Securizarea afacerii in momente de criza
April 7th, 2020 Cosmin Vilcu Regional Sr. Sales Manager 0764.433.310
1
Topicuri de discutie • • • •
Schimbarea felului în care facem business Riscuri și amenințări informatice legate de lucrul de acasă Productivitatea angajaților când lucrează de acasă Cum se schimbă IT-ul, cum migram către online, către virtual
Anytime, anywhere business has changed the shape of the IT landscape, forever
THE BUSINESS CHALLENGE ‌
This massively expanding distributed IT reality is creating an unprecedented explosion of exposure points race to digitize pervasive cloud
proliferation of apps, devices
sensors everywhere
borderless organizations
componentized, virtualized
evolving regulations
Organizations are now mobilizing to meet the new business normal
But no one anticipated something like this, accelerating the digital workplace so quickly
Of very large businesses said securing corporate data on mobile devices was their most important mobile security objective.1
AT THE SAME TIME …
The threat landscape introduces new and clever attack tactics
Customer Challenges– Business
“I need to simplify access infrastructure in my hybrid IT environment”
“An on-brand experience is key for my organization”
“I want to move to the cloud securely while reducing costs.”
“I want to provide 24X7 service availability & meet strict SLAs”
IT Director / Decision Maker 9
Customer Challenges– Security “I want to provide secure access to mission critical applications from any device”
“I need to prevent unauthorized access to corporate apps, data and resources”
“I want to control all mobile devices entering my network, whether BYOD or IT-managed”
“I want to provide secure SSO to any application on the network or in the cloud from one URL” IT Admin / User
10
We will cover three areas 1
2
Private Resource Access - VPN Basic Advice - Resources on prem or in the cloud
4
3
Client Security & Integrity
Cloud Access Security
What to consider for the end point
How to secure cloud access
General Security Advice 11
1 - Private Resource Access (VPN) Classic VPN to HQ Still relevant, but being replaced by Saas/Public Cloud
SaaS
Classic VPN to HQ and Cloud infrastructure Another deployment model where VPN is necessary
(Box, SFDC, RingCentral, etc.) VPN VPN
VPN
VPN
HQ
12
The Rush to Allow Work From Home (WFH)
Most Basic Advice DO NOT open RDP Directly
Challenges
• ALL Employees WFH at the same time
CAPACITY
20% Mobile => 100% Mobile
3389 Direct RDP
• Must implement immediately – THIS WEEK • Maintain data security • Uncontrolled Endpoint devices • Uncontrolled Network
SPEED
SECURITY REQUIRE 2 Factor Auth.
Sysadmin Forums – 3/17/2020
VPN - Some IMMEDIATE challenges that you are facing This week, I must allow my employees to … Access their desktop via Remote Desktop Access file shares (Open/Wide) Access file shares (Secure/Restricted) Access internal applications
RDP via HTML5 (100% CLIENTLESS) Or RDP via Tunnel SSL VPN or IPSec Tunnel
File Share Application (With ATP protection)
Tunnel or Virtual Office Proxy
14
Why use Virtual Office Applications?
Choice – what’s better? • Give full access to the network? • Give access just to the computer/ application/file that a user requires?
15
2 - Client Security & Integrity 
 Home Networks are (mostly) horribly insecure
16
Client Security – Some IMMEDIATE basic hygene Things to consider now that every home network is an extension of IT Protect against malware Protect against phishing & Business Email Compromise Protect from the home network (Isolate the user) Protect the corporate network
Updated NG-AV Updated OS Updated Browsers Email & Cloud Security Protection 2FA! MFA! 2FA! MFA! Mandatory! Preach additional vigilance Client Based URL Filtering Always On VPN (Tunnel All) Access Point “Island” Device Health Check before granting access (AV? Patch? Bad Applications?) 17
Did you say “Access Point Island”? • Provide “As-If-I’m-In-The-Office” experience — at home • And separate from DIRTY DIRTY home networks
• Access Point with Zero Touch configuration and Cloud Management = Corp Wi-Fi @ Home • Good for isolating high value targets from the home network (Legal, HR, Exec, M&A) Office
Home
Cloud Managed AP
SSL Tunnel “Home Wifi”
“Corp-Wifi”
“Corp-Wifi”
Cloud Access Security (Without Multi-Factor Authentication) Real Example - March 24, 20202 Theis our credentials of your least security conscious person are Bill Conner CEO the gateway to your data.
19
Threats that users face with direct cloud access
Email #1 Threat Vector
Credential Compromise >2 billion email
Phishing Schemes
Malware
Social Engineering
Data Leak
32% of breaches involves phishing
94% of malware delivered through email
ATO attacks tripled in 2017, resulting in $5B in losses
45% of global organizations store sensitive data in SaaS
Unknown Malware
Business Email Compromise
addresses and passwords exposed Advanced - Spam
Credential stuffing
Spear-Phishing
Malicious URL
Impersonation
Targeted Phishing
Malicious Attachments
Ransomware Zero Day Attacks Keyloggers
Account Takeover Attack Over $100K/incident
Shared Sensitive Data Stolen Sensitive Data No ability to audit or control
BOUNDLESS CYBERSECURITY
Network Security Appliances Cloud/SaaS
Endpoints IoT
Mobile Access
Wi-Fi
BOUNDLESS Non-standard ports Ransomware
Rogue devices Never-beforeseen variants
Phishing Malicious code
Credential compromise
Impersonation
IoT attacks Encrypted threats
Memory threats
Malware Side-channel
Cryptojacking
SonicWall Solutions for Secure Remote Connectivity Virtual Appliance
Physical Appliance
Public Cloud
FIPS 140-2 level 2 : ICSA SSL-TLS certified : Suite B SMA 500v
Up to 250 Users
SMA 8200v
Up to 5000 Users
SMA 100 Series
100-250 Users
SMA 1000 Series
250+ Users
SMA 500v
SMA 8200v
Up to 250 Users
Up to 5000 Users
or
or
Global Load Balancing Global Traffic Optimization (GTO)
Global High Availability Active/Active Cluster DR
Zero-impact failover w/ Global Mesh Network 22
SonicWall Solution – Secure Mobile Access (SMA) Stay 100% operational regardless of what tomorrow's headlines may bring • Grant anywhere, anytime secured access after establishing user and device identity, location and trust • Control full or permissible access to data, resources and apps hosted across on-prem, cloud and hybrid datacenters • Apply multiple access layer security • • • • •
Identity-based, policy enforced access controls Multi-Factor Authentication (MFA) Context-aware device authentication Application level VPN Geolocation policies, Geo IP filter
• Advanced threat protection - Know the unknown • Choice of physical, virtual or cloud deployment • AWS, Azure, ESXi and Hyper-V
23
SMA: Time-based, One-Time Password (TOTP) Google Authenticator
Benefits: • Improve security with 2FA • Low cost implementation
Microsoft Authenticator
• Seamless user experience
Duo Mobile
IDP Support
24
SonicWall Solution – Cloud App Security Protect email, data and user credentials for Office 365, G Suite and other SaaS apps with API-Based Security
Next-Gen Security for SaaS Apps Anti-phishing Ransomware & Zero day protection Account Takeover Protection DLP & Compliance
SonicWall Cloud App Security
25
26
CC 3.0 Highlights (Q2)
• NGAV Client Protection (Sentinel One) • Capture ATP Integration
• Enhanced Web Content Filtering
• USB Device Control
• Application Risk Management
• URL Filtering
SonicWall Capture Client
• Client Localization
• EDR Capabilities
• Active Directory Groups
•
• Notifications & Alerts Enhancements
Windows/Mac
© Copyright SonicWALL
AND AN UNEXPECTED ACCELERATOR …
The new work reality has arrived: A new business normal where everyone is remote everyone is mobile everyone is less secure
AT THE SAME TIME …
The threat landscape continues to evolve as threats become increasingly evasive file-less | encrypted | phishing | memory I side-channel Never-before-seen attack variants have increased 145% YOY and organizations have no idea of what’s being missed
Cybersecurity Business Gap THE REALITY …
Risk escalates with the explosion of exposure points and remote/mobile workers Cost becomes prohibitive and the shortage of trained personnel becomes more acute Constrained resources can’t keep up
Cost of conventional security
Explosion of exposure points and remote/mobile workers
Security personnel required
CYBERSECURITY BUSINESS GAP
Actual headcount Actual budget
THE KEY QUESTION …
How do I protect my business integrity while mitigating risk? Nearly 100% of my workforce is remote and mobile Everything is connected, open and accessible Breach is inevitable and increasing scrutiny is the rule
THE WAY FORWARD ‌
What’s needed more than ever is a shift to a
Boundless Cybersecurity Model to meet the new business normal and break free from the constraints of the past
THE STRATEGIC IMPERATIVE: SHIFT TO A NEW MODEL …
CONVENTIONAL: CONSTRAINED
MODERN: BOUNDLESS
Office-centric workforce
Dispersed, remote/mobile employees
Threat roulette
to
Always on, learning and catching
Blind spots, seams
Know the unknown
Detection latency
Real-time prevention
Budget-buster
Economics that scale
Human intensive
Automation and machine learning
THE PLATFORM REQUIREMENTS … ANYWHERE, EVERYWHERE security goes wherever users, devices, data work
KNOW THE UNKNOWN real-time identification of unknown, evasive threats; block until verdict
SEAMLESS COVERAGE multi-layer approach protects exposure points and attack surfaces
UNIFIED VIEW risk prioritization and control across org and multi-IT generations
BOUNDLESS Cybersecurity DISRUPTIVE ECONOMICS scalable total cost of ownership
INTELLIGENT AUTOMATION reduces human intervention, easy to use, reduce false positives
ADAPTS CONTINUOUSLY business needs drive dynamic preventive security posture
THE ANSWER …
Boundless Cybersecurity for the Hyper-Distributed Era
Why forward-thinking organizations choose SonicWall … OUR DIFFERENTIATORS
BOUNDLESS CYBERSECURITY KNOW THE UNKNOWN
(CAPTURE ATP, RTDMI, TI, SMA, ZT)
UNIFIED VISIBILITY AND CONTROL
(CAPTURE SECURITY CENTER)
DISRUPTIVE ECONOMICS
(MIX AND MATCH ARCHITECTURE)
KNOW THE UNKNOWN 1.1M+ active sensors around the globe
140K+
Detect evasive and cutting-edge threats, wherever they are. •
Verify unknown users: identify, authenticate and safeguard known and unknown remote users and employees
•
Seamless coverage: protect against threats across all attack surfaces (network, cloud, email, remote/mobile, endpoints, apps) with a unified, multi-layer approach
•
Rooted in universal intelligence: our unmatched layered threat network continuously collects data across 215 countries and territories, applies deep learning to detect and act rapidly against emerging malware
•
Capture and identify in real time: continuously isolate and analyze never-before-seen and potentially malicious files with our multi-engine Capture Advanced Threat Protection (ATP) sandbox; block until verdict (80% resolved in <2 seconds)
•
Catch what others don’t: patent-pending Real-Time Deep Memory InspectionTM (RTDMI) leverages AI and ML to detect the most evasive threats, protect in real time
28M malware attacks blocked daily
<24
hr
malware samples collected daily
response time to never-before-seen attacks
440K
154K
new attack variants ID’d by Capture ATP (2019)
never-before-seen attack variants ID’d by RTDMI (2019)
See everything, everywhere
UNIFIED VISIBILITY & CONTROL
• No blind spots: connect and secure a boundless workforce across all environments • Eliminate silos: single pane of glass for unified point of control across entire platform, every attack surface, and multi-generations of IT (on prem, cloud, endpoints), around the clock • Real-time threat awareness: see threat vulnerabilities in the landscape as they happen, know what they are and what they are trying to break through • Understand your risk: minimize exposure with personalized risk meters, prioritize actions according to risk profile • Act fast on what matters: accelerate response times and shape your strategy with actionable analytics and reporting
Scale your total cost of ownership
DISRUPTIVE ECONOMICS Best-in-Class
TCO
• Built-in efficiencies across the journey: order of magnitude less cost to acquire, deploy, configure, maintain, manage in the new normal • One platform, many environments: architected to secure today’s massively distributed IT reality, including on premises, private and public cloud, as well as rapidly expanding remote/mobile workforce • Compounding benefit: purpose-built architecture maps the right capabilities to specific needs; the bigger and more segmented your network, the more you save • Bridge cyberskills gap: reduce need for human intervention with real-time automation, zero-touch deployment, visual dashboard • Budget-friendly business continuity: achieve high availability without paying for what you rarely use
REACH OUT TO US WEâ&#x20AC;&#x2122;RE HERE TO HELP Q&A
39