Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security for Mere Mortals Steve Lamb Technical Security Advisor Microsoft Ltd.

Published byColeen Holt Modified over 8 years ago

Similar presentations

Presentation on theme: "Security for Mere Mortals Steve Lamb Technical Security Advisor Microsoft Ltd."— Presentation transcript:

1 Security for Mere Mortals Steve Lamb http://blogs.msdn.com/steve_lamb Technical Security Advisor Microsoft Ltd

2 Microsoft Technical Roadshow 2005 2-days of in-depth technology information Birmingham – 24-25 May Harrogate – 1-2 June London – 7-8 June Register now at: www.microsoft.com/uk/techroadshow

3 Ground Rules for this Session It’s YOUR session based on your requests Interaction WILL BE rewarded Don’t be Shy There are NO STUPID questions We’re all friends here!

4 “You don’t put brakes on a car to go slower – you put them on to go faster more safely” User education is key As are processes and procedures Mis-configured systems are a major threat

5 “Good Security enables business to do more with less risk” Hold off the Rocket Science Apply Technology to Support the Business Policy Learn how the business works Don’t get in the way!

6 Keep It Simple Stupid!

7 Why Security Policies Fail!

8 Get a decent POLICY First! Forget the Rocket Science Start with a mandate from the top Define a realistic policy based on how users actually work! Keep it up to date Communicate it Why? Punish Offenders

9

10 Phishing

11 ISA – Application Layer Firewalling Currently – most firewalls check only basic packet information Real world equivalent of looking at the number and destination of a bus – and not looking at the passengers

12 XP SP2

13 Windows Firewall Basic behavior Outbound TCP Response from target IP only Outbound UDP Response from any IP; closed after 90 seconds of inactivity Outbound b’cast and m’cast Open for 3 seconds to permit reponse from same subnet only Unsolicited for apps Application must be on exception list Unsolicited for services Port must be statically opened Unsolicited RPC Firewall must be configured to permit inbound RPC

14 Internet Explorer Managing pop-ups

15 Internet Explorer Pre-SP2 IE ActiveX warning

16 Internet Explorer New IE ActiveX notice

17 Training and Awareness PEOPLE Social Engineering: IM and IRC downloads Training and Awareness: Apply procedures Carrot not stick: Recognise employees

18 Process - The Glue No where else in society do we put so much faith in technology. No-one has said, “This door lock is so effective that we don’t need police protection and breaking and entering laws.” Products work to a certain extent but you need processes in place to leverage their effectiveness. SOURCE: Bruce Schneier, CTO, Counterpane PROCESS

19 Embrace Process TECHNOLOGY Limit privilege Secure weakest link Defend in depth Enlist users Detect attacks Embrace simplicity Be vigilant Watch the watchers

20 RMS

21 How good is YOUR Security Knowledge? http://www.microsoft.com/emea/gatekeepertest

22 Guidance and Tools Delivering Support, Creating Community Security tools Security Bulletin Search Tool http://www.microsoft.com/technet/security/current.aspx Guidance and training Security Guidance Center http://www.microsoft.com/security/guidance/default.mspx How Microsoft Secure our own Infastructure - ITShowcase http://www.microsoft.com/itshowcase E-Learning Clinics https://www.microsoftelearning.com/security/ Community engagement Newsletters http://www.microsoft.com/technet/security/secnews/newsletter.htm Webcasts and chats http://www.microsoft.com/seminar/events/security.mspx

23 © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. www.microsoft.com/uk/security www.microsoft.com/uk/technet/learning

Download ppt "Security for Mere Mortals Steve Lamb Technical Security Advisor Microsoft Ltd."

Similar presentations

Unified. Simplified. Unified Communications Launch 2007.

Unified. Simplified. Unified Communications Launch 2007.
Enabling IPv6 in Corporate Intranet Networks

Enabling IPv6 in Corporate Intranet Networks
Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.

Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.
Unified. Simplified. Unified Communications Launch 2007.

Unified. Simplified. Unified Communications Launch 2007.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
How (not) to use your firewall Jurjen N.E. Bos Information Security Consultant.

How (not) to use your firewall Jurjen N.E. Bos Information Security Consultant.
Secure Messaging Nick Hall & James Clifford Microsoft.

Secure Messaging Nick Hall & James Clifford Microsoft.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Windows XP Service Pack 2 Alex Balcanquall Senior Consultant Microsoft Services Organisation.

Windows XP Service Pack 2 Alex Balcanquall Senior Consultant Microsoft Services Organisation.
Welcome Mark Greatorex Director - Developer & Platform Group Microsoft Ltd.

Welcome Mark Greatorex Director - Developer & Platform Group Microsoft Ltd.
Information for Developers Windows XP Service Pack 2 Information for Developers.

Information for Developers Windows XP Service Pack 2 Information for Developers.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
WCLCT03 Windows Vista Security and UAC Chalk Talk Russ Humphries Mike Chan.

WCLCT03 Windows Vista Security and UAC Chalk Talk Russ Humphries Mike Chan.
MICROSOFT ASSESSMENT AND PLANNING (MAP) TOOLKIT LAB Dev Chaudhari zevenseas India.

MICROSOFT ASSESSMENT AND PLANNING (MAP) TOOLKIT LAB Dev Chaudhari zevenseas India.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.

Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.
Internet Explorer Opportunities For Partners Margaret Cobb Product Manager IE Group Microsoft Corporation.

Internet Explorer Opportunities For Partners Margaret Cobb Product Manager IE Group Microsoft Corporation.
Security of Communication & IT systems Bucharest, 21 st September 2004 Stephen McGibbon Chief Technology Officer, Eastern Europe, Russia & CIS Senior Director,

Security of Communication & IT systems Bucharest, 21 st September 2004 Stephen McGibbon Chief Technology Officer, Eastern Europe, Russia & CIS Senior Director,
2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.

2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.
1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for Security.

1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for Security.

Similar presentations

Ads by Google