IT4K12 – Protecting Education Environments from an Evolving Threat Landscape
Protecting Education Environments from an Evolving Threat Landscape
Softchoice & Microsoft
These are my notes from various sessions at IT4K12 in Vancouver Nov 17-18, 2016. They may be messy, and there may be mistakes, and it may not be exactly what the presenter wanted to be remembered, but it’s what resonated with me. – Todd
Disrupted Perimeter, Business Agility, Consumer IT, Advanced Threats
Ransomware is causing huge disruption. Typical ransom paid from $200 – $10K. >50% of US Hospitals hit by Ransomware in 2015. 90,000 systems per day infected by Locky Ransomware. Organizations of all sizes are being impacted.
Typically uses multiple attack vectors – e-mail, websites, usb keys, and the user itself. 90% of attacks come through e-mail and the web browser. Reminded us that we need to constantly remind our users what to look for and what to avoid.
After the data is encrypted, ransom note with decryption costs. Choose to pay for the ransomware, and now using bitcoin, so harder to track than using a credit card. If you don’t pay, then your choice is to restore from backup. Some ransomware is getting smarter, and now going after your backup, so customers try to put their backup off the network.
Cybersecurity’s Labour Shortage Epidemic
Challenge #1 – Not enough gray matter.
62% of organizations are currently understaffed.
Majority of positions take 3-6 months to fill
Financial and Operational Impact
Challenge #2 – Results of an unsustainable security approach
Cost on Black-market
Average Record – $154
Medical Record – $363
Mean Time to Detection > 200 days
24% increase in security budgets
38% more security incidents
56% theft of “hard” intellectual property increased
The Vicious Cycle of Security Failure
Challenge #3 – Complexity
Emerging Challenge -> Inefficient security team -> Unscalable complexity leaves organizations combat-ineffective
Security Eco System
Endpoint / Mobile
Network / Applications
Data / Identity / Access
What is Secure Endpoint?
Not just AV, must be a layered approach
- Malware protection
- Device management
- Content Security
- Transaction protection
Make sure it’s Next Generation
- NG Firewall
- NG Email / Web gateway
- Network visibility
- Virtual patching
- Incident and threat management
- SSL decryption
- Access management
- Identity management
- Entitlements and role
- Data access control
- Data monitoring
It’s a shared responsibility. Customer still has some responsibility in secure cloud. Once the data leaves the cloud, it is the customer responsibility.
Internet of Things (IoT)
- Garage door openers
- Washers and dryers
Cisco suggests that in 2016 there are 22.9 billion connected objects, and by 2020, there will be over 50 billion connected objects.
There are tons of IoT in Education
- Video capture devices
- ebooks, tablets, notebooks
- smart displays
- sensors in the hallways
- sensors on trash bins
- robot cleaning
- fitness bands and wearables
- smart lights
- smart locks
- campus lighting
Strong security is NOT built into these (yet)
Have you fully considered the data that will be produced by your IoT environment? Where will it reside, who can access it, how can it be used, how will it be retained for future use.
SHODAN – Search Engine
Search Engine (IoT) – http://www.shodan.io
Finds anything connected to the Internet! Went live in 2009, currently indexes over 1 Billion connected devices monthly.
So what can we do?
Security TechCheck (CTAP)
Cyber Threat Assessment Portal
- No cost fully funded security assessment for ERAC members
- Non-Intrusive deployment, typically a 7-30 day engagement
- Provides a granular report on current security posture and vulnerabilities
- Gives you the ability to inspect for botnets; both dormant and active.
- And much more that I couldn’t type fast enough to capture!;
Softchoice has a number of tools and partners to help out. May be able to help save costs through some consolidation.
Consultation with a Softchoice Agnostic Security Architect
Security Consolidation Assessment
Security TechCheck – Cyber Threat Assessment Portal (CTAP)
Terence Snijtsheuvel, Solutions Architect, Softhoice
Empowering Users – Secure Productive Enterprise
What is included in E-Desktop
- Windows 10 Education edition (cortana is disabled)
- Microsoft Office Professional Plus and Office for Mac
- Microsoft Enterprise CAL suite
Microsoft has four pillars they consider in security:
Trust – Protect your organization, data, and people
- Integrated intelligent security
- Transparency and control
- Privacy by design
- Compliance leadership
Who has access to my data?
Your data is only used to provide services. Data center staff can’t see your data. You configure who has access to data.
Where is my data stored?
Know where your data is located. You can request where your data is located and understand which data center region your data is stored in with our public maps.
Physical and environment security – many physical elements all combined to secure physical access.
Security in our people
24×7 security incident response, aligned with ISO/IEC Tr 18044. Background checks on all staff
Foundational Data Protection – All data is encrypted whether in transit or at rest.
Sensitive Data Identification
Policy Management to secure your data
Information Security across apps and devices
Terence did a great job of outlining the Microsoft Security “plan” using their software to provide us a secure place to work, and store data. Microsoft has a number of add-ons to O365 to make it even more secure. It is a very robust and perhaps “whole” approach to maintaining security for everyone.
Mike helped us to understand the role of Softchoice and their various partners and their ability to help with security.