#MicroFocusCyberSummit Securing Your Devices and Data with ZENworks - - PowerPoint PPT Presentation

microfocuscybersummit
SMART_READER_LITE
LIVE PREVIEW

#MicroFocusCyberSummit Securing Your Devices and Data with ZENworks - - PowerPoint PPT Presentation

Apr 10, 2024 553 likes •798 views

#MicroFocusCyberSummit Securing Your Devices and Data with ZENworks Darrin VandenBos Jason Blackett #MicroFocusCyberSummit Agenda Security threats in todays world How do you protect your endpoints? Key takeaways 3 Security Threats in

slide-1
SLIDE 1

#MicroFocusCyberSummit

slide-2
SLIDE 2

#MicroFocusCyberSummit

Securing Your Devices and Data with ZENworks

Darrin VandenBos Jason Blackett

slide-3
SLIDE 3

Security threats in today’s world How do you protect your endpoints? Key takeaways

Agenda

3

slide-4
SLIDE 4

Security Threats in Today’s World

slide-5
SLIDE 5

Malware Attacks on the Rise

Ransomware, viruses, worms, coinminer attacks, and more

Just a few of the more notable attacks

More to come?

Worms—self-spreading malware— enjoyed their heyday around the turn of the century…Until May 2017, it seemed unlikely that another threat could cause global disruption in the same way. That all changed with the arrival of WannaCry and Petya/NotPetya… Although the vulnerability had been patched several months previously, there was enough unpatched computers online for both threats to cause serious disruption. Attackers will no doubt have noticed how effective both threats were…It’s likely we’ll see an increase in threats self-propagating using these techniques.

Symantec Internet Security Threat Report March 2018, Volume 23, Page 85

slide-6
SLIDE 6

Software Patches Increasing in Number and Frequency

Approximate number of patches released in 2017*

* Released into ZENworks Patch Management

2600

Microsoft

2000

SUSE

50

Google

50

Apple

70

Mozilla

120

Adobe

1500

Red Hat

30

Oracle

slide-7
SLIDE 7

Diverse Platforms, Operating Systems, and Applications

slide-8
SLIDE 8

Increasing Numbers of Laptops and Mobile Devices

…on the move

It can happen to anyone

March 16, 2017 - A laptop belonging to a Secret Service agent was stolen on Thursday reportedly exposing details about Donald Trump, the Trump Tower, and an investigation into Hillary Clinton’s emails, according to ABC News. The laptop was stolen from a female agent’s vehicle in New York City during a break-in.

Kari Paul, The Secret Service’s stolen laptop is a reminder to us all to secure devices March 2017

…carrying sensitive data

Kensington IT Security & Laptop Theft report July 2016

  • One laptop is stolen every 53

seconds

  • 80 percent of the cost of a lost

laptop is from data breach

  • 70 million smartphones are

lost each year, with only 7 percent recovered

  • 4.3 percent of company-issued

smartphones are lost or stolen every year

slide-9
SLIDE 9

Employees Doing Their Jobs

  • Running unauthorized or vulnerable applications
  • Connecting to unsecure networks
  • Accessing sensitive data from hotspots
  • Transferring sensitive data via non-encrypted

removable drives

  • Shutting down security-related applications that are

“interfering” with their work

  • Performing personal and work tasks on the

same device

9

2017 Top 5 Threats to IT Security

  • 1. End Users
  • 2. Lack of Security Patching
  • 3. Lack of Security Software

and Hardware

  • 4. Inadequate Backup and

Planning

  • 5. Stagnate IT Staff

Shawn Pate, Senior Technical Advisor WorkSmart (worksmart.com)

slide-10
SLIDE 10

Shrinking IT Staff and Budgets

2017 Top 5 Threats to IT Security

  • 1. End Users
  • 2. Lack of Security Patching
  • 3. Lack of Security Software

and Hardware

  • 4. Inadequate Backup and

Planning

  • 5. Stagnate IT Staff

Shawn Pate, Senior Technical Advisor WorkSmart (worksmart.com)

slide-11
SLIDE 11

How do you protect your endpoints?

slide-12
SLIDE 12

Securing the Network Perimeter

…is not enough

12

Exposure Risk

Every endpoint device, whether internal or external to your network security perimeter, opens a window to your

  • rganization’s data and

resources

Security Information and Event Management (SIEM)

slide-13
SLIDE 13

Securing Endpoints Requires Multiple Layers of Protection

Software Patching Mailbox Protection User Education Personal Firewall Antimalware/Antivirus Data Backup Data Encryption Wi-Fi and VPN Software Application Control

slide-14
SLIDE 14
  • iOS and Android
  • Patching of OS via native

mechanisms

  • Patching of applications via

ZENworks application deployment

Start with Patching

14

  • Windows, Linux, and Mac
  • Servers and workstations
  • OS vendor applications and

third-party vendor applications

  • Rules-based policies for

automating patch deployment

  • Staged patch rollout via

automated testing-to- production process

  • Scheduled patch deployment
  • Dashboards and reports for

showing device compliance

Patch Management Configuration Management

ZENworks Patch Management ZENworks Configuration Management

Expert Advice

“Patch frequently. Patch everything.”

MATTHEW PASCUCCI, Cyber Security Specialist & Privacy Advocate at Front Line Sentinel

“Install security updates as early and as often as possible, and try to avoid using any software that is no longer supported and no longer receives security updates.”

BRIAN DONOHUE, Technology Journalist Covering Network Security @ Cyber4Sight

slide-15
SLIDE 15

15

Encrypt Endpoint Data

  • Windows
  • UEFI/GPT and BIOS/MBR
  • Encryption of whole disk or

disk partitions

  • Optional pre-boot

authentication via a secured Linux kernel

  • Help for PBA password

recovery

  • Emergency recovery disk for

unbootable devices

  • Windows
  • Encrypt any drives that

enumerate as removable drives

  • Utilizes BitLocker encryption

Full Disk Encryption

ZENworks Endpoint Security Management

Endpoint Security

ZENworks Full Disk Encryption

Configuration Management

  • iOS and Android
  • Dependent on MDM

capabilities of device

ZENworks Configuration Management

Expert Advice

“Encryption works best if it is ubiquitous and automatic. It should be enabled for everything by default, not a feature you only turn on when you’re doing something you consider worth protecting.”

BRUCE SCHNEIER, American cryptographer and privacy specialist

slide-16
SLIDE 16

Separate Work Life from Personal Life

16

  • iOS and Android
  • Isolate sensitive company data

from personal data

  • Encrypt data with dedicated,

banking-grade encryption

  • Require two-factor

authentication for access to workspace

  • Wipe the company workspace

if a device is lost or an employee leaves

Control the company workspace on mobile devices

ZENworks Mobile Workspace

  • Restrict access to the workspace

if the mobile device does not meet requirements

  • Allow access to company

documents, email, and calendar

  • Separate work contacts from

personal contacts

Expert Advice

“Smartphones and other portable devices are among the easiest attack vectors for hackers… We need to emphasize that these devices hold the key to our lives – both corporate and individual. Because they are always close to us, in our pockets, users experience a false perception of security.”

ONDREJ KREHEL, CEO & Founder, LIFARS

slide-17
SLIDE 17

Protect Employees from Themselves

17

  • Windows
  • Location aware
  • Control application execution
  • Secure wireless access
  • Enforce VPN usage
  • Control USB connectivity
  • Restrict communication

hardware

  • Enforce firewalls
  • Control storage device access
  • Extend location awareness and

security to 3rd party software via scripting

  • iOS and Android
  • Enforce passwords, inactivity

timeouts, and device wipes

  • Control access to features

such as cameras, games, application installation, and account settings

  • Much, much more…

ZENworks Endpoint Security Management ZENworks Configuration Management

Endpoint Security Configuration Management

Expert Advice

“People often represent the weakest link in the security chain and are chronically responsible for the failure of security systems.”

BRUCE SCHNEIER, Secrets and Lies

“Security is always excessive until it's not enough.”

ROBBIE SINCLAIR, Head of Security, Country Energy, NSW Australia

slide-18
SLIDE 18

Takeaways

slide-19
SLIDE 19

Malware attacks or network attacks Lost or stolen laptops or mobile devices Transferring sensitive data via non- encrypted removable data drives (RDD) Running unauthorized or vulnerable applications Connecting to unsecure networks or accessing sensitive data from hotspots Performing personal and work tasks on the same device

19

Mitigating Threats with ZENworks

Security Threat Mitigation Method ZENworks Solution

Patch, quarantine, personal firewall Encryption RDD controls and encryption Application controls Wireless and VPN controls Mobile device management

Endpoint Security Management Patch Management Full Disk Encryption Configuration Management Endpoint Security Management Mobile Workspace Endpoint Security Management Endpoint Security Management Endpoint Security Management Configuration Management Configuration Management

slide-20
SLIDE 20

20

Micro Focus ZENworks

Secure Unified Endpoint Management

Configuration Management Desktop Containers Asset Management Patch Management Disk Encryption Endpoint Security Mobile Workspace

Any Device

IT Service Management Reporting Service

Any Device User Centric

slide-21
SLIDE 21

21

Want to learn more?

Drop by the Demo Lab Come to the ZENworks hands-on workshop Thursday at 1:30

slide-22
SLIDE 22

Thank You.

#MicroFocusCyberSummit

slide-23
SLIDE 23

#MicroFocusCyberSummit