Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

Presentation

advertisement 
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
ISC Meeting
October 23, 2015
Technical Session
Information Security Office
infosecurity@utdallas.edu
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
CISO Update
Presented by Nate Howe
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
3
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
4
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
5
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
NetIDplus Update
Presented by Brian McElroy
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
How do I sign-up for NetIDplus
• Log-in to the NetID account portal and select the
NetIDplus link
7
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
NetIDplus Login Options
• Duo mobile application on your phone
or tablet
• SMS text message
• Voice call to your mobile or landline
phone
• Hardware token that generates a
one-time code
8
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Where is NetIDplus used?
• Direct Deposit within PeopleSoft Galaxy
• VPN Remote Access – Cisco AnyConnect
• SSH Remote Access – moat, pubssh
9
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Where are we at?
• Over 1500 users enrolled since mid-August
• Over 1600 devices enrolled
– 1520 Phones
– 133 Hardware tokens
10
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Where are we at?
• PeopleSoft Direct Deposit Changes
– 90 Unique users
• SSH Remote Access
– 42 Unique users out of approx. 300
• Cisco VPN
– 1,080 Unique users out of approx. 3,300
11
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Cisco VPN
• Cisco is replacing the aging Juniper VPN
• Juniper scheduled to be shut off
by IR on October 31st
• In the last 2 weeks, 1,400 users logged in to Juniper
• Directions for installing Cisco VPN client:
http://www.utdallas.edu/ir/vpn
12
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Adding NetIDplus To Your Own Applications
• Integrations available for:
– Windows Remote Desktop
– Web API – Easy to use libraries available for PHP,
Java, Python, ASP.NET
– LDAP & RADIUS
– Linux SSH/PAM
13
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Questions?
14
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Mac Encryption
Presented by Jeff Reynolds
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
ISCrypt
OS X Encryption made simple
16
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
So, what are we talking
about here … ?
• A system derived from Crypt, an open
source project
• Uses native FileVault2 Encryption
• Escrows FV2 recovery keys to a central
server, and provides simple reporting
17
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Basically, we’re trying to
get rid of SecureDoc.
18
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
What we want to offer:
• A simple system to perform two simple tasks ⎯ store
encryption keys and report encryption status
• Client and Server interfaces which allow techs to encrypt
machines and retrieve keys with minimal training
• Compatibility with new OS X releases as soon as they are
available, without having to wait for third party software
updates
19
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
The ISCrypt Server
20
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
The ISCrypt Server
21
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
The ISCrypt Client
22
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
ISCrypt is still in beta
We are looking for early adopters to
help explore how this system can
meet your needs.
23
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Current Limitations
(Nothing is perfect, but we’re always trying to get closer)
• Potential client issues with 10.9 and below, more
testing needed to confirm
• Anything you might identify that we didn’t think of
24
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
For documentation on ISCrypt, please see the Security
page at UTD Tech space in Confluence.
https://confluence.utdallas.edu/confluence/x/8BHzAQ
Please e-mail issupport@utdallas.edu for more
information or to inquire about creating an account
with ISCrypt and testing this software in your
department.
25
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Questions?
26
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Microsoft System Center Endpoint Protection
Presented by Andy Cummings
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Background
• Currently using McAfee VirusScan - at an increasing
cost every year.
• The ISO has evaluated a number of potential
replacement products over the last couple of years.
28
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Microsoft Endpoint Protection
• Already included in our Microsoft contract.
• Lightweight – uses the same anti-virus engine that
comes built-in to Windows.
• Anti-virus updates come through the same
mechanism as regular Windows updates.
• Clients available for both Windows and Mac.
29
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Our grateful thanks to:
• Arts & Humanities
• Undergrad Education
• Natural Sciences and
Math
• Research
• Callier Center
• JSOM
• Vital Longevity
• IR TCS
• Enrollment
Management
• Library
• Engineering
• UTD Police
30
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Pilot Group Results
• Piloted since Spring – the 12 adopter groups have
used Microsoft SCEP for several months.
• Feedback has been very positive.
• Improved malware-detection rates
31
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
McAfee vs. Dyre Trojan
32
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Microsoft SCEP vs Dyre Trojan
33
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
McAfee vs. Microsoft SCEP
34
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Me:
35
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Goal
• McAfee contract ends Aug 31 2016
• Dec 31 2015 for deployment to all domain machines via GPO
• Jan 2016 – Aug 2016: for machines that we can't deploy to
automatically (Mac and non-domain machines) – or PCs with
issues
• Currently - 7,100 McAfee vs. 900 MS SCEP installs
36
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
How to Deploy
• Link the GPO to your OU – this installs SCCM and the
SCEP agent will install once machine policy is
downloaded
• (SCCM is the same agent you're already installing on
BitLocker computers)
• Email Andy so we know which OUs are ready
• Andy will do some wizardry
37
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Special Considerations
• McAfee Endpoint Protection for Files and Folders
(EEFF) Users
– Microsoft SCEP will also uninstall EEFF
– Must be manually re-installed
– ISO can provide a list of your installed EEFF clients
• Windows 10
– SCEP manages Windows Defender instead of
installing a separate Endpoint Protection client
38
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
SCCM installed?
39
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
40
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Upcoming Enhancements
• Tech access to the SCCM console
– Verify machine status
– Manage antivirus policy and exclusions for your
endpoints
– Self-service reporting
41
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
What about McAfee Home Edition?
• We are no longer distributing McAfee for student
and personal use
• The NetID website has changed to remove the link to
the secure download website
• It now points to a page describing how to obtain free
antivirus software for your computer
• Existing users may continue to use the software but
no updates after August 2016
42
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Questions?
43
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Secunia CSI
Presented by Chaney Edwards
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Secnia CSI Overview
• Secunia product line designed to reduce third-party vulnerabilities
• Secunia PSI initially rolled out to areas with good success
• Secunia PSI not always a good fit, thus Secunia CSI now in use
• Secunia CSI and WSUS set to be replaced by July 1, 2016 by SCCM
• This will be an instance hosted by TCS, no longer ISO
• Main reason for current push: Get the most issues resolved with the
easiest and least intrusive product while we still can!
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Secunia Product Offerings
Product Name
Minimum Version
Patched Version
Adobe Air
1.0.0.0
18.0.0.180
Adobe Reader
7.0.0.0
11.0.12
Apple QuickeTime
6.0.0.0
7.7.7
Mozilla Firefox
1.0.0.0
38.1.1 ESR
VLC Media Player
0.6.0.0
2.2.1
• Minimum Version
• Patched Version
– The lowest version CSI will detect to update from
– The reulting version CSI will update the product to
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Secunia Statistics
• Rolled out to several departments as a whole
• Over 1,100 agents installed now
• 0 complications reported
EPPS Department Vulnerability Trend
NSM Department Vulnerability Trend
Only ONE Week
with CSI
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Secunia Review
• With no reported issues with vulnerabilties being remediated, we are very
confident in this product
• If there is any product you do not wish to have updated, it can be blocked
on a product-by-product basis
• We are currently making more deployment packages and can build custom
ones for your needs
• Even though it is going away, this is the easiest shot we have at removing
the largest chunk of vulnerabilities and need your support
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Questions?
49
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Nexpose Reporting
Presented by Chaney Edwards
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Nexpose Overview
• A new look and feel! Nexpose 6.0 has launched, please log in and take a
look!
• More reports to choose from:
• Files and Directories
• Newly Discovered Assets
• Custom Reports Available
• Connecting with your areas and your leadership
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Nexpose Report Process
• We’ve been working with areas like Student Affairs to refine the reports we
generate to make more sense
• Reports will be available on a monthly basis
• Reports will be automatically delivered to area leaderships and those they
wish to receive as well
• This is all the same information you have access to now, simply distilled
down from a few reports in particular
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Nexpose Report Content
• From Vulnerability Trends
• How the area is performing against previous month
• From Risk Scorecard
• Overall health information
• From Top 10 Assets by Vulnerabilities
• The 10 machines in that are with the highest vulnerability count
• From Top Remediations
• The 5 most vulnerable applications in that environment
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Nexpose Report Goals
• There are three primary goals with these new reports:
• Engage upper management more with the Information Security Office
• Present information that has been requested of us in the past in a more
clear and concise format
• Better convey the severity of not patching machines in a timely or
consistent manner
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Nexpose Review
• Please check out the new look and feel of Nexpose and let us know what
you think!
• Report delivery to upper management to start with December or January
monthly scans
• We need your help in driving these numbers down, and hope that by
including upper management in this discussion, we get their support as well
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Questions?
56
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Obsolete Operating Systems and MS Office Versions
Presented by Chaney Edwards
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Obsolete Software Overview
• Recently we have had multiple areas ask for custom reports and queries
within Nexpose to find the following:
• Specific Versions of Windows
• Any Version of Windows Older than Windows 7
• Any Office Version older than 2013
• Installations of Office 2007
• This highlights a concern and desire to move these off campus
• The campus needs better groups and reports to assist in this matter
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Obsolete Software Reports
Within the past 90 days we found:
Software Name
Host Count
Office 2003
8
Office 2007
181
Office 2010
1705
Server 2000
20
Server 2003
440
Windows XP
151
Windows 2000
20
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Obsolete Software Summary
• We have to get rid of Windows XP unless it is required
• Older versions of Office are going to start having reduction in feature sets
available with Exchange 2016, so these need to be brought up to minimum
of fully patched Office 2010, preferably 2013 or higher
• Any of these reports and custom queries you can make yourself, but we are
always here to help
• Please let us know if we need to assist in this discussion as to why this is
such an important topic to address
OFFICE OF BUDGET AND FINANCE
Information Security Office
Education – Partnership – Solutions
Questions?
Information Security Office
infosecurity@utdallas.edu
61
Related documents
Forest Service Opportunity
Forest Service Opportunity
Oakland, Coastal Climate Change Adaptation Specialist
Oakland, Coastal Climate Change Adaptation Specialist
End point security
End point security
RSMeans Master Union Composite Cost Database
RSMeans Master Union Composite Cost Database
Dr. R. Preston McAfee
Dr. R. Preston McAfee
Peplink SpeedFusion
Peplink SpeedFusion
Rapid7 Continuous Monitoring Solutions
Rapid7 Continuous Monitoring Solutions
Download
advertisement