ITSS 2015: Encryption Edward Carter, Manager, Architecture and Response Stephen Hoffer, Senior Information Security Analyst Haley Baker, Associate Information.

Slides:



Advertisements
Similar presentations
Driving Factors Security Risk Mgt Controls Compliance.
Advertisements

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
A dialogue with FMUG: Sensitive Data & Filemaker MIT Policy and Data Classifications ** DRAFT ** Guidelines Feedback and Discussion Tim McGovern 2 June.
Information Systems Services Protecting Data – Keeping Safe Kevin Darley, IT Security Co-ordinator 8 th November 2012.
Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
Security Controls – What Works
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Data Encryption Overview South Seas Corporation Jared Owensby.
Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,
SEC316: BitLocker™ Drive Encryption
Security Management Practices Keith A. Watson, CISSP CERIAS.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Steps to Compliance: Electronic Devices Overview PRESENTED BY.
Copyright © 2015 Pearson Education, Inc. Confidentiality and Privacy Controls Chapter
Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.
ENCRYPTION Coffee Hour for August HISTORY OF ENCRYPTION Scytale Ciphers – paper wrapped around rod, receiver needed same size rod to get the message.
Security SIG August 19, 2010 Justin C. Klein Keane
New Data Regulation Law 201 CMR TJX Video.
SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Obtaining, Storing and Using Confidential Data October 2, 2014 Georgia Department of Audits and Accounts.
Easy Encryption: OS X and Windows 2K/Xp Shawn Sines OARTech August 8, 2007.
Auditing Logical Access in a Network Environment Presented By, Eric Booker and Mark Ren New York State Comptroller’s Office Network Security Unit.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Information Security Principles Supervised By Ms. Eman El Ajramy Presented by Moamer.T.Sawafiri Steps To Secure Your Data.
Information Security Technological Security Implementation and Privacy Protection.
Jim McLeod MyDBA  SQL Server Performance Tuning Consultant with MyDBA  Microsoft Certified Trainer with SQLskills Australia 
Introduction to Information and Computer Science Security Lecture b This material (Comp4_Unit8b) was developed by Oregon Health and Science University,
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Security Architecture
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography.
Patient Data Security and Privacy Lecture # 7 PHCL 498 Amar Hijazi, Majed Alameel, Mona AlMehaid.
Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,
Javier Salido, CIPP Sr. Program Manager Trustworthy Computing Group Microsoft Corporation SESSION CODE: SIA337.
Information Systems Security
E.Soundararajan R.Baskaran & M.Sai Baba Indira Gandhi Centre for Atomic Research, Kalpakkam.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
Chapter 2 Securing Network Server and User Workstations.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
STANFORD UNIVERSITY INFORMATION TECHNOLOGY SERVICES 1 The Technical Services Stuff in IT Services A brief tour of the technical and service offering plethora.
Quality of Information System (IS) reflecting local correctness and reliability of the operating system; the logical completeness of the hardware and software.
How Not to Have Your Research Stolen or Corrupted Security Best Practices and Resources at Brandeis Melanie Radik and Raphael Fennimore Library & Technology.
© ITT Educational Services, Inc. All rights reserved. IS3230 Access Security Unit 6 Implementing Infrastructure Controls.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 10: Planning and Managing IP Security.
Lecture 29 Information Security
Creating and Managing Digital Certificates Chapter Eleven.
Managing Applications, Services, Folders, and Libraries Lesson 4.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
Security SIG August 19, 2010 Justin C. Klein Keane
Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
©Richard L. Goldman Public Key Policies for Windows 2000 ©Richard Goldman December 5, 2001.
Encryption Name : Maryam Mohammed Alshami ID:H
What is BitLocker and How Does It Work? Steve Lamb IT Pro Evangelist, Microsoft Ltd
© ExplorNet’s Centers for Quality Teaching and Learning 1 Explain the importance of security and encryption. Objective Course Weight 2%
Company Proprietary and Confidential Texas Association of Community Health Centers - Proprietary and Confidential Fourth and Goal: Score with Meaningful.
What is YOUR Data Worth???. “Just because you're paranoid doesn't mean they aren't after you.” Joseph Heller, Catch-22.
PGP Desktop (Client only) By: Courtney Wirtz & Vincent Verner.
Network Security Overview
Dial-In Number: (562) Webinar ID: Encrypt It Huh? What are you talking about? Dial-In Number: Webinar ID:
UNM Encryption Services in Development
Security Issues in Information Technology
Encryption in Office 365 Shobhit Sahay Technical Product Manager
IS4680 Security Auditing for Compliance
Presentation transcript:

ITSS 2015: Encryption Edward Carter, Manager, Architecture and Response Stephen Hoffer, Senior Information Security Analyst Haley Baker, Associate Information Security Analyst Ohio University

Information Security Goals C-I-A Triad Confidentiality Keep private information protected from unauthorized access Encryption Integrity Ensure information is protected from unauthorized changes Hashing Availability Ensure information is accessible to authorized entities

What is encryption? Encryption: Transform data to keep it secret from unauthorized parties Asymmetric-key, symmetric-key Encoding: Transform data so it can be used by a different system Base64, ASCII, EBCDIC, Unicode Hashing: Transform data to ensure the message contents haven’t changed MD5, SHA1, RIPEMD

Why do we encrypt? Protect data At rest: Data stored on media (USB drive, disk, tape, etc.) In transit: Communications over a network between systems Regulations/Compliance HIPAA/HITECH (health-care industry) FERPA (education) PCI-DSS (payment-card industry) PII (personally identifiable information) Auditors Personal choice Policy

Ohio University Policy : Data Classification “This policy establishes that all information assets will be classified according to their confidentiality, integrity and availability. This policy sets forth procedures based on those classifications so that the University can protect each asset in an appropriate manner.” (emphasis added)

Where is it used? Application layer SSH S/MIME TDE Adobe Microsoft Office Identity Finder “Network” layers SSL/TLS IPSec/L2TP PPTP

Where is it used? Volume-based (disk) BitLocker FileVault VeraCrypt/CipherShed dm-crypt File-based (disk) EFS PGP/GPG

How do we encrypt disks? Operating System “built-in” BitLocker EFS FileVault Open Source Veracrypt/CipherShed GPG dm-crypt Commercial Symantec EndPoint Encryption (PGP) Sophos SafeGuard TrendMicro EndPoint Encryption

Windows Bitlocker / BitlockerToGo Windows 7 (Ent/Ult), Windows 8/8.1/10 (Pro/Ent), Server Bitlocker cmdlets in PS Diskpart.exe Disk Management MMC

Mac OSX FileVault / FileVault2

Linux Dm-crypt

What about the keys? Bitlocker Key-Management MBAM ( Microsoft BitLocker Administration and Monitoring ) Recovery Key Store in AD or file GPO change required

What about the keys? FileVault2 Casper Cauliflower Vest Crypt Institutional Recovery Key ( Commercial Applications Sophos Safeguard, TrendMicro, WinMagic (all support key escrow in Windows and Mac OS X) Network-share encryption (PGP)

Encrypting is all good, isn’t it? Benefits Many breach laws include “Safe Harbor" provision Lost/stolen devices Limitations Key management Conversion can be difficult Not a panacea Data in memory is unencrypted Malware can still access those data Entire drive may not be encrypted Cold-boot attack Corruption – Please backup your data Please backup your data

Questions? Please back up your data BEFORE encrypting it Please perform regular backups of your data Please test the restoration of the backup OIT Security Office Contact/Incident Reporting SAFE (7233)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.