Download presentation
Presentation is loading. Please wait.
Published byJarod Loach Modified over 10 years ago
1
ACT User Meeting June 2011
3
Your entitlements window Entitlements, roles and v1 security overview Problems with v1 security Tasks, jobs and v2 security overview V2 user administration 3
4
Next 2 slides 4
5
5
6
6
7
Next slide 7
8
8
9
9
10
There is a log that records any change to a user security profile. 10
11
It is a grant to you that entitles you to do something. access a screen. access a button. run a batch menu item. In V1 security, entitlements were granted to users one by one on the User Administration screen. But, there are many entitlements... 11
12
It is a grant to you that allows access to data. (data privileges) In v1 security, roles were named after job functions. Accounting Attorney 12
13
For you to do your job, you were granted each entitlement, one or more roles, and all BMIs 1 or more roles User40 or more entitlements all batch menu items (BMIs) 13
14
Entitlements may allow you to do something that the roles would not. Screen fails ! It was up to the user administrator to grant the proper entitlements. Difficult ! The roles would become outdated. Undependable ! 14
15
Roles were very difficult to categorize. This data is ACCOUNTING and this data is ATTORNEY Roles had to be created by ACT. Too general or too specific for different clients 15
16
For you to do your job, you are granted one or more v2 jobs. User 1 or 2 jobs 16
17
user job task entitlement data privilege entitlement data privilege entitlement BMI 17
18
ACT builds the tasks and verifies them. A task provides a complete set of entitlements, BMIs and the privileges needed to perform that function. 18
19
Next 3 slides 19
20
20
21
21
22
22
23
ACT assembles tasks into jobs. A job is a complete inventory of tasks for a specific job title (as it relates to ACT). 23
24
Next slide 24
25
25
26
Next slide 26
27
27
28
Next Slide 28
29
29
30
Next slide (shows entitlement s only) 30
31
31
32
Next 2 slides 32
33
33
34
34
35
Next Slide 35
36
36
37
ACT User Meeting June 2011
38
Zeus toolkit video Security and the End User Malicious Code – Internet File Transfer Protocol (FTP) Security 38
39
39
40
First identified in 2007, used against US Department of Transportation Active in 2009, compromising FTP accounts and personal data Active in 2010-2011, compromising bank and credit card data Proliferation Controlled machines are in 196 countries Targets Windows machines Availability Removal and Detection 40
41
Best Practices Be aware of your environment Keep your antivirus software up to date In a corporate environment, use anti-spam technologies Ensure your computer has the most recent patches LGB&S solutions Awareness Training Forefront IronMail SCCM 41
42
Recent Trends Browsers without current patches Trusted sites infected with malicious code Silent redirects What can you do? Keep your browser and its plugins patched Keep your operating system patched Investigate and purchase a Web Security Gateway or an IDS which monitors port 80 and 443 42
43
Recent Issues Buffer overflow in FTP Service in Microsoft IIS 5.0 through 6.0 Heap-based buffer overflow in Microsoft FTP service 7.0 and 7.5 Stack-based buffer overflow in ProFTPD (Linux) ProFTPD Backdoor Prevention Update and patch vulnerable systems Disable anonymous connections Use strong passwords Use SFTP, FTPS 43
44
GlobalScape Enhanced File Transfer Server Supports SFTP FTPS HTTP/S (Portal) HTTP/S Web Transfer Client FTP – LGB&S does not utilize this protocol on this server. Secure Complex passwords User account security Connection security PCI compliant Federal Information Processing Standards (FIPS) 142-2 Compliance 44
45
Scheduled patching Scheduled anti-virus scanning Configuration control 45
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.