Presentation is loading. Please wait.

Presentation is loading. Please wait.

Market Intelligence You Can Act On Secure Remote Support for CJIS Compliance December 11, 2014.

Published byJulius Heath Modified over 8 years ago

Similar presentations

Presentation on theme: "Market Intelligence You Can Act On Secure Remote Support for CJIS Compliance December 11, 2014."— Presentation transcript:

1 Market Intelligence You Can Act On Secure Remote Support for CJIS Compliance December 11, 2014

2 Welcome to our Webinar Webinar Recorded Link emailed directly CJIS GROUP Webinar Library Survey

3 Agenda CJIS GROUP OVERVIEW CJIS POLICY & AUDIT FINDINGS REMOTE ACCESS CONSIDERATIONS PATHWAYS FOR HACKERS REMOTE SUPPORT SECURITY BOMGAR IN A CJIS ENVIRONMENT CASE STUDY REMOTE SUPPORT SOLUTION Q&A

4 Presenters Bryan Hood Senior Solutions Engineer Scott Braynard Vice President, Public Sector Lauren Franco Marketing Manager

5 CJIS GROUP How do we support State and Local Government? CJIS GROUP Database helps officials: Fund new initiatives by seeing how other agencies paid for these services. Locate vendors who are successful in the state and local market. Connect more with agencies working on similar objectives.

6 FBI CJIS POLICY The CJIS Security Policy provides a secure framework of: laws, standards, and elements of published and vetted policies for accomplishing the mission across a broad spectrum of the criminal justice and noncriminal justice communities.

7 Overcoming Funding Barrier “ Baking in” to a larger solution Leveraging other agency’s technology investments Investing in a platform that provides flexibility for the future = good investment over time Types of Agencies Procuring Help Desk Support in 2014

8 Remote Support for CJIS Compliance

9 BOMGAR – Revolutionizing Remote Support Securely support remote Windows, Mac, Linux & Mobile Devices Trusted by 8,500+ customers around the world:

10 Criminal Justice Information Services (CJIS) Security Policy 5.5.6 Remote Access The agency shall authorize, monitor, and control all methods of remote access to the information system. Remote access is any temporary access to an agency’s information system by a user (or an information system) communicating temporarily through an external, non-agency-controlled network (e.g., the Internet). The agency shall employ automated mechanisms to facilitate the monitoring and control of remote access methods. The agency shall control all remote accesses through managed access control points. The agency may permit remote access for privileged functions only for compelling operational needs but shall document the rationale for such access in the security plan for the information system.

11 Remote Access Considerations INTEGRATION CONSOLIDATION SECURITY SERVICE LEVELS Support Multiple Platforms On or Off Network Legacy Leftovers Little or no logging Shared Accounts No Central Configuration Insecure communication Security Providers Ticketing Systems Inventory Systems Time to resolution First Call Resolution Productivity Customer Satisfaction

12 Support All of Your Devices with a Single Solution

13 Unsecure Remote Access – Pathway for Hackers “When targeting companies, typically SMBs, the criminals access victim networks via Microsoft’s Remote Desktop Protocol (RDP) either via unpatched vulnerabilities or weak passwords.” 2013 Data Breach Investigations Report “Organizations that use third-party support typically use remote access applications like Terminal Services (teamserv) or Remote Desktop Protocol (RDP), pcAnywhere, Virtual Network Client (VNC), LogMeIn or Remote Administrator to access their customers’ systems. If these utilities are left enabled, attackers can access them as though they are legitimate system administrators.” 2013 Global Security Report "The bad guys have continually used remote access login to perpetrate their crimes and breaches against POS systems, since they gain the privileges and visibility they need with software like LogMeIn. It's a huge vulnerability that most enterprises don't currently have enough control over, given their relationships with service providers and contractors. They need to tighten up that glaring hole by enforcing strong user authentication into remote- access facilities into their systems and auditing the access that does take place." Avivah Litan in BankInfoSecurity, July 2014

14 Remote Support Security Architecture – Centralized, hardened appliance keeps data behind your own firewall Authentication – Integrates with your identity management systems (e.g. Active Directory) Access Controls – Rep Permissions to control who accesses what, when and from where Audit – Full session log and video recording of each session

15 Bomgar in a CJIS Environment

16 Case Study: County IT Department Supports approximately 400 county employees and 700 computers, servers and other devices located in 17 county sites Sites include the sheriff’s office, health department, landfill, animal control and the airport Need to meet CJIS and HIPAA requirements Previously used Windows built-in freeware tools - not always effective, and hour-long trips to the county sites were often required Bomgar is saving technicians more than 50 percent of the time they used to spend in the field while increasing CJIS compliance “For security reasons, I knew I wanted a remote support solution that was not cloud-based. Having the Bomgar appliance on-premise has proven to be an important feature because the FBI CJIS rules have increased requirements for secure communications. As our county government continues to grow, I know I have a remote support solution in place that ensures secure, effective remote assistance for our users. The bottom line is that Bomgar just makes my job a whole lot easier.” County IT Systems Administrator

17 Case Study: State IT Department Large state IT teams were using various remote access tools to support 47,000+ employees Employees were targeted by hackers posing as Microsoft support technicians Needed to consolidate to a single remote access tool that employees could recognize and trust Original tools didn’t capture audit trails or enable vendor management Needed a solution that could be used to support all employees, on and off the network, while meeting CJIS compliance requirements

18 Case Study: Software Vendor Operates the nation’s largest law enforcement real-time, information sharing, communication and data interoperability network Supports law enforcement officers using Windows desktops and laptops, in an office and on the road Texas Department of Public Safety informed them that current remote support solution didn’t meet CJIS requirements Bomgar makes it easy for the team to securely access computers at any time to readily resolve issues “If you are looking for a secure remote support solution that is easy to use, Bomgar is the way to go. For our specific needs, the fact that Bomgar meets compliance standards made it the best solution for us.” V.P. of Operations

19 Remote Support Solution

20 Q&A Bryan Hood Senior Solutions Engineer Scott Braynard Vice President, Public Sector Lauren Franco Marketing Manager

21 Thank you for attending Webinar recording will be available on www.cjisgroup.com www.cjisgroup.com For additional questions please email: marketing@cjisgroup.com marketing@cjisgroup.com or call 703-822-5082 For Remote Support Questions please email: Scott Braynard sbraynard@bomgar.com

Download ppt "Market Intelligence You Can Act On Secure Remote Support for CJIS Compliance December 11, 2014."

Similar presentations

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
OneBridge Mobile Data Suite Product Positioning. Target Plays IT-driven enterprise mobility initiatives Extensive support for integration into existing.

OneBridge Mobile Data Suite Product Positioning. Target Plays IT-driven enterprise mobility initiatives Extensive support for integration into existing.
BalaBit Shell Control Box

BalaBit Shell Control Box
Www.cleo.com Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.

Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.
Internship at IPG Position: IT Analyst Location: Scott Technology Center, Omaha By SRIRAM SURAPANENI.

Internship at IPG Position: IT Analyst Location: Scott Technology Center, Omaha By SRIRAM SURAPANENI.
Privileged Identity Management Enterprise Password Vault

Privileged Identity Management Enterprise Password Vault
Privileged Account Management Jason Fehrenbach, Product Manager.

Privileged Account Management Jason Fehrenbach, Product Manager.
Www.tectia.com COPYRIGHT © 2010 TECTIA CORPORATION. ALL RIGHTS RESERVED. Proactive Measures to Prevent Data Theft Securing, Auditing and Controlling remote.

COPYRIGHT © 2010 TECTIA CORPORATION. ALL RIGHTS RESERVED. Proactive Measures to Prevent Data Theft Securing, Auditing and Controlling remote.
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.

Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
A SOLUTION: 2X REMOTE APPLICATION SERVER. 2X REMOTE APPLICATION SERVER.

A SOLUTION: 2X REMOTE APPLICATION SERVER. 2X REMOTE APPLICATION SERVER.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.

Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.
THE UNIVERSITY OF GEORGIA Office of the Chief Information Officer Enterprise Information Technology Services UGA Bomgar Contact: Marcus Henderson.

THE UNIVERSITY OF GEORGIA Office of the Chief Information Officer Enterprise Information Technology Services UGA Bomgar Contact: Marcus Henderson.
Hands-On Microsoft Windows Server 2008 1 Connecting Through Terminal Services Terminal server – Enables clients to run services and software applications.

Hands-On Microsoft Windows Server Connecting Through Terminal Services Terminal server – Enables clients to run services and software applications.
Managing BYOD Legal IT’s Next Great Challenge. Agenda  The BYOD Trend – benefits and risks  Best practices for managing mobile device usage  Overview.

Managing BYOD Legal IT’s Next Great Challenge. Agenda  The BYOD Trend – benefits and risks  Best practices for managing mobile device usage  Overview.
Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,

Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,
Chapter 7 Database Auditing Models

Chapter 7 Database Auditing Models

Similar presentations

Ads by Google