It securepro 10 nov 2010

Is your company protected against
confidential data leakage?
November 10, 2010 www.itsecurepro.com
Agora Security Conference www.business-software.ro
Jan Petculescu
General Manager - IT SECURE PRO

About It Secure Pro

2010 – new partnership

Avecto Privilege Guard

Avecto Privilege Guard enables organizations to adopt the principle of
least privilege.
It is no longer necessary to assign admin rights to users, as these rights
can now be assigned dynamically to applications, tasks and scripts.
Privilege Guard enables users to log on with minimal rights and empowers
them to perform their day to day role, without compromising the integrity
and security of the corporate systems.

Simple Policy Configuration
Enabling an application to run with elevated rights couldn’t be simpler.
Define the application in the Privilege Guard Policies and set its
identification options, such as filename, file hash, trusted publisher or
command line.
Next, assign the application to the users who require elevated rights over
the application and set up any additional options, such as end user
messaging, auditing and privilege monitoring.
The policies are automatically committed to Active Directory Group Policy
and will be deployed during the next Group Policy refresh cycle.

Privilege Monitoring
To assist in policy definition, Privilege Guard can be deployed in “passive
mode” to users who have local admin or power user rights.
Privilege monitoring will analyze application behaviour and log events for
any application that would fail to run under a standard user account. More
detailed activity logs can also be captured, which enable closer inspection
of any privileged operations performed by applications.
Once this information is collated, suitable policies may be defined to
elevate the individual applications, enabling users to be removed from the
local administrators or power users groups.

Application Control
In addition to controlling the privileges assigned to applications, Privilege
Guard may also be used to control the applications that a user is allowed
to install or run.
Policies may be configured that whitelist the trusted applications on a
system, by identifying applications based on a combination of trusted
folders, files, publishers or hashes. Any unauthorized applications,
including software installers and scripts may be blocked and audited.
The end user is informed with a fully customizable message, including the
option for the user to email a request for a blocked application. More
advanced users may be allowed to run unauthorized applications, and in
this scenario the user can simply be warned and their actions audited.

Privilege Guard Supported Platforms:
Windows XP
Windows Vista
Windows 7
Windows Server 2003
Windows Server 2008
Windows Server 2008 R2
Both 32-bit and 64-bit versions are available for all platforms

Lumension® Device Control

Lumension® Device Control:
Centrally manages security policies regarding use of removable devices
(e.g., USB flash drives) and media (e.g., DVDs/CDs) using a whitelist /
"default deny" approach
Enforces encryption policies when copying data to removable devices /
media
Prevents malware intrusion via removable devices / media, adding a layer
of protection to your network
Provides the visibility, forensics and reporting needed to demonstrate
compliance with applicable laws

1.Discover - Identify all removable devices that are now or have ever been
connected to your endpoints through the use of a “learning” mode that
allows you to collect information without disrupting business.
2.Assess - Define rules at both default and machine-specific levels for
groups and individual users with regards to device access by class, model
and/or specific ID, and uniquely identify and authorize specific media.
These permissions can be linked to the user and user group information
stored in Microsoft Active Directory or Novell eDirectory.

3.Implement - Enforce device and data usage policies by: file copy
limitations (amount per day, time of day) and file type filtering. You can also
enforce the encryption of data moved onto removable devices / media and
apply permissions to specific and/or groups of endpoints, ports, devices
and users (both on- and off-line), including scheduled / temporary access.
4.Monitor - Continuously monitor the effectiveness of device and data
usage policies in real time and identify potential security threats by logging
all device connections, recording all policy changes and administrator
activities, and tracking all file transfers by file name and content type. You
can even keep a copy of every file that is transferred to or from a
removable device using our patented bi-directional shadowing technology.

5.Report - Create both standard and customized reports on all device and
data activity showing allowed and blocked events, which can be saved into
a repository, shared via email, and/or imported into 3rd party applications

Lumension® Device Control features:
Per-Device Permissions
Flexible Policy with Granular Control
Temporary / Scheduled Access
File Type Filtering
Data Copy Restriction
256-bit AES Encryption

Lumension® Application
Control
Lumension® Application Control

The threats aren’t going to stop and antivirus software alone cannot control
the problem as malware threats are being developed faster than the
necessary fixes and organizations need a product that prevents the
execution of malicious code.
Centrally manage, monitor, and control applications with a whitelist
approach that allows only authorized applications to run ensuring no
malware, spyware, keyloggers, Trojans, worms, viruses, zero-day threats
and unwanted or unlicensed software will execute on your network and
disrupt your business.

1.Discover - Identify all executable files and devices, collect profiles and
organize into pre-defined file groups.
2.Implement - Assign permissions for applications to run based on
executable, user, or user group attributes. Use an application whitelist
approach to ensure that only authorized and legal applications can run on
a computer. When a user wants to run an application, the OS request at
the kernel level is intercepted by the Lumension driver. If the user has
rights, then access will be granted. If the application is not known or the
user does not have rights, then access will be denied

3.Monitor - Monitor the effectiveness of endpoint security policies in real
time and identify potential threats by logging all application execution
attempts and recording all policy changes and administrator activities.
4.Report - Demonstrate policy compliance and ensure software license
compliance to meet Sarbanes Oxley, NERC, HIPAA, PCI, and GLBA
requirements by drilling down on suspicious behavior for security or legal
follow-up.

Lumension® Endpoint
Management and Security
Suite
Patch and Remediation
LEMSS - Patch and Remediation

As IT environments have become increasingly complex, supporting virtual,
distributed, and disparate platforms, companies must ensure that they
maintain control of their endpoints.
Ensuring secure and standard endpoint configurations and patch
management for third party applications and operating systems is
paramount to reducing IT risk and improving endpoint operations.

LEMSS - Patch and Remediation is part of Lumension® Vulnerability
Management which has been rated by analyst firms such as Forrester and
IDC as a "leader" in vulnerability management because of its robust
feature-set and broad support and provides broad support for multiple
platforms, including Windows, Unix, Linux and Mac OS, and for third party
applications, with the largest repository of Adobe vulnerability content

1. Discover - Gain complete visibility of your heterogeneous network
environment. Proactively discover all of your IT assets, both managed and
unmanaged, through in-depth scans and flexible grouping and
classification options.
2. Assess - Proactively identify known issues before they can be
exploited. Perform a deep analysis and thorough OS, application and
security configuration vulnerability assessments.

3. Prioritize - Focus on your most critical security risks first.
4. Remediate - Automatically deploy patches to an entire network. Simplify
the process of maintaining a secure environment by continuously
monitoring, detecting and remediating policy-driven environments across
all major platforms and applications.
5. Report - Gain a holistic view your environmental risk. Access a full
range of operational and management reports that consolidate discovery,
assessment and remediation information on a single management
console.

Lumension® Compliance and IT
Risk Management
Lumension® Compliance and IT Risk Management

In today’s fast paced business environment, organizations face the
challenge of complying with numerous regulations but still employ manual
and improvised IT audit processes, incurring high costs with inaccurate
results.
Over 400 Regulations and Standards documents are included in our
solution with full cross-references to supporting IT controls

1. Risk Profiling - Easily model the relationship between your IT assets
and business interests to identify IT-borne business risk. Lumension
categorizes an organization’s resource types including technology, people
and processes, and then develops a powerful risk profile through its
patent-pending risk intelligence engine. The risk profile information is
automatically correlated with internal and external compliance
requirements and suggests mitigating IT controls to address potential
regulatory and IT risk exposure.
2. Controls Framework - Leveraging the industry-standard Unified
Compliance Framework (UCF), Lumension Risk Manager harmonizes
controls across hundreds of different regulations including PCI, SOX,
FISMA, HIPAA, NERC, CobiT, NIST, ISO frameworks, and many more.
This means that no control is ever duplicated and the structure and
language of each control follows the same predictable format.

3. Controls Assessment - Streamline and automate the workflow for
assessing technical, physical and procedural controls by interfacing to
either Lumension security solutions or third party point products such as
vulnerability scanners. Utilize automated surveys to complete your
assessment of physical and procedural controls.
4. Risk & Compliance Reporting - Generate reports with key metrics to
satisfy a diverse IT risk and compliance audience through compliance and
IT risk reporting, operational security reporting and remediation modeling
and forecasting. Create "what-if" scenarios to better estimate how a project
or remediation effort will improve your IT risk and compliance posture.
Assign and track remediation projects to measure and reflect improvement
in compliance and IT risk metrics.

Spector 360 incorporates SpectorSoft's award-winning computer
monitoring technology that automatically records everything including
emails sent and received, chat and instant messaging, web surfing,
keystrokes typed, files transferred/printed/saved, online search, program
activity, document tracking, and more!
Spector 360 takes the recorded Internet and computer activities from each
of your employees, feeds that information into a database and provides
you with more than 50 built-in, comprehensive reports -plus- unlimited
customization.

With Spector 360 you will find answers to questions such as:
Which employees spend the most time surfing web sites?
Who is spending time on shopping sites, sports sites or adult sites?
Which employees chat or use anonymous email services like Hotmail and
Gmail?
Who is sending the most emails with attachments?
Which employees may be leaking company confidential information via
removable media like flash drives, CDs and DVDs?
Which employees are printing sensitive documents?
Who is arriving to work late and leaving early? Who takes long lunch
breaks?
What are my employees searching for on Google, Yahoo and MSN?

In August, SpectorSoft announced the release of Spector 360 Version 7.1
(7.1.1108).
Spector 360 adds support for Mac OS X making it possible to record user
activities on both Windows and Apple computers. The new release
provides you with the functionality to review both PC and Mac recordings
from the same familiar Dashboard interface.

Spector 360 allows you to monitor what your employees do on their PC
and on the Internet, so all applications run and all keystrokes typed are
immediately available to you.
Just as a VCR records and plays back, Spector 360 provides you with the
total picture of everything your employee does.
If training or other assistance is necessary to make that employee more
productive or proficient, you’re able to quickly rectify the situation.

Thank you for your atention.
Any questions?

It securepro 10 nov 2010

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (19)

Similar a It securepro 10 nov 2010

Similar a It securepro 10 nov 2010 (20)

Más de Agora Group

Más de Agora Group (20)

It securepro 10 nov 2010