keynote 7, steven ringelberg, vanguard
TRANSCRIPT
![Page 1: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/1.jpg)
Best Practices for Securing Privileged
Accounts Steven Ringelberg
Chief Operating Officer
go2vanguard.com
![Page 2: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/2.jpg)
About Vanguard
Founded: 1986
Business: Cybersecurity experts for large enterprises
Provide software, professional services, and training
Customers: 1,000+ worldwide
More than 20 distributors and resellers serving 50+ countries worldwide
![Page 3: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/3.jpg)
Data Breaches
• Number of breaches and
outside attacks increasing
• Continuing insider problem
- malicious or by accident
![Page 4: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/4.jpg)
“Passing Audits” is no solution.
Target Corporation: One of the Largest
Retailers in the United States
“Target was certified as meeting the standard
for payment card industry (PCI DSS) in
September 2013. Nonetheless, we suffered a
data breach…”
now ex-chairman, ex-president, and ex-CEO of Target
Corporation, Gregg Steinhafel (http://buswk.co/1lT9j0X)
![Page 5: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/5.jpg)
Data Breaches - US
• Ebay
• Target
• Home Depot
• Sony
• Anthem Health Insurance
![Page 6: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/6.jpg)
Data Breaches
Logica and Nordea Bank:
Mainframes Breached April 2013
![Page 7: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/7.jpg)
Sophisticated Criminal Enterprises
Hacktivists/Terrorists
Governments
Who is attacking you?
![Page 8: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/8.jpg)
Data Breaches: The Fundamental
Step.
Mandiant: 2014 Data Breach Report 100% of breaches examined included an exploitation of a user id and password that was compromised.
![Page 9: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/9.jpg)
What is our goal?
Perfect Security?
Better Security?
Good Enough Security?
Security
![Page 10: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/10.jpg)
Best Practices
1. Least Privileged Access. 2. “Lock out” privileged users. 3. Multi-Factor Authentication 4. Active Real Time Alerts.
![Page 11: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/11.jpg)
Least Privileged Access.
If you do not need access you do not get access. Basic Issues:
a. Enterprises have to know who has access to what resources.
b. Regular Review and “re-certification.
![Page 12: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/12.jpg)
Lock Out Privileged Users.
Everyone with high degree of privilege (sysprogs, security administrators, etc.) is like a locksmith: they can make a key to unlock any door/access any resource. Basic Step: Implement an automated tool to prevent privileged users from making their own key/granting themselves access.
![Page 13: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/13.jpg)
– Multifactor Authentication: a method of
requiring factors from three categories
• Knowledge Factors
• Possession Factors
• Inherence Factors
Multifactor Authentication
![Page 14: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/14.jpg)
• Two-Factor Authentication
• Two-Step Verification
• Strong Authentication
Multifactor Authentication
![Page 15: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/15.jpg)
• Knowledge Factors
- Password
- PIN number
- Mother’s maiden name
- Favorite potato chip
Multifactor Authentication
![Page 16: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/16.jpg)
• Disconnected (RSA, ActivID, etc.) - Sequence-based tokens – singular button, multiple
depresses
- Time-based tokens – change every ‘x’ seconds typically
• Mobile phones – soft token or SMS one-time password
• Connected – Magnetic strip – ATM card, etc.
– Contacts – Smartcard, EMV credit cards,
– USB – zPDT key, RSA SecureID800,
– Wireless – RFID, Bluetooth, Proximity
– Other – Audio Port, iButtons, etc,
Possession Factors
![Page 17: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/17.jpg)
• Fingerprint
• Hand topography
• Eye (iris)
Inherence Factors
![Page 18: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/18.jpg)
When a critical or sensitive resource is
accessed, an automated message should
be sent to one or more people so they can
investigate and approve or remediate.
Active Alerts
![Page 19: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/19.jpg)
What is our goal?
Perfect Security?
Better Security?
Good Enough Security?
Exposure Issues
![Page 20: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/20.jpg)
Vanguard
Least Privileged • Vanguard Administrator • Vanguard Analyzer
Lock Out • Vanguard Configuration Manager.
• Vanguard Policy Manager.
Multi Factor • Physical tokens • Smartcards aka PIV or CAC cards • Software-based virtual tokens
Alerts • Vanguard Active Alerts • Vanguard Enforcer Vanguard Advisor
![Page 21: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/21.jpg)
![Page 22: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/22.jpg)
Questions?
35
![Page 23: Keynote 7, steven ringelberg, vanguard](https://reader031.vdocuments.site/reader031/viewer/2022012406/55cea883bb61eb13138b469e/html5/thumbnails/23.jpg)
For More Information: Call 800-794-0014
or Email [email protected]
Grazie
Japanese
Thank You English
Merci French
Russian
Danke German
Italian
Gracias Spanish
Obrigado Brazilian Portuguese
Arabic
Simplified Chinese
Traditional Chinese Hindi
Thai
Korean