Presentation is loading. Please wait.

Presentation is loading. Please wait.

Smart Card Deployment David Gautrey IT Manager – Microsoft New Zealaand Microsoft Corporation.

Published byAngel Perry Modified over 9 years ago

Similar presentations

Presentation on theme: "Smart Card Deployment David Gautrey IT Manager – Microsoft New Zealaand Microsoft Corporation."— Presentation transcript:

1

2 Smart Card Deployment David Gautrey IT Manager – Microsoft New Zealaand Microsoft Corporation

3 The RAS Security Threat Unpatched vulnerabilities and weak configurations expose valid network credentials Home users’ machines are a frequent hacker target Remote network access secured only by Passwords Unauthorized activity with valid credentials difficult to detect/prevent Unmanaged and infected remote devices put corporate resources at risk Unmanaged and infected remote devices put corporate resources at risk Viruses, Trojan horse applications, worms Viruses, Trojan horse applications, worms Always-on, broadband Internet access heightens exposure Always-on, broadband Internet access heightens exposure Malicious Users Malicious Software

4 Tokyo Dublin Singapore 95,000 e-mail server accounts RedmondTukwila Charlotte 3M+ e-mail messages per day internally 99.99% availability 89,000 end users 89 countries 300,000+ PCs and devices Single Instance SAP (1.5Tb Db) Silicon Valley 7,000,000 remote connections/month Johannesburg Microsoft IT Data

5 Secure Authentication Alternatives Smart Cards Biometrics HW Tokens Cost Features Mobility Reliability Support

6 Secure RAS Solution Components Smart Card RFID Badge 32k chip Windows for Smart cards Hardware PC or Laptop Smart card reader (PCMICA, USB, Serial Client Software Cryptographic Service Provider (CSP) Windows Resource Manager Reader drivers Connection Manager Server Software Windows Active Directory Windows Certificate Server Card management tools RAS Services Smart Card

7 Deployment Card creation process Pilots Initial card distribution process Delegated issuance model User install and setup Training and support issues Ongoing maintenance and operations

8 Challenges Mobile devices, Macintosh, and UNIX platforms not compatible with smart card EAP/TLS authentication Smart card solution component selection Performance varies based on combination of cards, OS, and readers Smart card distribution process was resource intensive Card System Extensibility Managing policy and client groups was complex Client software version control

9 Lessons Learned Deployment PlanningPKI Maintaining security Exception management Pilots Physical distribution Scripted installation Communicate to users

10 Secure RAS Administration Card Issuance Certificate approvals DistributionSupport Policy and Exception Mgmt Card Mgmt Delegates Users Submits Certificate requests in behalf of user Distribution PIN resets Certificate renewal

11 Future Plans Smart card industry still maturing Improved interoperability with various business systems Likely industry consolidation in the next 12-24 months Improved product standards, including plug-and-play compatibility and greater integration with Windows platform Securing accounts with elevated privileges Portable digital signatures Expanding applications support Signing stock grants, securing financial/HR data, signing source code, etc. Increased use of remote data access technologies – OWA, OMA, etc. PASSWORDS

12 Summary More focus on security needs worldwide Increasing security threats to corporate network assets Smart Card technology provides two-factor authentication Leveraged existing infrastructure Extensible solution for internal development Microsoft has mitigated remote access security risk through the deployment of smart cards and Connection Manager

13 For More Information Additional content on Microsoft IT deployments and best practices can be found on http://www.microsoft.com http://www.microsoft.com Microsoft TechNet http://www.microsoft.com/technet/itshowcase http://www.microsoft.com/technet/itshowcase Microsoft Case Study Resources http://www.microsoft.com/resources/casestudie s http://www.microsoft.com/resources/casestudie s http://www.microsoft.com/resources/casestudie s E-mail IT Showcase showcase@microsoft.com showcase@microsoft.com

14 © 2003-2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

Download ppt "Smart Card Deployment David Gautrey IT Manager – Microsoft New Zealaand Microsoft Corporation."

Similar presentations

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.
IBM Software Group ® Accessing Domino via Outlook iNotes Access for Microsoft Outlook - Notes Domino 5.5 – 6.0.1 Domino Access for MS Outlook - Notes Domino.

IBM Software Group ® Accessing Domino via Outlook iNotes Access for Microsoft Outlook - Notes Domino 5.5 – Domino Access for MS Outlook - Notes Domino.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility. Simplify authentication.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility. Simplify authentication.
Understand Virtualized Clients 10753 Windows Operating System Fundamentals LESSON 2.4.

Understand Virtualized Clients Windows Operating System Fundamentals LESSON 2.4.
Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.

Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.
Windows Vista And Longhorn Server PKI Enhancements Avi Ben-Menahem Lead Program Manager Windows Security Microsoft Corporation.

Windows Vista And Longhorn Server PKI Enhancements Avi Ben-Menahem Lead Program Manager Windows Security Microsoft Corporation.
Authentication choices! Vincent van Kooten: Business Sales Manager Benelux Distributed by -

Authentication choices! Vincent van Kooten: Business Sales Manager Benelux Distributed by -
Security and Policy Enforcement Mark Gibson Dave Northey

Security and Policy Enforcement Mark Gibson Dave Northey
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Information Security in Real Business

Information Security in Real Business
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 2 Operating System Security Fundamentals.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 2 Operating System Security Fundamentals.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
RSA SecurID November 10, 2005.

RSA SecurID November 10, 2005.
Windows XP Professional Deployment and Support Microsoft IT Shares Its Experiences Published: May 2002 (Revised October 2004)

Windows XP Professional Deployment and Support Microsoft IT Shares Its Experiences Published: May 2002 (Revised October 2004)
Microsoft’s Implementation of Smart Cards for Remote Access Published January 2002.

Microsoft’s Implementation of Smart Cards for Remote Access Published January 2002.
Copyright Microsoft Corp. 2006 Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.

Copyright Microsoft Corp Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.
Cliff Evans Security and Privacy Lead Trustworthy Computing Group Microsoft UK.

Cliff Evans Security and Privacy Lead Trustworthy Computing Group Microsoft UK.
© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.

© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Similar presentations

Ads by Google