5. • Federal Bureau of
Investigation – Criminal
Justice Information Systems
• Health Insurance Portability
and Accountability Act
• Payment Card Industry Data Security Standard
• The Sarbanes-Oxley Act of
2002
6. What is PCI-DSS
• PCI DSS applies to organizations that “store, process or transmit
cardholder data” for credit cards. One of the requirements of PCI DSS
is to “track…all access to network resources and cardholder data”.
7. What is PCI-DSS
PCI DSS 2.0 Requirements
Penalties: Fines, loss of credit card processing and level 1 merchant requirements
• 5.1.1 - Monitor zero day attacks not covered by antivirus
• 6.5 - Identify newly discovered security vulnerabilities
• 11.2 - Perform network vulnerability scans quarterly by ASV
• 11.4 - Maintain IDS/IPS to monitor and alert personnel; keep engines up to date
• 10.2 - Automated audit trails
• 10.3 - Capture audit trails
• 10.5 - Secure Logs
• 10.6 - Review logs at least daily
• 10.7 - Maintain logs online for three months
• 10.7 - Retain audit trail for at least one year
• 6.6 - Install a web application firewall
8. HIPAA
• HIPAA includes security standards for certain health information. NIST
SP 800-66, An Introductory Resource Guide for Implementing the
Health Insurance Portability and Accountability Act (HIPAA) Security
Rule, lists HIPAA-related log management needs. For example, Section
4.1 of NIST SP 800-66 describes the need to perform regular reviews
of audit logs and access reports. Also, Section 4.22 specifies that
documentation of actions and activities need to be retained for at
least six years.
9. HIPAA
• 164.308 (a)(1)(ii)(A): Risk Analysis—Conducts vulnerability assessment
• 164.308 (a))1)(ii)(B): Risk Management—Implements security measures to reduce risk of security breaches
• 164.308 (a)(5)(ii)(B): Protection from Malicious Software—Procedures to guard against malicious software
host/network IPS
• 164.308(a)(6)(iii): Response & Reporting—Mitigates and documents security incidents
• 164.308 (a)(1)(ii)(D): Information System Activity Review—Procedures to review system activity
• 164.308 (a)(6)(i): Log-in Monitoring—Procedures and monitoring log for log-in attempts on host IDS
• 164.312 (b): Audit Controls—Procedures and mechanisms for monitoring system activity
• 164.308 (a)(1): Security management process—Implement policies and procedures to prevent, detect,
contain and correct
• security violations
• 164.308 (a)(6): Incident Procedures (R)— Implement policies and procedures to address security incidents
10. Sarbanes-Oxley
• Although SOX applies primarily to financial and accounting
practices, it also encompasses the information technology (IT)
functions that support these practices. SOX can be supported by
reviewing logs regularly to look for signs of security
violations, including exploitation, as well as retaining logs and records
of log reviews for future review by auditors.
11. Sarbanes-Oxley
• DS5.3 Identity Management
• Ensure that all users are uniquely identifiable. Enable user identities
via authentication mechanisms.
• Maintain user identities and access rights in a central repository.
• Deploy cost-effective technical and procedural measures, and keep
them current to establish user identification, implement
authentication and enforce access rights.
12. Sarbanes-Oxley
• DS5.4 User Account Management
• Address requesting, establishing, issuing, suspending, modifying and
closing user accounts and related user privileges with a set of user
account management procedures.
• Perform regular management review of all accounts and related
privileges.
13. Sarbanes-Oxley
• DS5.5 Security Testing, Surveillance and Monitoring
• Test and monitor the IT security implementation in a proactive way.
• A logging and monitoring function will enable the early prevention
and/or detection and subsequent timely reporting of unusual and/or
abnormal activities that may need to be addressed
14. Sarbanes-Oxley
• DS5.6 Security Incident Definition
• Clearly define and communicate the characteristics of potential
security incidents so they can be properly classified and treated by
the incident and problem management process.
16. Sarbanes-Oxley
• DS5.9 Malicious Software Prevention, Detection and Correction
• Put preventive, detective and corrective measures in place (especially
up-to-date security patches and virus control) across the organisation
to protect information systems and technology from malware (e.g.,
viruses, worms, spyware, spam).
17. Sarbanes-Oxley
• DS5.10 Network Security
• Use security techniques and related management procedures (e.g.,
firewalls, security appliances, network segmentation, intrusion
detection) to authorise access and control information flows from and
to networks.
18. Sarbanes-Oxley
• DS5.11 Exchange of Sensitive Data
• Exchange sensitive transaction data only over a trusted path or
medium with controls to provide authenticity of content, proof of
submission, proof of receipt and non-repudiation of origin.
19. Sarbanes-Oxley
• ME1 Monitor and Evaluate IT Performance
• ME1.4 Performance Assessment
• Periodically review performance against targets, analyze the cause of any
deviations, and initiate remedial action to address the underlying causes. At
appropriate times, perform root cause analysis across deviations.
• ME1.5 Board and Executive Reporting
• Develop senior management reports on IT's contribution to the business.
• Provide the report to senior management, and solicit feedback from
management's review.
• ME1.6 Remedial Actions
• Identify and initiate remedial actions based on performance
monitoring, assessment and reporting.
20. • Since July 2010 ETS has been approved to work with Police
Departments, Fire Departments, EMT and 911 Data Centers
through the Texas Department of Public Safety and the Federal
Bureau of Investigation. All of our managers, technicians and
engineers are required to be approved by TLETS/CJIS before we
allow them to work on any of our clients.
21. What is CJIS/TLETS
• TLETS provides intrastate interconnectivity for criminal justice
agencies to a variety of local, state, and federal data base systems.
Additionally, TLETS’ link with Nlets, the International Justice and
Public Safety Network, facilitates exchange between criminal justice
agencies across the state of Texas to their counterparts in other
states. The link with Nlets allows DPS to provide critical information to
the national criminal justice community and allows TLETS operators
to obtain information from a variety of data base services from other
states, Canada, Interpol, and private companies.
22. What is CJIS/TLETS
The CJIS Addendum requirements are outlined in a 46 page
addendum published by the FBI and collaboratively though the
Texas Department of Public Safety TLETS agency. The
Addendum outlines every aspect of IT security:
• User security and access
• Logging
• Hardware management
• Software management
• Mobility
• BYOD
• Mobile data terminals
• Firewall and Workstation Security and updates… And Many
more.
25. Partnerships
• Alert Logic offers Security-as-a-Service in the cloud — a platform of
fully managed products and services to keep your data safe and
compliant. Whether your IT infrastructure is on-premise, in the cloud
or anywhere in between, our portfolio of solutions and deployment
options allows unprecedented visibility into your environment, saving
your business time, money and worries about data compliance and
security.
26. Partnerships
• The XTM family of next-generation network security appliances are
best-in-class, performance-driven solutions. Blazing fast throughput
combines with advanced networking features to handle high-volume
traffic securely - and at an affordable price. Includes a suite of flexible
management tools that allows IT administrators to manage security
through an intuitive centralized console, command line interface, and
web UI. For businesses of all sizes, whether they have thousands of
users, or just a few.
27. Partnerships
• Giving Government Secure Access to the Information It Needs
• When it’s a matter of safety or public service, it’s paramount that
your mobile workforce has the information it needs to get the job
done as efficiently as possible.
28. Partnerships
• The Public Sector required reliable products that can be counted on in
daily operations and in a crisis. Our expanded product, technology
and service solutions enables state and local government officials and
public safety workers to access vital information wherever their job
takes them.
29. Partnerships
4.9 GHz Wireless Networks for Law Enforcement and Emergency Response
Communications is quite literally missioncritical for law enforcement agencies, fire
departments, emergency medical service
providers
and
other
public
safety
organizations. In the past, first responders
were limited to voice communications with
each other and with command and control.
The result was a potentially dangerous lack
of situational awareness.
30. Partnerships
• Penetration testing: probe, protect, comply
• For organizations of any size, penetration testing is an absolute
necessity. Regardless of whether it is driven by regulatory
compliance, corporate liability concerns, or basic network
hygiene, penetration testing is the foundation of enterprise security.
It identifies vulnerabilities, validates existing controls, and, when done
right, provides a roadmap for remediation. Monthly, quarterly, or
annually, IBM can meet the penetration testing demands of any
business in any industry. Just give us a call to get started.
32. Partnerships
Exceptional Technology Solutions, LLC offers a complete business backup and disaster recovery solution.
DNABackup and Disaster Recovery is a full service solution designed to work in a multitude of environments.
Whether your organization requires data retention from a single desktop or across an entire global network.
DNABackup is the right fit for you.
Security
Secure 128 bit or 192 bit AES encryption.
All of our technicians are TLETS/CJIS approved through TxDPS and the FBI.
All data backed up to ETS secure facility.
Worry free restore. We handle it for you.
Cross Platform Support
Backup most platforms including:
Windows XP, Vista, 7 2003, 2008
Linux (most variants)
VMware (V-Sphere, ESX, ESXi)
MS Hyper-V
SAN, NAS, DAS
MS SQL, MS Exchange & MS Sharepoint backup
Benefits
All backups monitored 24/7/365 for consistency.
All support included in monthly fees.
33. To Wrap Up…
• ETS is a Premier East Texas Based IT Solutions Company that
specializes in Managed Services, Cloud Services and Advanced
Professional Services.
• At ETS we do not sell products… We partner with our clients to
provide the best solutions, from hardware to the software to the
financial services and everywhere in between. Because a solution is
not a solution unless it’s a total fit.
• ETS has a very robust security and compliance offering with various
best of breed partners to further strengthen our efforts to keep your
business secure and compliant.
Welcome to ETS Product Preview at the Tyler Tech Expo 2013. My name is Tony DeGonia. I want to start off by thanking Kathy Mordue and all the folks at GetIt and the Tyler Chamber of Commerce for allowing me to come today and share ETS products with you with you.
Everyday business, government and education networks are inundated with cyber attacks and breaches.The propagation of cyber attacks such as phishing, spoofing, spam, malware, spyware, viruses, denial of service attacks, hardware attacks, software attacks, smartphone attacks, vehicle attacks, web-cam attacks come from nefarious sources ranging from the middle school kid who is poking around just to see what they can get into to full blown nation states performing cyber warfare on a global basis. Most attacks are motivated for either monetary, intelligence or informational gain. Social Media, Email and Social Engineering are all viable vehicles for cyber attacks.
In fact cyber attacks have become so sophisticated that the United States Central Command has formed The United States Cyber Command (USCYBERCOM). On June 23, 2009, the Secretary of Defense directed the Commander of U.S. Strategic Command to establish The United States Cyber Command (USCYBERCOM). Initial Operational Capability (IOC) was achieved on May 21, 2010 and Full Operating Capability (FOC) was achieved Oct. 31, 2010. The command is located at Fort Meade, Md.USCYBERCOM is a United States armed forces sub-unified command subordinate to United States Strategic Command. USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.
In the last 4 years alone there have been 100’s of high profile data breaches that were newsworthy. This is a list of some of the breaches that were most notable from 2009 to 2012CitiGroupHeartland Payment SystemsYahoo!NASAState of TexasState of TennesseeThe NavyState of North CarolinaState of South CarolinaState of WisconsonState of CaliforniaAnd The State of UtahProper security measures could have prevented these breaches or at the very least they could have minimized the impact and shortened reaction time to responding to the attacks that led to the breach.
ETS works with compliance requirements for FBI – Criminal Justice Information System in conjunction with TLETS (Texas Law Enforcement Telecommunications System)HIPAA – Health Insurance Portability and Accountability Act.PCI-DSS – Payment Card Industry Data Security StandardThe Sarbanes-Oxley Act of 2002.
ETS Partners with the best names in the industry for security, mobility, wireless, 2factor authentication, secure mobile VPN, FIPS 140-2 and CIPA Compliant Firewalls, Penetration Testing and PCI Certified ASV services.
I am excited to announce that as of May 2013 ETS has selected AlertLogice