1 / 28

10 Steps to Secure Messaging

Explore the importance of secure messaging, risks of insecure communication, policy development, and architectural principles for secure messaging implementation. Learn about innovative technologies, 10 practical steps for secure messaging, and the top reasons to prioritize messaging security. Discover the role of Reavis Consulting Group in providing security advice, the threats faced in messaging, risk management strategies, incident response protocols, and antivirus strategies. Gain insights on encryption services, email security, and spam prevention techniques.

rodneyd
Download Presentation

10 Steps to Secure Messaging

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 10 Steps to Secure Messaging Jim Reavis, President Reavis Consulting Group

  2. Agenda • Risks of insecure messaging • Policy • Architecture • Innovative technologies & trends • 10 Steps Companion site: csoinformer.com/10steps

  3. Top Ten Reasons to Secure Messaging 10. Protect intellectual property sensitive to your corporate mission 9. Avoid “angry” emoticons from your boss  8. Reduce risk of worms running rampant on your network 7. Poor dating prospects at the unemployment line 6. Increase user productivity

  4. Top Ten Reasons to Secure Messaging 5. “Sobig fatigue” not covered by workmen’s comp. 4. Securing communications with partners and customers creates new business opportunities. 3. Saying “ILOVEYOU” to the CEO is usually inappropriate outside of the annual Christmas party. 2. Reduce risk of legal liability. 1. Executive washrooms rock!

  5. About Reavis Consulting Group • Provide research and advisory services regarding best practices and emerging security trends • Clients include Fortune 500 members, gov’t and information security companies • Publish monthly CSOinformer newsletter

  6. Threats • Viruses • Worms • Spam • Insiders/Covert Channels • Idiot users who got their job just because they have the same last name as the CEO E-mail IM Internal Hosts E-mail Server Firewall IM AV Gateway Internet E-mail

  7. Risks • Data loss, theft & leakage • Compromised systems • Downtime/loss of productivity • Out of compliance with regulations • Civil litigation

  8. Risk Management • Topic of the year at CISO/CSO gatherings • Definition: the systematic process of managing an organization's risk exposures to achieve its objectives in a manner consistent with public interest, human safety, environmental factors and the law. • Reduce risk & create opportunities.

  9. Risk Mgt Strategies Avoid Accept Transfer Mitigate Risk Mgt Process Establish Risk Profile Establish Protection Profile Modify PP as RP changes Threat level “Orange” New business venture ROSI Risk Management Risk = Value of the AssetXSeverity of the VulnerabilityXLikelihood of an Attack

  10. Policies • Legal due diligence (e.g. retention laws). • Communicate clearly. • Acceptable & appropriate usages • Clear definitions (e.g. what is proprietary) • Provide examples (e.g. .EXE files prohibited, anything sent to payroll processor must be encrypted) • Documented acceptance. • How do you attain ROSI with your policy?

  11. Architectural Principles • Proxy all connections • Hidden messaging methods may be P2P. • Measurement capabilities • Layered Defense Systems • Best of Breed vs Integrated Suite? • Integrated team approach • How is IT working against your goals?

  12. Architectural Principles • Granular rules control • Ad hoc blocking of new threats • Prevent auto-forwarding risks • Compartmentalize • Improve incident response • Provide limited service during crises • Redundancy • Education & Awareness

  13. Incident Response • Formalized CERT • Specialized messaging response team • Incident reporting • Response • Containment (unplug, router ACL filters, etc) • Disinfect, Remediate, Rebuild • Notify external partners • Forensics, analysis, lessons learned

  14. Baseline & Measurement • Network traffic analysis • E-mail & IM logging • Identify dependencies • Trend analysis • Support policy revisions • Creating TCO metrics for budgeting • Don’t horde this information

  15. Hosted by Who wrote the antivirus software used by Microsoft in DOS 6.22? Dr. Solomon Central Point X-tree Microsoft Cross-Tab Label 0 / 500

  16. Antivirus Strategy • Multiple AV tools • Desktop, Server, Email Gateway. • Antivirus network appliances, Managed AV service. • How many levels of AV provides ROSI? • Content Filtering (Day Zero defense) • Subject line. • File attachment types. • Tactics outside of messaging control • Lockdown e-mail client. • Keep patching virus targets.

  17. Antivirus scanning points E-mail Client AV Gateway E-mail Server Network Layer AV Appliance MSSP Internet E-mail

  18. Hosted by What is the Internet Engineering Task Force RFC for OpenPGP? 1542 802.1x 2440 I was told there would be no tests Cross-Tab Label 0 / 500

  19. E-mail encryption services • Virtually unbreakable, often unusable • Key to protecting information and reducing malicious threats • Issue: total cost of ownership (TCO) traditionally a burden • Hot trend: encryption proxy servers/e-mail firewalls

  20. E-mail encryption by proxy • Proxy manages keys • Encrypts messages • Gives recipient option of secured SMTP message or Webmail E-mail E-mail Server Encryption Proxy Webmail Server Internet E-mail

  21. Instant Messaging • Embrace and extend • Proxy connections • Encrypt communications • Logging & Usage profiling • Block dangerous behaviors (file transfers, etc) • Gateway ROSI benefit: IM compatibility

  22. Instant Messaging IM Proxy Central configuration & administration

  23. Spam • Why is this a security issue? • Anti-spam approaches: • Keyword filtering • Bayesian algorithm • Blacklists/Whitelists • Community voting • Tagging vs. blocking • Multiple approaches often necessary. • ROSI Models.

  24. Awareness • Courseware • Reinforce policy • Educate about threats • Recognizing viruses • Safe practices • What to do, where to go for help • Regular internal AV newsletter

  25. To protect and to serve Your boss E-mail IM Proxy IM Internal Hosts Departmental E-mail Servers IM MSSP Internet Encryption Proxy AV Gateway Firewall E-mail Network Layer AV Appliance Content/Spam Filtering

  26. Summary – the 10 Steps • Enforceable policies • Architecture • CERT & Incident Response Plan • Awareness program • Baseline & continuous measurement system • Encryption • Proxy everything • Multiple layers of virus/spam protection • “Best of Breed” • Take an integrated approach

  27. Hosted by According to IBM Research, in what year did the first PC virus appear? 1984 1986 1988 The year Bill Gates was born Cross-Tab Label 0 / 500

  28. Thank You!

More Related