Transcript Security Imperatives in a New Workplace

Security Imperatives in a New Workplace
Partnering to Protect Digital Information in the 21st Century
BR3965
SECPA-03UA
Today’s rising security threats come in various
forms, in varying degrees of severity:
While security
othersundetected
can
be extreme…
Some
occur
breaches
but
are are
obvious
muchbut
more
relatively
severe…
harmless…
… Such as the Stuxnet virus that paralyzed Iran’s nuclear research facilities.
…Such
…
Receiving
as malicious
spam messages,
software, or
for“malware,”
example. that’s unintentionally installed by a computer
user and which causes the user’s computer to conduct illicit tasks via the network on behalf
of the malware’s owner.
2
The real costs of a security breach:
Digital information makes up 49% of
an organization’s value.*
• Average cost of each compromised
record per breach: $214**.
Security Policies
• Average organizational cost of a
data breach is $5.5 million**.
Security Breach
Costs
*2012 state of information survey.
**Source: “2010 Annual Study: US Cost of a Data Breach.” The
Ponemon Institute, LLC, March 2011.
3
By addressing security proactively,
organizations can reduce per record
cost of breaches by $80**.
End points are connected on networks with
increasing risk velocity.
Changing
Threat
Landscape
Controlled Network
Devices Go
Undetected on
the Network
4
Today’s MFPs are complex embedded network
devices with many potential security vulnerabilities:
Some MFPs have:
• An operating system with a direct
external interface
• A proprietary operating system
All MFPs have:
•
•
•
•
•
•
One or more operating systems
Network controller and firmware
One or more hard disk drives
Web server
Hardware ports
Page Description Language
interpreters (PS & PCL)
5
MFP Security cannot be an afterthought!
• In a December, 2011 lecture, “Print Me If
You Dare,” a research team from
Columbia University was able to design
malware with capabilities that include:
• Port scanning
• Network exploration
• Exfiltration data from print-jobs
6
What you need to protect information on the
network:
1. “Hands-off, self-protecting”
devices that are resilient to new
attacks.
2. Compliance with the most up-todate security standards and
regulations.
3. Complete visibility on the
network.
7
Hands off Protection:
McAfee Whitelisting Technology
Normal
usage
• Known users
• Approved software
Alerts
Known files
and software
8
• Xerox
Management
Tools
• McAfee ePO
Attacks
• Unknown users
• Malicious acts
• Polymorphic
zero-day attacks
• Email
Unknown files
and software
Whitelisting technology allows
only approved software to run
McAfee Integrity Control
• Proactive/Always active even if
mismanaged
• Security is managed at the end point
in addition to the network
• Permits secure use of advanced MFP
features — user permissions,
scanning without fear
• Turns the unknown (bad) into known
(good)
9
Compliance: Integration with Cisco TrustSec
• Gain complete visibility on the network
• Automatically identifies Xerox printer and MFP
devices on the network
• Monitors device activity, similar to PC on the
network.
• Reports any suspicious activity and alerts IT
administrators.
• Virtually every Xerox device is TrustSec
compliant – more than any other vendor
10
Protecting the Perimeter: Xerox Multilayered
Approach
TrustSec
Access Protection
Network
Management
Consoles
User Endpoints
MFPs
11
The New Security Standard for a New Age
• Security cannot be an afterthought
• Information is an increasingly
valuable intellectual property
• Firewalls aren’t enough; security
policies must be holistic and
ubiquitous
• Protection for embedded devices is
now an integral part of today’s
security imperative
12