data consult - managed security services

Services DescriptionAugust 2014

AGENDA

● Cloud:○ Own v/s Lease○ Decentralization of IT

● Security:○ Threats○ Impact and Urgency○ Cost of Breach○ Log Monitoring

● Solution○ Overview○ Architecture○ Packages

● Backup Slides

© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

Cloud : Own versus Lease

● Own the asset: you can modify it as you please

● You can sell it whenever you want

● More economical on the long run

● High Investment - Depreciation

● Lower down payment● Lower monthly payments● Lower maintenance costs● Ability to modify the

offering at any time● Ability to change asset

every year or two

● Faster time to install● No need for in-house

expertise● No rent space● Increase or decrease

capacity at will


Cloud Services

Decrease budget and avoid vendor lock-in

Save on technology upgrades and maintenance

Lower footprint on your network

Ensure compliance to regulatory mandates.

Deploy faster and easier

Gartner defines cloud computing as “...a style of computing in which scalable and elastic IT-enabled capabilities are delivered as a service using Internet technologies.”


Cloud: The Decentralization of IT

Hardware

On-Premises

OS

Network

Database

Tools

Application

Data

Users

Hardware

IaaS

OS

Network

Database

Tools

Application

Data

Users

Hardware

PaaS

OS

Network

Database

Tools

Application

Data

Users

Hardware

SaaS

OS

Network

Database

Tools

Application

Data

Users

SECURITY


Network Security: Malware, Vulnerabilities, Theft

Trojan Horse

File infection

Spam email

zero-day attacks

Software vulnerabilities

OS vulnerabilities

Identify theft

Mobile Loss

Phishing


Impact and Urgency

112

3 2

4 3 2

1

Business Process affected.

Workaround available.

Business Process stopped. Can bare

minimal delay. Very hard workaround

Business Process stopped. No work

around

Urgency

Impact

Any system minor degradation non-business critical.

<50% of users impacted

Any system degraded or partially

unavailable. >50% of users impacted

Any system unavailable.

100% of users impacted


Cost of Breach

IBM Data Breach Statistics 2014


Logs

ODBC

WMI

SDEE

CPMI

SNMP

syslognetflow

ssh

native FIM

Registry Monitor

custom XML-based

log /lôg läg/ - noun"a record of performance, events, or day-to-day activities"synonyms: record, register, logbook, journal, diary, chronicle, daybook, record book, ledger;

RDEP Forensics

Network Behaviour Analysis

Performance Monitoring

Asset Analytics

Configuration Management

Vulnerability Scanner

Log Management

One Solution

SOLUTIONSIEM as a Service


Solution Overview

MSS is a Unified Security Management service that combines multiple security functions in a single console:

● SIEM (security incident and event management)

● Secure Configuration Auditing

● Compliance Automation

● Contextual Forensic Analysis

Network state and event data is collected continuously. The system deploys alert correlations schemes to identify suspicious activity that can develop into threats affecting your business.

Network data collected is compressed and encrypted to avoid network congestion and ensure maximum security of your data.

‘... customers need to examine security event data in real time for internal and external threat management, and to collect, store, analyze and report on log data for incident response, forensics, and regulatory compliance…’


Solution Architecture


Key Components● Full SIEM deployment with real-time security monitoring,

historical analysis and event correlation

● 24x7 security and configuration device monitoring:

IPS/Firewall/VPN/Servers/Virtual Environments; up to 160

different node types

● Customized web-portal dashboard to provide real-time

reports and statistics

● Dedicated engineering consultants to support with forensic

investigation and remediation

● Compliance and security risk reviews: PCI DSS, HIPAA,

ISO27001/27002, COBIT, NIST800-53…

● Consulting Services - Security Posture Analysis and

Recommendation

● Full Engineering and Management Services

‘...the technology provides real-time security monitoring, historical analysis, and other support for incident investigation and compliance reporting...’


Dashboards Online Demo:


MSS Summary

Low monthly subscription fees

Leverage on DataConsult’s expertise in security

Scale very easily

Ensure compliance to regulatory mandates.

Get Security Monitoring installed in minutes


PackagesMSS MSS1

(Reporting)MSS2

(Premium)MSSe

(Consulting)MSSe+

(Managed)

Log Collection X X X X

Event Reporting X X X X

Asset and Performance Monitoring X X X X

Daily Security Status Reports X X X X

Forensic Investigations X X X

Configuration and Asset Management X X X

Event Correlation X X X

Network Behaviour Analysis X X X

24x7 Live Alert Monitoring & Notification X X X

Monthly Health Reports X X X

Compliance Automation X X

Security Posture Analysis and Recommendation X X

Remediation and Control X

Full Engineering and Device Management X

Thank You

BACKUP SLIDES

Screen Shots


Critical Event per Hour


Denied Connections per Hour


Alert Configuration


Destination Blocking


Destination Protocol


User by Protocol

BACKUP SLIDES

References


MALicious softWARE

Cisco Annual Security Report 2014


Vulnerabilities

Kaspersky Security Bulletin 2014


Mobile Device Theft

Sophos Security Threat Report 2014

data consult - managed security services

Technology

written permission

security posture

time security

historical

rights reserved

regulatory

copyright

copyright