse) Risk 10: Human factors

Planet PDA Spring 2003 Secure ALL communications between the remote user and the corporate LAN Three Points of Wireless Vulnerability

Planet PDA Spring 2003 Examples of Wireless Security Products What can IT managers do to strengthen the corporate (remote) network? Software >Security in Software Hardware >Security in Silicon Accessories >Security in Add-on Devices

Planet PDA Spring 2003 VPN Client Use in PDAs, phones and laptops >Use a VPN software client that offers secure client- to-gateway communication over wireless networks >Use a product that is interoperable, with many different gateways

Planet PDA Spring 2003 VPN: Simple, Cost-Effective Use the Internet to establish secure links via >Authentication >Encryption >Secure tunneling to access business partners, branch offices, and telecommuters

Planet PDA Spring 2003 Hardware Security

Planet PDA Spring 2003 Security Embedded in Silicon Embedded security includes all relevant cryptographic functionality in hardware form as well as a full-featured software library that runs on the processors on chip. Full functionality includes: >Encryption Engines: DES/3DES, ARC4, AES >Hash Engines: SHA-1, MD5, RIPEMD-128/160 >IPSec Packet Engine >Public Key Accelerator >RSA, DSA Digital Signatures >Entropy-based True Random Number Generator (RNG) 2.5G and 3G device manufacturers, wireless service providers, and wireless application providers, in using embedded silicon, provide accessibility to all cryptographic functionality in any combination of hardware and software.

Planet PDA Spring 2003 Smart Card Readers Secure Tokens Device Access Control allows only YOU to power up the device and/or use the select applications CARD ACCESS CONTROL

Planet PDA Spring 2003 Protecting the Platform DEVICE SECURITY  PIN & Biometric access control  File-based encryption  Unchangeable VPN policies  Application-level controls  Time-of-day access granularity

Planet PDA Spring 2003 Summary >Assess your risk >Protect the data on the remote phone, PDA, laptop >Protect the network with a VPN >Establish and enforce security policies and procedures >Stay current with all new security threats If you take basic precautions and use the techniques outlined here you CAN be safe in a wireless world!

Planet PDA Spring 2003 Presented by: G eorge L. H eron T echnology O fficer S afe N et, I nc C orporate D rive B altimore, MD W ebsite: T elephone: F ax: E mail: