Presentation is loading. Please wait.

Presentation is loading. Please wait.

1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.

Published byRoss Harvey Modified over 8 years ago

Similar presentations

Presentation on theme: "1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant."— Presentation transcript:

1 1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant

2 2© Copyright 2012 EMC Corporation. All rights reserved. Threat Landscape

3 3© Copyright 2012 EMC Corporation. All rights reserved. 2011 DIGITAL UNIVERSE 1.8 ZETTABYTES 1,800,000,000,000,000,000,000

4 4© Copyright 2012 EMC Corporation. All rights reserved. $ $

5 5

6 6

7 7 are the New Perimeter People

8 8© Copyright 2012 EMC Corporation. All rights reserved. had email addresses compromised by malware 60% OF FORTUNE 500 Source : RSA Security Brief, February 2011 “Malware and the Enterprise” Threat Landscape

9 9© Copyright 2012 EMC Corporation. All rights reserved. Threat Landscape 88% of Fortune 500 had BOTNET ACTIVITY associated with their networks Source : RSA Security Brief, February 2011 “Malware and the Enterprise”

10 10© Copyright 2012 EMC Corporation. All rights reserved. Threat Landscape were created last year alone Source : RSA Security Brief, February 2011 ONE-THIRD of malware in existence today Of the 60 million variants

11 11© Copyright 2012 EMC Corporation. All rights reserved. Advanced Threats of organizations believe they have been the victim of an Advanced Threats 83% of organizations don’t believe they have sufficient resources to prevent Advanced Threats 65% Source: Ponemon Institute Survey Conducted “Growing Risk of Advanced Threats” of breaches led to data compromise within “days” or less 91% of breaches took “weeks” or more to discover 79% Source: Verizon 2011 Data Breach Investigations Report

12 12© Copyright 2012 EMC Corporation. All rights reserved. Advanced Security Response Versus Operations Today’s Processes Do Not Address Advanced Threats CompliancePolicyControlsTestReportFixCompliancePolicyControlsTestReportFix I ntelligent IdentifyAnalyzeRespond IdentifyAnalyzeRespond Rules-based Siloed Audited Risk-based Contextual Agile

13 13© Copyright 2012 EMC Corporation. All rights reserved. RSA Approach GOVERNANCE INTELLIGENT CONTROLS ADVANCED VISIBILITY AND ANALYTICS CloudMobilityNetwork Rapid Response and Containment Collect, Retain and Analyze Internal and External Intelligence Manage Business Risk, Policies and Workflows

14 14© Copyright 2012 EMC Corporation. All rights reserved. Authentication

15 15© Copyright 2012 EMC Corporation. All rights reserved. Before: Controlled Network Environment Server Applications Remote Managed Device Inside the Network Network or VPN Employees Corporate Users Managed Devices Controlled Access Points Information on a Network

16 16© Copyright 2012 EMC Corporation. All rights reserved. Today: Any User, Any Device, Anywhere Network VPN Virtual Desktop Mobile Apps Web Browser External and Temporary Users Unmanaged Devices Uncontrolled Access Points Information in Public Cloud and Hosted Applications Employees Contractors Partners Customers

17 17© Copyright 2012 EMC Corporation. All rights reserved. Today’s Challenge: Establishing Trusted Identities

18 18© Copyright 2012 EMC Corporation. All rights reserved. Diverse User Populations Require Choice  Choice of credentials to meet convenience requirements –External users and customers require convenient and easy to manage solutions  Scalability and costs aligned with size of user population –Large user populations require lower cost per user –Scalability to address future authentication plans  Single management platform –Ability to manage choice of credentials on a single platform to minimize IT resources and maximize efficiency Internal Employees, Temporary Employees, Contractors, Partners, Clients, Customers, Auditors, Remote workers

19 19© Copyright 2012 EMC Corporation. All rights reserved. BYOD – Protect Access from Any Device  Use of the mobile device as the authenticator  Strong authentication natively integrated with 3 rd party remote access applications  Authentication SDKs accessible on application development platforms for custom app development

20 20© Copyright 2012 EMC Corporation. All rights reserved. Cloud – Extend Authentication Controls  Secure authentication and identity validation to cloud-based resources  Seamless federation of authentication credentials to cloud applications  Integrated approach to authentication and cloud-based identity management  Hosted and managed strong authentication services TO THE CLOUD FROM THE CLOUD

21 21© Copyright 2012 EMC Corporation. All rights reserved. Threats – Layer Authentication Controls RISK –BASED ANALYSIS Evaluate risk of activity based on device and user characteristics Compare risk to accepted policy controls CREDENTIAL MATCHED TO RISK Require user credential appropriate to risk level Allow different credentials for different use cases and users MONITORING AND REPORTING Monitor risk levels and adjust policies Report activities for compliance audits

22 22© Copyright 2012 EMC Corporation. All rights reserved. Technologies

23 23© Copyright 2012 EMC Corporation. All rights reserved. Two-factor Authentication: One-time Password (OTP) OTP = PIN + Tokencode OTP = PIN + Tokencode PIN: Something the user knows Tokencode: Something the user has

24 24© Copyright 2012 EMC Corporation. All rights reserved. Risk Engine Case Mgmt SSL/VPN Policy Mgr. BehaviorBehavior DeviceDevice FraudFraud Authenticate Continue Risk-based Authentication Step-up Authentication Feedback Challenge Out-of-band Others Knowledge 271 937 Feedback Web Access Management Mobile App, Browser Web

25 25© Copyright 2012 EMC Corporation. All rights reserved. Digital Certificates (PKI) User Device Certificate Authority Key Recovery Module Validation Manager

26 26© Copyright 2012 EMC Corporation. All rights reserved. Dynamic Knowledge-based Authentication

27 27© Copyright 2012 EMC Corporation. All rights reserved. RSA Mobile Authentication SDKs Software Development Kit (SDK) for mobile apps –Sample application, documentation and library for embedding functionality in mobile apps –Free of charge for RSA customers and RSA Secured partners Developers can choose from the following functionality –SecurID OTP Module Import software tokens, generate OTP User visible or invisible OTP –Adaptive Authentication Module Retrieve device identifiers and location information for risk evaluation by Adaptive Authentication –Transaction Signing

28 28© Copyright 2012 EMC Corporation. All rights reserved. Choice

29 29© Copyright 2012 EMC Corporation. All rights reserved. One-time Passwords * Coming in 2013

30 30© Copyright 2012 EMC Corporation. All rights reserved. Risk-based Authentication Seamless user experience Nothing for users to manage Diverse Users Support for all devices BYOD Hosted availability Cloud Security policies aligned to threats Threats

31 31© Copyright 2012 EMC Corporation. All rights reserved. Digital Certificates Available on various devices Diverse Users Support for device authentication BYOD Available hosted Cloud Component of a layered strategy Threats

32 32© Copyright 2012 EMC Corporation. All rights reserved. Knowledge-based Authentication User provisioning not required Prior relationship with user not required Diverse Users Support for mobile devices BYOD Hosted solutions available Cloud Prevent impersonation at enrollment Secure high risk transactions Threats

33 33© Copyright 2012 EMC Corporation. All rights reserved. BYO Security Impact Summary  Evolving Threat Landscape –Information Explosion –Diverse User Population –BYOD –Cloud Developments  Intelligent Risk Management  Authentication Control is Key  Strong Authentication Choice (Direct and via SDK) –One-time Passwords –Risk-based Authentication –Digital Certificates –Knowledge-based Authentication  BYOD renewes focus on security management and authentication

34 34© Copyright 2012 EMC Corporation. All rights reserved. THANK YOU

35

Download ppt "1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant."

Similar presentations

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.
Smart Identity Protection That Works for You and Your Users 2 Petri Ala-Annala Senior Principal, CISSP-ISSAP, CISA, CISM.

Smart Identity Protection That Works for You and Your Users 2 Petri Ala-Annala Senior Principal, CISSP-ISSAP, CISA, CISM.
McAfee One Time Password

McAfee One Time Password
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
Xavier Verhaeghe Vice President Oracle Security Solutions

Xavier Verhaeghe Vice President Oracle Security Solutions
Current impacts of cloud migration on broadband network operations and businesses David Sterling Partner, i 3 m 3 Solutions.

Current impacts of cloud migration on broadband network operations and businesses David Sterling Partner, i 3 m 3 Solutions.
Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.

Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
Sentry: A Scalable Solution Margie Cashwell Senior Sales Engineer Sept 2000 Margie Cashwell Senior Sales Engineer

Sentry: A Scalable Solution Margie Cashwell Senior Sales Engineer Sept 2000 Margie Cashwell Senior Sales Engineer
Authentication choices! Vincent van Kooten: Business Sales Manager Benelux Distributed by -

Authentication choices! Vincent van Kooten: Business Sales Manager Benelux Distributed by -
The New World of Security for Business Travellers Anurag Lal Senior Vice President Strategic Services & Business Development Wi-Fi Business Development.

The New World of Security for Business Travellers Anurag Lal Senior Vice President Strategic Services & Business Development Wi-Fi Business Development.
Taking Control of Cloud Security Travis Abrams. Consulting and Professional Services Health checks Deployment services Strategic Partner VAR Board Leadership.

Taking Control of Cloud Security Travis Abrams. Consulting and Professional Services Health checks Deployment services Strategic Partner VAR Board Leadership.
RSA Approach for Securing the Cloud Bernard Montel Directeur Technique RSA France Juillet 2010.

RSA Approach for Securing the Cloud Bernard Montel Directeur Technique RSA France Juillet 2010.
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
MobileFirst Protect 1. MobileFirst Protect (MaaS360) 2 Mobile Device Management Enable and Manage Apple iOS smartphones, and tablets with Apple DEP Gain.

MobileFirst Protect 1. MobileFirst Protect (MaaS360) 2 Mobile Device Management Enable and Manage Apple iOS smartphones, and tablets with Apple DEP Gain.
Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:

Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:
Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.

Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.
May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.

May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.

Similar presentations

Ads by Google