Presentation is loading. Please wait.

Presentation is loading. Please wait.

AT&T Security Solutions Customer use cases

Published byOlof Ivarsson Modified over 5 years ago

Similar presentations

Presentation on theme: "AT&T Security Solutions Customer use cases"— Presentation transcript:

1 AT&T Security Solutions Customer use cases

2 Retail Challenge: Suffered breach of PCI data & wanted to help secure their data and achieve PCI compliance Details Under pressure from board and payment brands/bank to quickly achieve compliance and improve their data security Facing significant fines for non-compliance Major overhaul required in order to be fully compliant Solutions PCI gap analysis and remediation support Performed detailed gap analysis of current environment after remediation was complete Prepared all teams for global services assessment after remediation was completed Created policies and procedures, architect solutions, and provided SME support as needed Benefits Saved over $300 million in hard costs during the engagement Assisted the company in becoming compliant in less than six months Provided encryption at the point of sale protection of card holder data to help improve security posture Designed state of the art solutions that are still in production use today, three years later. © 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. The information contained herein is not an offer, commitment, representation or warranty by AT&T and is subject to change.

3 Healthcare-health plan provider
Challenge: Security vulnerabilities uncovered via a data breach Details Limited data breach resulted in FTC imposed stiff penalties and requirements for 20 years of biennial security assessments Complex environment of several in scope businesses, vast population of in scope data (PHI and PII, customer and employee data) Solutions Incident Management Program Assessment & Development Security Strategy and Roadmap Comprehensive independent risk assessment and worked with customer teams to quickly address gaps in a cost effective manner Benefits Provided an incident management program customized to the organization that enabled coverage within the distributed environment Utilized existing healthcare industry expertise to address applicable threats and risks, as well as effective incident management models used with industry peers Evaluated existing client technology for optimization rather than investing in new technology © 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. The information contained herein is not an offer, commitment, representation or warranty by AT&T and is subject to change.

4 Law Firm – Data Security Focus
Challenge: Comply with information security regulations such as HIPAA & the need to access the technical security controls to identify any vulnerabilities that are present at the network and application level. Details Law firms with access to protected health information may find themselves classified as “business associates” under new HIPAA rules and therefore will be subject to privacy, security, and breach-notification requirements governing their handling of such information* Solutions Security Assessment focused on Industry Standards and Compliance regulations Benefits Assessment provided the customer with detailed information about current compliance gaps associated with the required regulatory standards in a easy-to-interpret document Helped prioritize remediation requirements, based on available funding, remediation complexity and business imperatives. Challenges Comply with information security regulations such as HIPAA – preventing unauthorized access to confidential data such as personally identifiable information (PII) is essential in today’s digital world. Need to assess the technical security controls to identify any vulnerabilities that are present at the network and application level. © 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. The information contained herein is not an offer, commitment, representation or warranty by AT&T and is subject to change. *Customer should contact their own counsel to determine regulatory or legal requirements.

5 Heavy equipment manufacturing
Challenge: Distributed Denial of Service (DDoS) attack Details AT&T global customer Currently using a 3rd party VPN solution-without DDoS protection service The attack lasted 2 days before they contacted AT&T Solutions Provided emergency “on-demand” AT&T DDoS Defense Service Assisted with mitigation support Benefits Mitigation was completed in less than 24 hours Exposure was reduced Use Case-Global Heavy Equipment Manufacturer, Distributed Denial of Service (DDoS) Attack This global heavy equipment manufacturer is an existing AT&T global backbone and data center/hosting service customer. They currently use another company for their US VPN network. For the first 2 days of their Distributed Denial of Service (DDoS) attack the customer had no knowledge the attack was occurring. They initially reported this as a network and application performance degradation problem.  Based upon the nature and pattern of the attack, AT&T recognized that it was a DDoS attack. If installed, AT&T DDoS Defense could have helped stop this attack before it hit their network or further reduced their mitigation time and exposure. Once the client agreed to the DDOS mitigation, AT&T Security Services applied an established action plan to mitigate the attack and help reduce their exposure. As a result, the incident was quickly contained (<24 hours). The customer was very fortunate that the attack was not as disruptive as severely as it could have been. AT&T is now in the process of reviewing the overall Security services portfolio with client to provide them with the most secure infrastructure possible.  They just signed a 24 month Distributed Denial of Defense agreement. Prior to this incident client had not deemed themselves vulnerable for such an attack. The moral of this story -- Had they subscribed to AT&T DDoS Defense service before the attack, we could have proactively detected and mitigated the event. AT&T DDoS Defense helps filter out malicious traffic before it impacts the network and servers. Three key themes of this story: 1.    Organizations buy insurance every day. They should to look at DDoS as must have coverage. The number is escalating, but currently it’s reported that hackers launch more than 7,000 DDoS attacks every day.* It’s almost a matter of “when” not “if”. 2.    We have a fantastic DDoS solution that’s highly effective and easy to implement. It’s based in the cloud and can even be offered on a carrier agnostic basis as demonstrated in this Use Case.  Given the relatively low monthly cost for having a DDoS mitigation plan vs. the business impact of not having one, the decision looks pretty easy.  3.  Additional Customer Resources are available: picking the right DDoS Defense provider  and att.com/network-security. © 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. © 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. The information contained herein is not an offer, commitment, representation or warranty by AT&T and is subject to change.

6 Financial / Insurance Challenge: Need to transform security operations
Details Underdeveloped security operation eco-system Desire to migrate to a centralized operational and governance model Build new security command center / security operations center Transition to world class operations Solutions Security Operations Center Optimization Services from AT&T Security Consulting Benefits Over 60 issues were identified, including 20 Quick Win recommendations Security transformation in process and meeting customer expectations © 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. The information contained herein is not an offer, commitment, representation or warranty by AT&T and is subject to change.

7 Manufacturing Challenge: Security infrastructure complexity
Multiple internet gateways with multi-layered firewalls, multiple proxies, data loss prevention requirement Details Technology refresh urgently needed Business unit divestiture International expansion Solutions AT&T Security Device Management Benefits Helped optimize security gateway architecture based upon network traffic flow Freed staff from device adds, moves and changes © 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. The information contained herein is not an offer, commitment, representation or warranty by AT&T and is subject to change.

8 Financial Challenge: Distributed Denial of Service attacks Details
Attack durations getting longer Bandwidth consumption getting greater Attacks occurring at all levels the OSI stack Accompanied by voice attacks over various voice platforms Solutions AT&T Security Device Management AT&T Distributed Denial of Service (DDoS) Defense Voice Firewall Benefits Volumetric attack traffic blocked in the network and at network peering points Prevention of voice attacks over TDM, SIP and VoIP © 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. The information contained herein is not an offer, commitment, representation or warranty by AT&T and is subject to change.

9 Aerospace Manufacturing
Challenge: Inconsistent performance of incumbent web security service, large number of policies, poor reporting Details Need to help secure globally distributed employees without need to backhaul to HQ Cloud-based security service without an on-premises appliance or IT support Need for mobile functionality Solutions AT&T Cloud Web Security Benefits Consistent performance Reduced policy from 40+ rules to 14; integrated user and group policy Powerful reporting Roaming & Mobile User Support © 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. The information contained herein is not an offer, commitment, representation or warranty by AT&T and is subject to change.

10 It’s our business, to help protect your business

Download ppt "AT&T Security Solutions Customer use cases"

Similar presentations

© 2010 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Intellectual Property. AT&T Security Consulting Risk.

© 2010 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Intellectual Property. AT&T Security Consulting Risk.
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.

SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.
Welcome to the DrivenBI/AT&T Webinar: Revolution in Cloud-Based Analytics The webinar will begin shortly.

Welcome to the DrivenBI/AT&T Webinar: Revolution in Cloud-Based Analytics The webinar will begin shortly.
Security Controls – What Works

Security Controls – What Works
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
Security Posture Assessment (SPA) Headquarters: Ofisgate Sdn Bhd (610820-A), 2-15 Jalan Jalil Perkasa 13 Aked Esplanad, Bukit Jalil, 57000 Kuala Lumpur,

Security Posture Assessment (SPA) Headquarters: Ofisgate Sdn Bhd ( A), 2-15 Jalan Jalil Perkasa 13 Aked Esplanad, Bukit Jalil, Kuala Lumpur,
© 2014 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2014 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Enterprise Computing Community June 13 - 15, 2010February 27, 2010 1 Information Security Industry View Linda Betz IBM Director IT Policy and Information.

Enterprise Computing Community June , 2010February 27, Information Security Industry View Linda Betz IBM Director IT Policy and Information.
Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.
What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.

What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.
© 2010 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2010 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Asif Jinnah Microsoft IT – United Kingdom. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere.

Asif Jinnah Microsoft IT – United Kingdom. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere.

Similar presentations

Ads by Google