data consult - managed security services

Services DescriptionAugust 2014

AGENDA

● Cloud:○ Own v/s Lease○ Decentralization of IT

● Security:○ Threats○ Impact and Urgency○ Cost of Breach○ Log Monitoring

● Solution○ Overview○ Architecture○ Packages

● Backup Slides

CLOUD

© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

Cloud : Own versus Lease

● Own the asset: you can modify it as you please

● You can sell it whenever you want

● More economical on the long run

● High Investment - Depreciation

● Lower down payment● Lower monthly payments● Lower maintenance costs● Ability to modify the

offering at any time● Ability to change asset

every year or two

● Faster time to install● No need for in-house

expertise● No rent space● Increase or decrease

capacity at will

© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

Cloud Services

Decrease budget and avoid vendor lock-in

Save on technology upgrades and maintenance

Lower footprint on your network

Ensure compliance to regulatory mandates.

Deploy faster and easier

Gartner defines cloud computing as “...a style of computing in which scalable and elastic IT-enabled capabilities are delivered as a service using Internet technologies.”

© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

Cloud: The Decentralization of IT

Hardware

On-Premises

OS

Network

Database

Tools

Application

Data

Users

Hardware

IaaS

OS

Network

Database

Tools

Application

Data

Users

Hardware

PaaS

OS

Network

Database

Tools

Application

Data

Users

Hardware

SaaS

OS

Network

Database

Tools

Application

Data

Users

SECURITY

© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

Network Security: Malware, Vulnerabilities, Theft

Trojan Horse

File infection

Spam email

zero-day attacks

Software vulnerabilities

OS vulnerabilities

Identify theft

Mobile Loss

Phishing

© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

Impact and Urgency

112

3 2

4 3 2

1

Business Process affected.

Workaround available.

Business Process stopped. Can bare

minimal delay. Very hard workaround

Business Process stopped. No work

around

Urgency

Impact

Any system minor degradation non-business critical.

<50% of users impacted

Any system degraded or partially

unavailable. >50% of users impacted

Any system unavailable.

100% of users impacted

© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

Cost of Breach

IBM Data Breach Statistics 2014

© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

Logs

ODBC

WMI

SDEE

CPMI

SNMP

syslognetflow

ssh

native FIM

Registry Monitor

custom XML-based

log /lôg läg/ - noun"a record of performance, events, or day-to-day activities"synonyms: record, register, logbook, journal, diary, chronicle, daybook, record book, ledger;

RDEP Forensics

Network Behaviour Analysis

Performance Monitoring

Asset Analytics

Configuration Management

Vulnerability Scanner

Log Management

One Solution

SOLUTIONSIEM as a Service

© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

Solution Overview

MSS is a Unified Security Management service that combines multiple security functions in a single console:

● SIEM (security incident and event management)

● Secure Configuration Auditing

● Compliance Automation

● Contextual Forensic Analysis

Network state and event data is collected continuously. The system deploys alert correlations schemes to identify suspicious activity that can develop into threats affecting your business.

Network data collected is compressed and encrypted to avoid network congestion and ensure maximum security of your data.

‘... customers need to examine security event data in real time for internal and external threat management, and to collect, store, analyze and report on log data for incident response, forensics, and regulatory compliance…’

© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

Solution Architecture

© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

Key Components● Full SIEM deployment with real-time security monitoring,

historical analysis and event correlation

● 24x7 security and configuration device monitoring:

IPS/Firewall/VPN/Servers/Virtual Environments; up to 160

different node types

● Customized web-portal dashboard to provide real-time

reports and statistics

● Dedicated engineering consultants to support with forensic

investigation and remediation

● Compliance and security risk reviews: PCI DSS, HIPAA,

ISO27001/27002, COBIT, NIST800-53…

● Consulting Services - Security Posture Analysis and

Recommendation

● Full Engineering and Management Services

‘...the technology provides real-time security monitoring, historical analysis, and other support for incident investigation and compliance reporting...’

© Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

Dashboards Online Demo:

© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

MSS Summary

Low monthly subscription fees

Leverage on DataConsult’s expertise in security

Scale very easily

Ensure compliance to regulatory mandates.

Get Security Monitoring installed in minutes

© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

PackagesMSS MSS1

(Reporting)MSS2

(Premium)MSSe

(Consulting)MSSe+

(Managed)

Log Collection X X X X

Event Reporting X X X X

Asset and Performance Monitoring X X X X

Daily Security Status Reports X X X X

Forensic Investigations X X X

Configuration and Asset Management X X X

Event Correlation X X X

Network Behaviour Analysis X X X

24x7 Live Alert Monitoring & Notification X X X

Monthly Health Reports X X X

Compliance Automation X X

Security Posture Analysis and Recommendation X X

Remediation and Control X

Full Engineering and Device Management X

Thank You

BACKUP SLIDES

Screen Shots

© Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

Critical Event per Hour

© Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

Denied Connections per Hour

© Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

Alert Configuration

© Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

Destination Blocking

© Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

Destination Protocol

© Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

User by Protocol

BACKUP SLIDES

References

© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

MALicious softWARE

Cisco Annual Security Report 2014

© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

Vulnerabilities

Kaspersky Security Bulletin 2014

© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

Mobile Device Theft

Sophos Security Threat Report 2014