1 / 17

Three Tier Approach to Security

Three Tier Approach to Security. Chuck Dettlaff Engineer, Salesmen, Scoutmaster  Jan 29, 2009. Why do we care about security?. Jan 2007 - TJ Maxx, wireless breach Sept 2008 – Country Wide employee theft Jan 2009 - Heartland Payment Systems, database hack.

ash
Download Presentation

Three Tier Approach to Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Three Tier Approach to Security Chuck Dettlaff Engineer, Salesmen, Scoutmaster  Jan 29, 2009

  2. Why do we care about security? Jan 2007 - TJ Maxx, wireless breach Sept 2008 – Country Wide employee theft Jan 2009 - Heartland Payment Systems, database hack

  3. Who should care about security in an IT environment? IT Staff CEO, CFO Janitor Everyone!

  4. A Three Tiered Approach Edge (Network) Server (Application) Desktop (User)

  5. What do I gain? Known (Base-line) behavior Control and Insight Ease of trouble shooting

  6. What is the cost of being Proactive vs. Reactive? A 36 hour outage results in $1million loss for a $5 million dollar company Lost Opportunity Costs Loss Of Reputation Upset customers & staff A complete security overhaul costs less than $150,000

  7. Edge (Network) IDS/IPS Firewall Access Control List Radius Server

  8. What am I looking for? Equipment - Easy to mange, full application support Training – SANS, Manufacturer, Cyber Security Class Forensics – source IP address large data transfers black list slow network

  9. Server (Application) Access Control List Default db password Unload unnecessary modules Stop unused services

  10. What am I looking for? Equipment - You and OS Maker Training – Microsoft or Linux, Black Hat Forensics – foreign service slow CPU trusted.org

  11. Desktop (User) Personal Firewall Antivirus Backups

  12. What am I looking for? Equipment - McAfee, Symantec, Trend ANYONE! Training – Internet news groups Forensics – slow response lots of windows open magically weird services running Applications will not start

  13. Careers in The Security Security Analyst Network Manager System Admin Desktop Jockey Stress & Salary

  14. Careers in The Security OSBI, OBN Larger State Agencies Equipment Manufacturer Commercial Enterprises

  15. Careers in The Security

  16. Where do I get Training? Computer Forensics, Investigation, and Response Monday, January 26, 2009 - Saturday, January 31, 2009 NSF awards Oklahoma $3 million cyber security grant

  17. Thank you! Let’s Eat Pizza! Chuck.Dettlaff@peakuptime.com

More Related