Más contenido relacionado Similar a Financial institution security top it security risk (20) Más de Redspin, Inc. (20) Financial institution security top it security risk3. Source: ISO 27001, NIST SP 800-39, PCI DSS, FFIEC, COBIT, 3
HIPAA - Administrative Safeguards (§164.308), ...
10. Issue 6:
rd
3 -Party Mobile Applications
Patch Management
+
Mobile Applications
= Danger!
15. PIX Version 6.3(5)
interface ethernet0 auto
interface ethernet1 auto
interface ethernet2 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 dmz security50
...
access-list out permit tcp any host 10.0.0.15 eq smtp
access-list out permit tcp any host 10.0.0.15 eq www
access-list dmz permit ip host 192.168.0.13 172.16.0.0 255.255.255.0
access-list dmz deny ip 192.168.0.0 255.255.255.0 172.16.0.0 255.255.255.0
access-list dmz permit tcp host 192.168.0.13 172.16.0.0 255.255.255.0 eq smtp
access-list in deny tcp host 172.16.0.2 host 192.168.0.13 eq ftp
access-list in permit tcp 172.16.0.0 255.255.255.0 any eq www
access-list in permit tcp 172.16.0.0 255.255.255.0 any eq https
access-list in permit tcp 172.16.0.0 255.255.255.0 any eq 37
access-list in permit udp 172.16.0.0 255.255.255.0 any eq time
access-list in permit udp 172.16.0.0 255.255.255.0 any eq domain
access-list in permit udp 172.16.0.0 255.255.255.0 any eq telnet
access-list in permit tcp 172.16.0.0 255.255.255.0 any eq ssh
access-list in permit tcp 172.16.0.0 255.255.255.0 any eq daytime
access-list in permit tcp 172.16.0.0 255.255.255.0 host 192.168.0.13 eq www
access-list in permit tcp 172.16.0.0 255.255.255.0 host 192.168.0.13 eq https
...
ip address outside 10.0.0.2 255.255.255.0
ip address inside 172.16.0.2 255.255.255.0
ip address dmz 192.168.0.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm history enable
arp timeout 14400
global (outside) 1 10.0.0.3
nat (inside) 1 172.16.0.0 255.255.255.0 0 0
static (dmz,outside) 10.0.0.15 192.168.0.13 netmask 255.255.255.255 0 0
access-group out in interface outside
access-group in in interface inside
access-group dmz in interface dmz
... 15
16. PIX Version 6.3(5)
interface ethernet0 auto
interface ethernet1 auto
interface ethernet2 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 dmz security50
...
access-list out permit tcp any host 10.0.0.15 eq smtp
access-list out permit tcp any host 10.0.0.15 eq www
access-list dmz permit ip host 192.168.0.13 172.16.0.0 255.255.255.0
access-list dmz deny ip 192.168.0.0 255.255.255.0 172.16.0.0 255.255.255.0
access-list dmz permit tcp host 192.168.0.13 172.16.0.0 255.255.255.0 eq smtp
access-list in deny tcp host 172.16.0.2 host 192.168.0.13 eq ftp
access-list in permit tcp 172.16.0.0 255.255.255.0 any eq www
access-list in permit tcp 172.16.0.0 255.255.255.0 any eq https
access-list in permit tcp 172.16.0.0 255.255.255.0 any eq 37
access-list in permit udp 172.16.0.0 255.255.255.0 any eq time
access-list in permit udp 172.16.0.0 255.255.255.0 any eq domain
access-list in permit udp 172.16.0.0 255.255.255.0 any eq telnet
access-list in permit tcp 172.16.0.0 255.255.255.0 any eq ssh
access-list in permit tcp 172.16.0.0 255.255.255.0 any eq daytime
access-list in permit tcp 172.16.0.0 255.255.255.0 host 192.168.0.13 eq www
access-list in permit tcp 172.16.0.0 255.255.255.0 host 192.168.0.13 eq https
...
ip address outside 10.0.0.2 255.255.255.0
ip address inside 172.16.0.2 255.255.255.0
ip address dmz 192.168.0.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm history enable
arp timeout 14400
global (outside) 1 10.0.0.3
nat (inside) 1 172.16.0.0 255.255.255.0 0 0
static (dmz,outside) 10.0.0.15 192.168.0.13 netmask 255.255.255.255 0 0
access-group out in interface outside
access-group in in interface inside
access-group dmz in interface dmz
... 16
20. Issue 10.5:
Lack of Mobile Device Security Policy
Policy components:
Access control
Authentication
Encryption
Incident response
Training & awareness
Vulnerability management
21. { Thanks! }
John Abraham
jabraham@redspin.com
805-705-8040 (mobile)
22. Summary:
Top Security Risks for 2011
Risk Management
Mobile Devices in the Enterprise
Wireless
Social Media Information Disclosure
Virtualization Sprawl
3rd-Party Mobile Applications
Vendor Management
SQL Injection
Inadequate Testing Programs
Social Engineering
Mobile Device Security Policy
23. And from last year:
Don't forget about....
Faulty DMZs
Virus protection
Encryption