Post on 09-Aug-2015
®
Every company is becoming an IT company they’re just focused on
different verticals.” John Chambers, Cisco
= Huge attack surface
Today’s Session
Security, user experience & visibility State of threats and security
and the need to “think different”
Two domains: Managed endpoints and unmanaged endpoints
5 design principles for an effective endpoint security strategy
How VDI plays a big role in security and security plays a big role in VDI
Thin clients’ natural malware resistance
Presenters
Chris Sherman, AnalystSecurity and Risk
Dan O’Farrell, Sr. Director of Product Marketing,Cloud Computing
Bassam Khan, VP of Product Marketing
© 2015 Forrester Research, Inc. Reproduction Prohibited
Five Steps To Protect Your Endpoints From Targeted AttacksChris Sherman, AnalystMay 2015
© 2015 Forrester Research, Inc. Reproduction Prohibited 6
Orgs will continue to struggle with 0-Day malware through 2015
Q1 2
010
Q2 2
010
Q3 2
010
Q4 2
010
Q1 2
011
Q2 2
011
Q3 2
011
Q4 2
011
Q1 2
012
Q2 2
012
Q3 2
012
Q4 2
012
Q1 2
013
Q2 2
013
Q3 2
013
Q4 2
013
Q1 2
014
Q2 2
014
Q3 2
014
Q4 2
0140
10
20
30
40
50
60
Unique Variants of Malware Per Quarter
Var
ien
ts (
in M
illi
on
s)
600,000 new malware variants/day!Source: McAfee Threats Report: First Quarter 2015
© 2015 Forrester Research, Inc. Reproduction Prohibited
Orgs will continue to struggle with targeted attacks
Publicly reported cyber incidents and breaches in the US
Source: Cyberfactors, LLC
© 2015 Forrester Research, Inc. Reproduction Prohibited© 2014 Forrester Research, Inc. Reproduction Prohibited 8
The Golden Age Of Hacking Continues
© 2015 Forrester Research, Inc. Reproduction Prohibited 9
Other
Don't Know
Lost/stolen asset (e.g., smartphone, tablet, laptop, external hard drive, USB flash drive, etc)
Internal incident within a business partner/third party supplier’s organization
Internal incident within our organization
External attack targeting a business partner/third-party supplier
External attack targeting our organization
1%
7%
23%
24%
49%
33%
39%
“What were the most common ways in which the breach(es) occurred in the past 12 months?”
Source: Forrester BT Security Survey, Q3 2014
Base: 457 North American and European IT security executives and technology decision makers whose firms had experienced a breach in the past 12 months
Thieves go for the gold: PII and IP
Data breaches have led to 330,000,000 lost records in 2014 alone*
*Cyberfactors, LLC
© 2015 Forrester Research, Inc. Reproduction Prohibited© 2014 Forrester Research, Inc. Reproduction Prohibited 10
Breach Costs Will Continue To Increase In 2015
› Average total cost: $3.5 million
› Up 15% from 2013
› Each lost record cost $136
› Up 9% from 2013
© 2015 Forrester Research, Inc. Reproduction Prohibited 11
This Much Is Clear: Traditional Endpoint Security Tools Are Failing And Will Continue To Fail Through 2015
© 2015 Forrester Research, Inc. Reproduction Prohibited 12
An Ongoing Anti-Malware Technology Arms Race
Signature
based detecti
on
Encrypted
payloads
Decryptor
matching/pas
sive heurist
ics
Polymorphic code
Active heuristics/sandboxin
g
Sandbox
evasion
techniques
Sandbox
hardening
Self-directe
d (metamorphi
c) code
Runtime
behavior
detection
Further
obfuscation techniques/signed
binaries/beha
vior rando
mization
An
ti-m
alw
are
Eff
ecti
ven
ess
Time
Reactive
© 2015 Forrester Research, Inc. Reproduction Prohibited 13
The 90’s called, they want their endpoint security strategy backDespite…
Anti-Virus Application
Whitelisting
80%
52%48%
54% reporting frequent
attacks involving software
vulnerabilities
92% reporting rising
operation costs involving
malware
Base: 671 IT and IT security practitioners. Source: Ponemon 2013 State of the Endpoint Survey
Base: 881 IT Security Decision Makers. Source: Forrester BT Security Survey, Q3 2014
…Many organizations still
rely heavily on antivirus.
A New Approach Is
Needed!
48%
Application
Priv. Mgmt.
52% 48%
Application
Sandboxing
© 2015 Forrester Research, Inc. Reproduction Prohibited 15
Organizations Must Refocus Their Endpoint Security Strategies In 2015
© 2015 Forrester Research, Inc. Reproduction Prohibited 16
Do a better job of endpoint protection.
Managed endpoints
Unmanagedendpoints
Your Challenges are Twofold
Protect your data and operations without owning the assets!
© 2015 Forrester Research, Inc. Reproduction Prohibited
Five design principles for an effective endpoint security strategy
Get your house in
order (managed endpoints)
Focus on data (unmanaged endpoints)
Think thin, think cloud (combined)
Zero trust
(combined)
Eye in the sky
(combined)
© 2015 Forrester Research, Inc. Reproduction Prohibited 18
Principle No. 1: Get your house in order –attack surface reduction
This completes 75% of the work.
Exercise application control. • Limit Firefox, Opera, and QuickTime
• Options include application whitelisting, execution isolation, privilege management
• Weigh the pros and cons of each form of app control
Disable Java in web browsers.
Deploy the Enhanced Mitigation Experience Toolkit.
While you are at it:
• Eliminate superfluous applications from your environment.
© 2015 Forrester Research, Inc. Reproduction Prohibited 19
Get your house in order — manage your vulnerabilitiesYou need an intelligent patch management system.
© 2015 Forrester Research, Inc. Reproduction Prohibited 20
Get your house in order (Summary)An effective endpoint security strategy must:
Start with managing vulnerabilities.
• Leverage a patch management solution which supports 3rd party applications
• Focus on vulnerabilities with an existing exploit
• Patch it well, and patch it early.
Reduce attack surface through some form of application control.
• Figure out which risky applications you don’t need, and eliminate them.
• Policy-driven solutions require less effort (ex. trusted publisher, vendor signature, application category, etc)
• Build a good exception-handling workflow.
Augment with antimalware.
• A layered defense = best for security
• Measure solutions based on zero-day effectiveness
© 2015 Forrester Research, Inc. Reproduction Prohibited 22
Principle No. 2: Focus on the data, not infrastructureDecouple data and threat protection from the infrastructure
• Build security capabilities into the application.
• E.g., encryption in the application
• E.g., threat detection in the application
• Malware
• Fraud
• Jailbreak
Application
DataFortifying this
© 2015 Forrester Research, Inc. Reproduction Prohibited
Principle No. 3: Think Thin, Think Cloud
• If possible:• Thin client
• Thin device
• Process centrally, present locally
• Leverage on cloud delivery and scaling
• Requires connection
• High Server-side operational load
• Endpoint security tools still required
© 2015 Forrester Research, Inc. Reproduction Prohibited 24
Principle No. 4: Zero Trust• Authentication is always contextual:
› Location, environment, and malware detection . . . all factor into authentication/authorization.
• Authorization to access services must be evaluated dynamically
• Trust is derived and verified, never assumed
© 2015 Forrester Research, Inc. Reproduction Prohibited 25
Principle No. 5: Eye In The Sky
• Provides intelligence to focus on the right things
• Monitor and control data flows across logical security boundaries
• Requires data classification
• Increased situational awareness
Unmanaged devices, infrastructure
Managed devices
© 2015 Forrester Research, Inc. Reproduction Prohibited 26
Principle No. 5: Eye In The Sky (Cont’d)
› Endpoint Visibility & Control (EVC) provides detailed visibility into activity occurring on the endpoint:
• Process executions
• Application/file/registry modifications
• Network activity
• Active memory
• Kernel-driver activity
› Some provide containment
© 2015 Forrester Research, Inc. Reproduction Prohibited
Recommendations
1. Implement meaningful app control
2. Run a targeted patch program
3. Deploy recommended practices (DEP, EMET)
4. Improve authentication measures
5. Integrate network and endpoint security controls where possible; aim for increased visibility
<12 months
© 2015 Forrester Research, Inc. Reproduction Prohibited
Recommendations
1. Continue to shift focus to unmanaged or lightly managed endpoints
2. Decouple protection from device and infrastructure
3. Think thin, think cloud
4. Toss your trust assumptions
5. Maintain a high level of visibility over your endpoints and data
1-3 years
© 2015 Forrester Research, Inc. Reproduction Prohibited
#ageofthecustomer
Chris Shermancsherman@forrester.com
@ChrisShermanFR
Cloud client-computingThe ultimate secure, manageable and reliable end to end virtual desktop solutions.
Cloud client-computing• Dell - Internal Use - Confidential
Deliver nearly any desktop app to any user on any deviceMove your desktops to the cloud and:
Empower the workforceEnable BYOD, deliver securely to any device, enhance user collaboration
Optimize IT resourcesReduce IT resources, scale and speed deployment
Improve securityControl data, recover from disasters, apply policies, comply with regulations, and monitor risk
Manage costsMonitor and optimize total cost of ownership, achieve greater utilization from infrastructure assets, reduce energy use
Cloud client-computing• Dell - Internal Use - Confidential
Highly-regulated industries were first to embrace this model to increase security and reduce costs
Cloud client-computing• Dell - Internal Use - Confidential
Solutions that scale with your needs
Specialized appliances
Reduced TCORapid deployment
Easy installation
Your choice of datacenter hardware with…
…your choice of pre-tested software options
Wyse Datacenter
Towers with local storage
VRTX (new form factors)
Full racks with modular options
Cloud client-computing• Dell - Internal Use - Confidential
Wyse Clients
Industry-leading thin clients
Secure the most secure thin
clients on the planet
Versatile tailored clients for Citrix, VMware, and Microsoft
Powerful handle demanding tasks from video editing to 3D
modeling
Connected support a broad range of
peripherals
Desktop All-in-one Mobile Ultra mobile
Dell offers the most extensive selection of secure, easy-to-manage thin and zero clients to suit your budget, application, and performance needs.
Cloud client-computing• Dell - Internal Use - Confidential
See for yourself - next steps
More information
On the web: Dell.com/wyse
Schedule a demo
Work with your sales representative to schedule a demo.Access a range of demos, including Dell Enterprise Solutions, Dell DaaS, Dell DVS Simplified Appliance and others. Learn More
Engage the experts
Engage with your cloud client-computing sales specialist early in the pursuit.Leverage the knowledge of Dell's desktop virtualization experts.
a demo at a Dell Solution Center
View
Dell IT Consulting to assess your needs
Engage
an Executive Briefing on cloud client-computing
strategy
Schedule
It’s Not Only About Security Needs
Endpoint manageabilityLicense controlProfile management
Simple Desktop IT Administration
Ransomware, phishing, social engineering
Unnecessary privilegesAudit & Compliance
Effective Endpoint Security
PerformanceFlexibility & control
Consistency
Excellent User Experience
The most comprehensive UEM platform.
PersonalizationEnvironment Manager™
SecurityApplication Manager™
Managed dataDataNow™
AppSense management
Management Center™
Endpoint analyticsInsight™
Optimal capacity & responsiveness
Performance Manager™
AppSense
AppSense
AppSense AppSense
AppSense
AppSense
®
Personalizatio
n
Policy
Privileges
Performance
Data
Analytics
Personalizatio
n
Policy
Privileges
Performance
Data Access
Analytics
®
®®
AppSense User-First SecuritySecure, manageable, great user experience
Privilege ManagementLeast privileges with just in time
self-elevation
Application ControlManageability & security through
Trusted Ownership™
AnalyticsVisibility into what’s really
going on
®
Global UEM LeaderFounded in 1999 to help customersdeliver a great user experience.
• 3400+ customers
• 7.5M+ endpoints
• 400+ employees
AppSense Global HQ in Sunnyvale, California
Manchester | Reading | Munich
Amsterdam | Paris | Melbourne
Sydney | NYC | Sunnyvale | Raleigh
10 GLOBAL LOCATIONS