Features
Unlocking business potential with seamless protection
By Dmitriy Ayrapetov, Jon Ramsey, Jackson Shaw and Sarah A. Williams
Real-world security that frees enterprises to adopt disruptive technologies without disrupting productivity — it’s the secret to success. Dell Security offers highly integrated protection from the endpoint to the data center to the cloud.
he world is becoming ever more These capabilities reinforce each other, working connected. Yet in many ways, together for seamless protection. Solutions enterprise security remains in the Dell Security portfolio span these four T disconnected. Security tools, pillars to support a cohesive enterprise security processes, user profiles and information may strategy that is designed to protect information be separated in silos that leave dangerous everywhere, in step with the business. gaps in between. Hackers, fraudsters and other threat actors are often determined to exploit Identity and access management these disconnects. The first pillar addresses the fact that not all An effective security solution must close the threats come from the outside. gaps. Achieving this goal requires capabilities One of your system administrators is in four interconnected areas: identity and apparently using his privileges to access access management, network security, data material that he shouldn’t. You need to discover and endpoint security, and security services. what’s going on. And if you must terminate his
14 2014 Issue 01 | Dell.com/powersolutions Features
employment, you need to ensure that all of his access accounts and privileges are quickly removed as well. Protecting against this type of threat is the function of identity and access management (IAM) solutions. IAM helps ensure that people have the right access to the right resources — and only those resources — at the right time. Delivering this access is essential for enabling employees to work productively. But at the same time, centralized IAM is critical for controlling individual user identities, governing user access rights and maintaining visibility into privileged-user actions. Recent events have shown that 8 steps toward robust identity entities from both the public and private sectors must be vigilant in knowing the and access management activities of highly authorized users. Dell has gleaned eight best practices to help enterprises improve their identity A comprehensive IAM solution management systems for heightened security, efficiency and compliance. includes access governance, privileged account management and identity 1. Define the organization’s employees, contractors, consultants and other administration. (For more information, stakeholders who need to access company resources. see the sidebar, “8 steps toward robust 2. Implement a single, integrated system that provides end-to-end management of identity and access management.”) employee identities throughout their lifecycle. 3. Provide knowledge and control of identities and permissions to business data Protecting critical information owners and custodians. with user access controls 4. Enforce a request-and-approval workflow to manage and document change. For access governance, Dell One Identity 5. Automate user account provisioning to help reduce overhead, avoid errors and solutions provide the visibility and control improve consistency. necessary to understand what is in the 6. Create compliance rules for the identity management system to help the organization’s environment and who organization comply with any industry or governmental regulations. has access to it. The solutions establish 7. Check and recheck permissions to avoid security risks. a continuous process that helps ensure 8. Manage roles instead of individuals. individual employees have the right access to do their job, but nothing more, and For more details about these best practices, download the white paper, empower business managers to properly “8 Best Practices for Identity and Access Management,” at qrs.ly/ca3u3is. certify access. Dell One Identity also enables organizations to manage the entire lifecycle of identities by automating account creation Controlling and auditing elevated access administrative access in several ways, such with delegated rights, group memberships A secure process should be established for as performing keystroke logging, conducting and attributes to authorize users. It is designed requesting and issuing privileged credentials session audits and delegating granular to reduce the complexity of common for administrative account access, privileges for execution of specific commands. administrative tasks, such as password with rights based on strong policy Dell One Identity provides these management, and simplify the management and group membership within the capabilities and minimizes the burden of policies across complex UNIX®, Linux® Microsoft® Active Directory® directory imposed on IT by compliance demands, and Macintosh® environments. service. Organizations can control and audit helping improve compliance through
Dell.com/powersolutions | 2014 Issue 01 15 Features
automation and reporting consolidation. is false — once you opened the attachment, and application control with real-time Dell One Identity also includes user activity malware gained access to your device and visualization for comprehensive, connected monitoring capabilities for discovering from there to the company network. security. Access to applications can be vulnerabilities, addressing security policy Network security works to thwart this controlled based on multiple conditions violations and preventing unauthorized phishing activity and other types of external ranging from user identity and application access to systems and data. attacks. It should also coordinate with an type to time of day and duration of use. (For organization’s IAM solution. In an optimal more information, see the sidebar, “Deep Network security scenario, the network security solution can packet inspection for network protection.”) While IAM is primarily concerned with alert IAM software to be on the lookout Additional security and connectivity internal security, the second pillar, network for someone on the network seeking capabilities such as virtual private network security, protects against threats from unauthorized access using a legitimate (VPN) protection and content filtering help outside the enterprise. employee account. make SonicWALL Next-Generation Firewalls You receive an email at work from a a comprehensive solution. High-speed school nurse saying that your child is sick Protecting the perimeter inspection of traffic encrypted with Secure and the school isn’t able to reach your with next-generation firewalls Sockets Layer (SSL) is designed to prevent spouse. The email contains an attachment An effective foundation for a secure malware and intrusions from coming through outlining the diagnosis of your child. network is the Dell SonicWALL family encrypted connections. And to identify Naturally, you open it. The names of your of next-generation firewalls. These and respond to the latest threats, cloud- child, your spouse, the school and even the firewalls tightly integrate advanced assisted anti-malware enables Dell firewalls school nurse are all accurate. But the story intrusion prevention, malware protection to quickly match malicious code against a large, continuously updated database.
Delivering protection for mobility access and email Dell SonicWALL solutions also are designed to enhance employee productivity and protect against threats through simple, policy-enforced mobile access to mission- critical data and applications. Dell SonicWALL email security hardware and software help ensure email is a safe productivity tool. Moreover, management and reporting capabilities are provided for optimizing security and easing administration.
Deep packet inspection Data and endpoint security The first two pillars of Dell Security are for network protection about access, both internal and external. The third pillar is about protecting the Proprietary Dell Reassembly-Free Deep Packet Inspection (RFDPI) technology scans data itself. against multiple application types and protocols to help ensure the enterprise network Using your legitimate credentials, is protected from internal and external attacks, as well as application vulnerabilities. someone is trying to enter systems that you To deliver visibility and control, RFDPI is designed to scan traffic on every port, on would never access. If your organization every protocol and in any direction, inspect every byte of a connection and examine has an IAM solution, it will generate an up to hundreds of thousands of simultaneous connections. alert to flag the unusual activity. Even if the With these capabilities, RFDPI can categorize application traffic and protect attacker got through, your organization against threats at both the application and network layer. would still be protected — because the data is encrypted and can’t be read.
16 2014 Issue 01 | Dell.com/powersolutions Features
Why data-centric encryption is the way to go Data protection necessarily involves encryption on endpoint devices. However, Keep it simple full disk encryption (FDE) can be difficult to manage. IT must decrypt and then Dell One Identity solutions are designed to simplify re-encrypt the device to perform maintenance, software updates, inventory and identity and access management needs. Watch other management tasks. the video on this web page to learn more about a simplified, unified approach to solving challenges File and folder encryption differs from FDE in that only specific files and folders such as privileged account management, data are encrypted. This capability can deliver significant time and money savings. access governance and enterprise provisioning. However, many implementations of file and folder encryptions leave security quest.com/identity-management holes, since they require the user to remember to save sensitive files into specific encrypted folders. Dell Data Protection | Encryption (DDP | E) overcomes these challenges by taking Data protection presents several a data-centric encryption approach that combines file-level encryption with policy- challenges for today’s organizations. The based management: environment includes a variety of mobile devices and operating systems, and • Encryption policies specify what should or should not be encrypted. organizations are storing more data in • Policies may be based on a number of criteria, such as user or group membership, the cloud than ever before. Management specific file types or even a specific application that generates sensitive data. of encrypted devices can be difficult. • The encryption works transparently in the background, without user intervention. And regulatory compliance requires organizations not only to protect data from The DDP | E data-centric approach also uses multiple encryption keys. A being stolen, but also to produce reports common key may be used to encrypt common system data. Individual, user- proving that it is protected. specific encryption keys are used so that sensitive data specific to an individual is accessible only by that person. Safeguarding data with strong encryption The Dell Data Protection | Encryption (DDP | E) portfolio delivers a high level of protection for desktops, laptops, mobile devices, external media devices and end-user data stored in public cloud services such as the Dropbox®, Box and Microsoft® OneDrive platforms. It also fills critical security gaps and enables organizations to manage Microsoft® BitLocker® software — all from a single management console. DDP | E software encryption uses an innovative, data-centric approach that is designed to protect data without disrupting IT processes or end-user productivity. The solution allows IT to easily enforce encryption policies, whether the data resides on the system drive, on external media or in the cloud. (For more information, see the sidebar, “Why data-centric encryption is the way to go.”) For organizations needing a higher level
Dell.com/powersolutions | 2014 Issue 01 17 Features
of security, Dell offers DDP | Hardware Crypto Locking down hardware Administrators can use the centralized Accelerator, which adds hardware-based The first line of defense lies at the PC DDP management console to remotely encryption with tamper-resistant protection level. Having the proper authentication manage user credentials, passwords, and identity-based authentication with solutions in place can greatly bolster encryption policies and multiple hardware Federal Information Processing Standards protection against a security breach. authentication methods. (FIPS) Publication (PUB) 140-2 Level 3 Included with Dell Precision, Dell Latitude For added protection, Dell ControlVault is military-grade security. and Dell OptiPlex systems, DDP | Security available on select Dell Precision and Latitude Another challenge is that many users Tools (DDP | ST) is an end-to-end software systems. This secure hardware element routinely store and share files in public solution that supports Dell hardware provides an isolated authentication processing cloud-based storage services. IT can lose authentication options. environment for matching biometric and control over data security once files are in DDP | ST provides secure access control smart card credentials. Moreover, only Dell these services. DDP | Cloud Edition gives IT using optional smart card and fingerprint offers FIPS PUB 140-2–certified Trusted granular control to determine which users readers with FIPS PUB 201 certification or Platform Module (TPM), which ships with can view the data, including shared files, as an optional contactless smart card reader. Dell business laptops and tablets to help well as which endpoints can be employed It also supports pre-OS login with self- ensure that the implementation meets the to access the data. encrypting drives and single sign-on (SSO). highest standards for protection.
Meet the Counter Threat team They are an elite unit with backgrounds in private security, the military and intelligence. They know where to look for information that’s tucked away in dim areas of the internet and hacker communities. They can build an overall picture from a thousand disparate puzzle pieces of data. And when an incident is identified, this team swings into action to contain and remove the threat. They’re the Dell SecureWorks Counter Threat Unit (CTU). For many large and midsize companies, government agencies and media outlets, CTU is the answer to their security challenges.
Top security talent and techniques Comprising some of the most highly regarded security researchers in the world, them. Putting this knowledge to work is before damage is done. CTU forensic the CTU research team is frequently first the job of analysts at Dell’s seven Security investigators can determine the source to market with the identification of new Operations Centers in the United States, and full extent of a breach to contain exploit techniques. Using proprietary Europe and India. the incident and address the root cause, technologies, they can identify threats in When an incident is identified, and response team members work advance, assess their severity and provide the CTU response team takes the hand-in-hand with a client’s team until recommendations for protecting against necessary steps to mitigate the threat the issue is resolved.
18 2014 Issue 01 | Dell.com/powersolutions Features
Security services review and improve their information security On the hunt With the first three pillars in place, there is one more policies based on best practices. important security asset to consider: intelligence. The young man could pass for one of China’s prosperous new middle You’ve taken the right steps to protect your Knowing the threat to better protect against it class. But he’s not just anyone — organization all the way out to the edges of the Dell SecureWorks researchers and security he’s a hacker named Zhang. Follow a Dell SecureWorks analyst as he network. But you also need to be proactive about consultants are highly versed in the practices investigates the twisted tracks of an new and emerging global threats. Are threat and nuances of intelligence. This team applies its active espionage campaign. actors already targeting your organization or its research and intelligence capabilities to all aspects qrs.ly/sq3u3iq executives? How can you prepare or take action? of Dell SecureWorks operations, using tools that Information and IT security services help go well beyond simple alerts and content searches organizations of all sizes protect their IT assets, to include sophisticated relationship mapping and comply with regulations, reduce security costs advanced techniques for detecting malicious code. and adapt incident response to meet threats. With seven Security Operations Centers (SOCs) worldwide, Dell SecureWorks also provides localized Building relationships with managed incident-response personnel. (For more information, security services see the sidebar, “Meet the Counter Threat team.”) Delivering managed services is different Authors from delivering security products — it means Moving from reactive that Dell’s relationship with an organization is to proactive to predictive Dmitriy Ayrapetov is director of just beginning when the technology is deployed. The Dell Security portfolio connects security product management for network security at Dell. Clients of Dell SecureWorks managed services to infrastructure with protection embedded
range from Fortune 100 companies with large natively into IT systems. It connects security to Jon Ramsey is executive director, security teams to organizations with no full- information with proactive measures to gather, chief technology officer and Dell time security staff. analyze and report the data needed to guard Fellow with Dell SecureWorks.
Some enterprises look to Dell SecureWorks against malicious attacks. And it connects security Jackson Shaw is senior director of to back up their existing security staff, monitor solutions together for protection that is no longer product management for the Dell select devices, provide alerting if necessary and siloed and enables organizations to respond Software Group. enable reporting through a customer portal. decisively if an incident occurs. Sarah A. Williams is director Other organizations depend on Dell SecureWorks Based on the four pillars of enterprise of product management, to actively manage their security environment: security — identity and access management, security software, for Dell End User Computing. configuration, deployment, monitoring and response, network security, data and endpoint security, including reports tailored for different internal and security services — this approach empowers audiences. Dell SecureWorks also offers a wide range organizations to move from reactive to proactive of industry and government compliance solutions. to predictive mode to counter evolving threats. Dell also maintains a professional services staff Consulting for security and risk assessment ready to work with organizations to determine The Dell SecureWorks security and risk consulting their business-specific and site-specific issues, team provides the expertise and analysis needed scope a solution to meet those requirements Learn more to help organizations enhance their security and help evolve the solution as threats change. posture. The team works with enterprises to design Organizations can leverage the Dell team’s Dell Security: Dell.com/security and implement their strategic security programs, deep insight gained from helping thousands of assess and test their defenses, and resolve critical customers deal with security issues. As a result, Dell Data Protection solutions: information security breaches. Security awareness Dell Security frees business and technology leaders Dell.com/dataprotection training solutions are available to raise employee to pursue exciting new opportunities wherever the vigilance and meet compliance requirements, and business takes them, with the focus on innovation program development services help organizations rather than protecting their flanks.
Dell, Dell Precision, ControlVault, Counter Threat Unit, Latitude, OptiPlex, Reassembly-Free Deep Packet Inspection and SecureWorks are trademarks of Dell Inc.
Dell.com/powersolutions | 2014 Issue 01 19