Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 #UPAugusta2016. 2 3 Today’s Topics What are Deadly IT Sins? Know them. Fear them. Fix them. #UPAugusta201 6.

Published byGerald Eaton Modified over 9 years ago

Similar presentations

Presentation on theme: "1 #UPAugusta2016. 2 3 Today’s Topics What are Deadly IT Sins? Know them. Fear them. Fix them. #UPAugusta201 6."— Presentation transcript:

1 1 #UPAugusta2016

2 2

3 3 Today’s Topics What are Deadly IT Sins? Know them. Fear them. Fix them. #UPAugusta201 6

4 4 What are Deadly IT Sins? Common security pitfalls that are often overlooked … …putting your network and data at risk! #UPAugusta201 6

5 5

6 6 Are you afflicted? Mobile Negligence Unsafe practices 64% of users don’t lock their phones Malware Growth Android malware up 1800% in the last 12 months Data Theft Financial Consequences Lost Productivity +

7 7 The path to absolution Make sure you can manage and secure your mobile devices and your corporate network Mobile Device Management: Enforce strong passwords Control unwanted/unknown apps Block Android malware Mobile Network Protection: Next-generation Firewall Mobile Network Access Control Advanced Threat Protection

8 8

9 9 Mac Malice As Macs become more common in corporate environments, attackers are increasingly targeting them. Macs are an easy target because they often lack endpoint protection Malware signed with a working Apple Developer ID is on the rise Macs host and spread Windows malware Don’t let Macs be the chink in your security armour!

10 10 Example: Mac Ransomware

11 11 Turn that malice into loving care 1.Keep unsigned applications off your Macs 2.Ensure your Macs are secured with business-grade endpoint protection 3.Provide your Macs the same loving policies you provide your Windows systems Common security loophole Web control policies for PC users are enforced on their Windows machines. But if the policy doesn’t extend to Macs, they become the weak link in your security.

12 12

13 13 Unsecure Wi-Fi Project Warbike, London: 107,000 wireless networks surveyed 27% had poor or no security Highest density in streets with high numbers of small business Unsecure Wi-Fi puts your network and your data at risk

14 14 Examples: WiFi Attacks Passive Attacks ○ Evesdropping… Snooping data ○ Impossible to detect… Steal email contents Active Attacks ○ Access the network ○ Setup Man in the Middle ○ Snoop Traffic ○ Redirect Users ○ Authenticate to servers ○ Steal Data ○ Denial of Service Passive Attack Active Attack

15 15 Be a Saint not a Sinner 1.Use business grade WiFi access points 2.Enforce standard network security policies 3.Scan all network traffic 4.Block access for insecure mobile devices 5.Provide connection profiles for your users 6.Keep guest networks separate 7.Keep it simple The Forrester Wave: Wireless Local Area Network Solutions, Q3 2014, Forrester Research, Inc., August 29, 2014. Make sure your Wi-Fi network – and the data on it – is secure. Forrester 5 S’s Scalable Shared Simplified Standardized Secure

16 16

17 17 Un-encrypted Email 144.8 billion emails sent every day Data loss Snooping

18 18 Quiz: What’s Your Phishing IQ

19 19

20 20 Facebook Quizzes

21 21

22 22 Example: Sinfully Unencrypted Laptops

23 23 Redemption the easy way Your checklist for encryption: 1.Use full-disk encryption on all laptops 2.Use server encryption 3.Encrypt your email (see Sin #4) 4.Implement file encryption across cloud and mobile devices 5.Reporting, Management, Auditing

24 24

25 25 Delinquent Web Filtering 40,000 New web threats every day $400M Stolen through GameOver malware Blogs Web Hosting Business Shopping Education Technology Entertainment Automotive Health Adult Top 10 infected web site categories 80% Malware on legitimate sites

26 26 Example Web Attack Drive-by-download from a hijacked website or an email with a malicious link Initial malware redirects based on what it’s working with (Windows/Mac, IE/Safari, Java) Exploit pack attempts to leverage a number of vulnerabilities Download of a malicious payload Malware calls home with sensitive data Entry Point Distribution Exploit Infection Execution

27 27 Exorcising Delinquent Web Filtering Web Security Checklist: Spam filtering Real-time URL reputation filtering Web malware scanning JavaScript emulation Behavioral Analysis HTTPS Scanning Advanced threat detection Real-time cloud updates Business-grade AV with HIPS + Protection Everywhere Users Go!

28 28 info@grcs.com Share what you’ve learned today with the rest of your team. Follow the link to find an hour-long video that expands on what we’ve discussed today. info.grcs.com/7-deadly-it-sins Questions?

29 29 © Sophos Ltd. All rights reserved. grcs.com

Download ppt "1 #UPAugusta2016. 2 3 Today’s Topics What are Deadly IT Sins? Know them. Fear them. Fix them. #UPAugusta201 6."

Similar presentations

10 Things You Can do to Secure Your PC Presented by Peter Nowak OIS Client Services Manager.

10 Things You Can do to Secure Your PC Presented by Peter Nowak OIS Client Services Manager.
Layered Security Solutions - Simplified www.SoftwareSecuritySolutions.com 303-232-9070 © 2008 Monte Robertson - CEO Layered Security Solutions – Simplified!

Layered Security Solutions - Simplified © 2008 Monte Robertson - CEO Layered Security Solutions – Simplified!
The Threat Landscape Jan 2013. 2013 Threat Report 2.

The Threat Landscape Jan Threat Report 2.
Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.

Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
 Malicious or unsolicited mail sent to a mailbox without the option to unsubscribe  Often used as a catch-all of any undesired or questionable mail.

 Malicious or unsolicited mail sent to a mailbox without the option to unsubscribe  Often used as a catch-all of any undesired or questionable mail.
IBM Security Network Protection (XGS)

IBM Security Network Protection (XGS)
© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.
INFORMATION SECURITY AWARENESS PRESENTED BY KAMRON NELSON AND ROYCE WILKERSON.

INFORMATION SECURITY AWARENESS PRESENTED BY KAMRON NELSON AND ROYCE WILKERSON.
Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.

Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.

Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.
Protecting Yourself Online (Information Assurance)

Protecting Yourself Online (Information Assurance)
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Security Awareness ITS SECURITY TRAINING. Why am I here ? Isn’t security an IT problem ?  Technology can address only a small fraction of security risks.

Security Awareness ITS SECURITY TRAINING. Why am I here ? Isn’t security an IT problem ?  Technology can address only a small fraction of security risks.
Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.

Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.
IT security By Tilly Gerlack.

IT security By Tilly Gerlack.

Similar presentations

Ads by Google