SlideShare ist ein Scribd-Unternehmen logo

Mitigating Insider Threats within the Banking & Financial Sector

IS Decisions
IS Decisions

When we talk about cybercrime in the Banking & Financial Sector we tend to focus on external threats, but often organisation insiders are more likely to be the source of the breach. In fact you could say insider threats pose a greater risk than external threats as your employees already know where the company’s ‘crown jewels’ are. These crown jewels could include the assets that drive cash flows, competitive advantage and shareholder value. Insiders tend to know what exactly resides on the networks and how to gain access to them for the purpose of theft, disclosure, destruction or indeed manipulation. For example the leaking and disclosure of critical information could lead to the manipulation of share values. This is a far more effective means of profiting through cybercrime than traditional fraud techniques. So how do you tackle this problem of insider threats? The solution is that it must be tackled from two angles, both culturally, in the education of your users, and technologically, by putting further controls, restrictions and monitoring in place on your users – for their own benefit and that of the organization they work for. UserLock is an enterprise security software that controls and secures network access for all authenticated users. UserLock helps organizations - including those within the financial sector - reduce the risks of security breaches from insider threats (intentional or not), offer an immediate response to suspicious user behavior and get compliant with major regulations.

1 von 17
Downloaden Sie, um offline zu lesen
UserLock® Mitigating the Security Risk from Internal Users within the Banking & Financial Sector
THE INSIDER THREAT Some of the risks posed from Insider Threats in the Financial Sector: THE INSIDER THREAT • Undesired disclosure of confidential customer and account data • Fraud • Loss of intellectual property • Disruption to critical infrastructure • Monetary loss • Embarrassment, Public Relations • Destabilize, disrupt and destroy cyber assets of financial institutions ‘Insiders already know where the company’s crown jewels are!’
IDENTIFYING THE INSIDER THREAT Forrester research* has also shown that the greatest volume of security breaches come from employees inadvertently misusing data IDENTIFYING THE INSIDER THREAT Dealing with both malicious and careless activity from employees, ex-employees or trusted partners. IS Decisions research shown that IT professionals consider ignorant users to be the greatest security risk in their organization IN YOUR OPINION, WHICH GROUP WITHIN YOUR ORGANIZATION REPRESENTS THE GREATEST SECURITY RISK? The Insider Threat Security Manifesto – IS Decisions 2014 * http://www.csoonline.com/article/741148/report-indicates-insider-threats-leading- cause-of-data-breaches-in-last-12-months
TECHNOLOGY SOLUTIONS FOR THE INSIDER THREAT Nearly 90%* of IT Professionals consider insider threats to be a purely cultural issue and are not aware that technology can help them address internal security issues. TECHNOLOGY SOLUTIONS FOR THE INSIDER THREAT * The Insider Threat Security Manifesto – IS Decisions 2014
TECHNOLOGY SOLUTIONS FOR THE INSIDER THREAT TECHNOLOGY SOLUTIONS FOR THE INSIDER THREAT UserLock is an enterprise security software that controls and secures network access for all authenticated users. UserLock helps organizations reduce the risk of security breaches from insider threats (intentional or not), offer an immediate response to suspicious user behavior and get compliant with major regulations.
1. SECURE NETWORK ACCESS Restrictions by location – workstation, device Limit or prevent concurrent logins UserLock sets and enforces effective login controls and restrictions (that cannot be achieved in native Windows) on what authenticated users can do. This fine- grained access control helps ensure inappropriate access to company data is no longer a possibility. ENSURE INAPPROPRIATE ACCESS IS NO LONGER POSSIBLE Restrictions by usage/connection time
2. IMMEDIATE RESPONSE TO SUSPICIOUS USER ACCESS Recognize improper user access and respond to risk behavior or access attempts from someone other than the legitimate user Real-Time Monitoring provides the visibility into what users are doing and the ability to take appropriate security measures to alleviate security threats. IMMEDIATE RESPONSE TO SUSPICIOUS USERS immediate and remote response to suspicious, disruptive or unusual logon connections should be an integral part of any organizations security policy and risk mitigation strategy
3. ACCURATE IT FORENSICS IN THE EVENT OF A SECURITY BREACH Accurate, detailed information about who was connected, from which system(s), since what time, for how long etc… UserLock records and archives all access events across the whole Windows Network, giving IT the ability to support accountability, legal investigations and internal trend analysis. ACCURATE IT FORENSICS IN THE EVENT OF A SECURITY BREACH Time spent manually monitoring and auditing network access can be significantly reduced (up to 90%), freeing up resources for other critical tasks
4. STOP EMPLOYEES SHARING LOGINS Preventing concurrent logins reduce the ability of users to share credentials as it impacts their ability to access the network UserLock helps eliminate the opportunity for fraud resulting from users sharing logins. It’s vital to ensure that employees are limited to using only their own personal login information. STOP EMPLOYEES SHARING LOGINS It provides the motivation for employees to adhere to password security policy and help protect the organization’s critical assets Also, UserLock ensures access is attributed to an individual employee - making them responsible for each and every activity
5. STOP ATTACKERS USING STOLEN CREDENTIALS Preventing concurrent logins makes it impossible for any rogue user to use valid credentials at the same time as the legitimate owner Restricting access by physical location and setting usage/connection time limits helps organizations avoid these attacks UserLock ensures unauthorized access is no longer possible – even when credentials are compromised - stopping malicious users seamlessly using valid credentials. Such an attacker is likely to log in with stolen credentials from an abnormal location at an usual time. STOP ATTACKERS USER STOLEN CREDENTIALS
6. RAISE USER SECURITY AWARENESS Messages about legal and contractual implications discourage employees from committing cybercrime or lashing out for a perceived injustice UserLock notifies all users about any access denials on their account Informed employees are an important line of defense. UserLocks’ notification system supports organizations efforts to communicate security policies, increase user security awareness and educate about insider threats. RAISE USER SECURITY AWARENESS
7. ENFORM COMPLIANCE WITH MAJOR REGULATIONS UserLock provides features to identify, search, report and archive user access for compliance with major industry regulations, including NIST 800-53, Sarbanes-Oxley, NIPSOM Chapter 8, PCI, ICD 503… ENFORCE COMPLIANCE WITH MAJOR REGULATIONS
FINANCIAL SECTOR CASE STUDIES
QUESTIONS?
THANK YOU!

Empfohlen

Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
karthikasivakumar3
 
Cyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe SecurityCyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe Security
Rahul Tyagi
 
Cyber security
Cyber securityCyber security
Cyber security
Akdu095
 
Database Threats - Information System Security
Database Threats - Information System SecurityDatabase Threats - Information System Security
Database Threats - Information System Security
sandra sukarieh
 
Isaca june 19, 2010
Isaca june 19, 2010Isaca june 19, 2010
Isaca june 19, 2010
Vicky Shah
 
information security technology
information security technologyinformation security technology
information security technology
garimasagar
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
Ahmad Sharifi
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
IOSR Journals
 

Empfohlen

Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
karthikasivakumar3
 
Cyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe SecurityCyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe Security
Rahul Tyagi
 
Cyber security
Cyber securityCyber security
Cyber security
Akdu095
 
Database Threats - Information System Security
Database Threats - Information System SecurityDatabase Threats - Information System Security
Database Threats - Information System Security
sandra sukarieh
 
Isaca june 19, 2010
Isaca june 19, 2010Isaca june 19, 2010
Isaca june 19, 2010
Vicky Shah
 
information security technology
information security technologyinformation security technology
information security technology
garimasagar
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
Ahmad Sharifi
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
IOSR Journals
 
Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric Cole
David Mai, MBA
 
Phishing: How to get off the hook using Intelligent IAM
Phishing: How to get off the hook using Intelligent IAMPhishing: How to get off the hook using Intelligent IAM
Phishing: How to get off the hook using Intelligent IAM
Courion Corporation
 
Security Breaches from Compromised User Logins
Security Breaches from Compromised User LoginsSecurity Breaches from Compromised User Logins
Security Breaches from Compromised User Logins
IS Decisions
 
Enterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking SectorEnterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking Sector
CONFENIS 2012
 
Network security
Network securityNetwork security
Network security
Ashish Gaurkhede
 
MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)
MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)
MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)
Lacoon Mobile Security
 
Whitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badWhitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-bad
banerjeea
 
Iss lecture 1
Iss lecture 1Iss lecture 1
Iss lecture 1
Ali Habeeb
 
Chapter2 the need to security
Chapter2 the need to securityChapter2 the need to security
Chapter2 the need to security
Dhani Ahmad
 
INFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEMINFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEM
ANAND MURALI
 
System Security Threats and Risks)
System Security Threats and Risks)System Security Threats and Risks)
System Security Threats and Risks)
BPalmer13
 
INFORMATION SECURITY MANAGEMENT
INFORMATION SECURITY MANAGEMENTINFORMATION SECURITY MANAGEMENT
INFORMATION SECURITY MANAGEMENT
Ni
 
Data base security and injection
Data base security and injectionData base security and injection
Data base security and injection
A. Shamel
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
newbie2019
 
Mis 1
Mis 1Mis 1
Mis 1
Rohit Garg
 
Cryptography summary
Cryptography summaryCryptography summary
Cryptography summary
Ni
 
Chapter 4 vulnerability threat and attack
Chapter 4 vulnerability threat and attack Chapter 4 vulnerability threat and attack
Chapter 4 vulnerability threat and attack
newbie2019
 
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...External Attacks Against Privileged Accounts - How Federal Agencies Can Build...
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...
BeyondTrust
 
External Attacks Against Pivileged Accounts
External Attacks Against Pivileged AccountsExternal Attacks Against Pivileged Accounts
External Attacks Against Pivileged Accounts
Lindsay Marsh
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
Sweta Kumari Barnwal
 
Insider Threat Protection | Seclore
Insider Threat Protection | SecloreInsider Threat Protection | Seclore
Insider Threat Protection | Seclore
Seclore
 
IS Decisions Company Overview. Solutions to secure your Windows Network.
IS Decisions Company Overview. Solutions to secure your Windows Network.IS Decisions Company Overview. Solutions to secure your Windows Network.
IS Decisions Company Overview. Solutions to secure your Windows Network.
IS Decisions
 

Weitere ähnliche Inhalte

Was ist angesagt?

Phishing: How to get off the hook using Intelligent IAM
Phishing: How to get off the hook using Intelligent IAMPhishing: How to get off the hook using Intelligent IAM
Phishing: How to get off the hook using Intelligent IAM
Courion Corporation
 
MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)
MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)
MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)
Lacoon Mobile Security
 
Whitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badWhitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-bad
banerjeea
 

Was ist angesagt? (20)

Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric Cole
 
Phishing: How to get off the hook using Intelligent IAM
Phishing: How to get off the hook using Intelligent IAMPhishing: How to get off the hook using Intelligent IAM
Phishing: How to get off the hook using Intelligent IAM
 
Security Breaches from Compromised User Logins
Security Breaches from Compromised User LoginsSecurity Breaches from Compromised User Logins
Security Breaches from Compromised User Logins
 
Enterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking SectorEnterprise Information Systems Security: A Case Study in the Banking Sector
Enterprise Information Systems Security: A Case Study in the Banking Sector
 
Network security
Network securityNetwork security
Network security
 
MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)
MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)
MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)
 
Whitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badWhitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-bad
 
Iss lecture 1
Iss lecture 1Iss lecture 1
Iss lecture 1
 
Chapter2 the need to security
Chapter2 the need to securityChapter2 the need to security
Chapter2 the need to security
 
INFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEMINFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEM
 
System Security Threats and Risks)
System Security Threats and Risks)System Security Threats and Risks)
System Security Threats and Risks)
 
INFORMATION SECURITY MANAGEMENT
INFORMATION SECURITY MANAGEMENTINFORMATION SECURITY MANAGEMENT
INFORMATION SECURITY MANAGEMENT
 
Data base security and injection
Data base security and injectionData base security and injection
Data base security and injection
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
 
Mis 1
Mis 1Mis 1
Mis 1
 
Cryptography summary
Cryptography summaryCryptography summary
Cryptography summary
 
Chapter 4 vulnerability threat and attack
Chapter 4 vulnerability threat and attack Chapter 4 vulnerability threat and attack
Chapter 4 vulnerability threat and attack
 
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...External Attacks Against Privileged Accounts - How Federal Agencies Can Build...
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...
 
External Attacks Against Pivileged Accounts
External Attacks Against Pivileged AccountsExternal Attacks Against Pivileged Accounts
External Attacks Against Pivileged Accounts
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
 

Ähnlich wie Mitigating Insider Threats within the Banking & Financial Sector

IS Decisions Company Overview. Solutions to secure your Windows Network.
IS Decisions Company Overview. Solutions to secure your Windows Network.IS Decisions Company Overview. Solutions to secure your Windows Network.
IS Decisions Company Overview. Solutions to secure your Windows Network.
IS Decisions
 
Identity Security.docx
Identity Security.docxIdentity Security.docx
Identity Security.docx
Mohsin Abbas
 

Ähnlich wie Mitigating Insider Threats within the Banking & Financial Sector (20)

Insider Threat Protection | Seclore
Insider Threat Protection | SecloreInsider Threat Protection | Seclore
Insider Threat Protection | Seclore
 
IS Decisions Company Overview. Solutions to secure your Windows Network.
IS Decisions Company Overview. Solutions to secure your Windows Network.IS Decisions Company Overview. Solutions to secure your Windows Network.
IS Decisions Company Overview. Solutions to secure your Windows Network.
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
 
Identity Security.docx
Identity Security.docxIdentity Security.docx
Identity Security.docx
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdf
 
Priviledged Identity Management
Priviledged Identity ManagementPriviledged Identity Management
Priviledged Identity Management
 
Priviledged identity management
Priviledged identity managementPriviledged identity management
Priviledged identity management
 
Priviledged Identity Management
Priviledged Identity ManagementPriviledged Identity Management
Priviledged Identity Management
 
A network security policy group project unit 4 (1) july 2015
A network security policy group project unit 4 (1) july 2015A network security policy group project unit 4 (1) july 2015
A network security policy group project unit 4 (1) july 2015
 
Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric Cole
 
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
 
Get Ahead of your Next Security Breach
Get Ahead of your Next Security BreachGet Ahead of your Next Security Breach
Get Ahead of your Next Security Breach
 
The 15 best cloud security practices
The 15 best cloud security practices The 15 best cloud security practices
The 15 best cloud security practices
 
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
 
LTS Secure offers PIM User Activity Monitoring
LTS Secure offers PIM User Activity MonitoringLTS Secure offers PIM User Activity Monitoring
LTS Secure offers PIM User Activity Monitoring
 
Ways to Safeguard Your Business from a Data Breach
Ways to Safeguard Your Business from a Data BreachWays to Safeguard Your Business from a Data Breach
Ways to Safeguard Your Business from a Data Breach
 
Legal and Ethical Considerations in Nursing Informatics
Legal and Ethical Considerations in Nursing InformaticsLegal and Ethical Considerations in Nursing Informatics
Legal and Ethical Considerations in Nursing Informatics
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
 

Mehr von IS Decisions

UserLock 9 Technical Presentation
UserLock 9 Technical PresentationUserLock 9 Technical Presentation
UserLock 9 Technical Presentation
IS Decisions
 
Windows Network Access Control for Government Traffic Department
Windows Network Access Control for Government Traffic DepartmentWindows Network Access Control for Government Traffic Department
Windows Network Access Control for Government Traffic Department
IS Decisions
 
Risk from internal users in Banking. A Case-Study of UserLock and Bank of Cyprus
Risk from internal users in Banking. A Case-Study of UserLock and Bank of CyprusRisk from internal users in Banking. A Case-Study of UserLock and Bank of Cyprus
Risk from internal users in Banking. A Case-Study of UserLock and Bank of Cyprus
IS Decisions
 
Oklahoma City Public Schools stops users sharing Windows Network Login with U...
Oklahoma City Public Schools stops users sharing Windows Network Login with U...Oklahoma City Public Schools stops users sharing Windows Network Login with U...
Oklahoma City Public Schools stops users sharing Windows Network Login with U...
IS Decisions
 
IS Decisions Company Presentation
IS Decisions Company PresentationIS Decisions Company Presentation
IS Decisions Company Presentation
IS Decisions
 

Mehr von IS Decisions (17)

UserLock 9 Technical Presentation
UserLock 9 Technical PresentationUserLock 9 Technical Presentation
UserLock 9 Technical Presentation
 
Windows Network Access Control for Government Traffic Department
Windows Network Access Control for Government Traffic DepartmentWindows Network Access Control for Government Traffic Department
Windows Network Access Control for Government Traffic Department
 
Risk from internal users in Banking. A Case-Study of UserLock and Bank of Cyprus
Risk from internal users in Banking. A Case-Study of UserLock and Bank of CyprusRisk from internal users in Banking. A Case-Study of UserLock and Bank of Cyprus
Risk from internal users in Banking. A Case-Study of UserLock and Bank of Cyprus
 
Windows Active Directory Security with IS Decisions
Windows Active Directory Security with IS DecisionsWindows Active Directory Security with IS Decisions
Windows Active Directory Security with IS Decisions
 
Oklahoma City Public Schools stops users sharing Windows Network Login with U...
Oklahoma City Public Schools stops users sharing Windows Network Login with U...Oklahoma City Public Schools stops users sharing Windows Network Login with U...
Oklahoma City Public Schools stops users sharing Windows Network Login with U...
 
RemoteExec DataSheet
RemoteExec DataSheetRemoteExec DataSheet
RemoteExec DataSheet
 
School Network Security. Camden City School District Case Study
School Network Security. Camden City School District Case StudySchool Network Security. Camden City School District Case Study
School Network Security. Camden City School District Case Study
 
Information Security in the Banking Sector. A Case Study on UserLock
Information Security in the Banking Sector. A Case Study on UserLockInformation Security in the Banking Sector. A Case Study on UserLock
Information Security in the Banking Sector. A Case Study on UserLock
 
FileAudit Presentation | Windows File System Auditing
FileAudit Presentation | Windows File System AuditingFileAudit Presentation | Windows File System Auditing
FileAudit Presentation | Windows File System Auditing
 
UserLock Presentation | Access Security for Windows Networks
UserLock Presentation | Access Security for Windows NetworksUserLock Presentation | Access Security for Windows Networks
UserLock Presentation | Access Security for Windows Networks
 
FileAudit Datasheet
FileAudit DatasheetFileAudit Datasheet
FileAudit Datasheet
 
UserLock Datasheet
UserLock DatasheetUserLock Datasheet
UserLock Datasheet
 
8 Holes in Windows Login Controls
8 Holes in Windows Login Controls8 Holes in Windows Login Controls
8 Holes in Windows Login Controls
 
RemoteExec Presentation
RemoteExec PresentationRemoteExec Presentation
RemoteExec Presentation
 
IS Decisions in the NUMB3RS
IS Decisions in the NUMB3RSIS Decisions in the NUMB3RS
IS Decisions in the NUMB3RS
 
IS Decisions Company Presentation
IS Decisions Company PresentationIS Decisions Company Presentation
IS Decisions Company Presentation
 
WinReporter Presentation
WinReporter PresentationWinReporter Presentation
WinReporter Presentation
 

Mitigating Insider Threats within the Banking & Financial Sector

  • 1. UserLock® Mitigating the Security Risk from Internal Users within the Banking & Financial Sector
  • 2. THE INSIDER THREAT Some of the risks posed from Insider Threats in the Financial Sector: THE INSIDER THREAT • Undesired disclosure of confidential customer and account data • Fraud • Loss of intellectual property • Disruption to critical infrastructure • Monetary loss • Embarrassment, Public Relations • Destabilize, disrupt and destroy cyber assets of financial institutions ‘Insiders already know where the company’s crown jewels are!’
  • 3. IDENTIFYING THE INSIDER THREAT Forrester research* has also shown that the greatest volume of security breaches come from employees inadvertently misusing data IDENTIFYING THE INSIDER THREAT Dealing with both malicious and careless activity from employees, ex-employees or trusted partners. IS Decisions research shown that IT professionals consider ignorant users to be the greatest security risk in their organization IN YOUR OPINION, WHICH GROUP WITHIN YOUR ORGANIZATION REPRESENTS THE GREATEST SECURITY RISK? The Insider Threat Security Manifesto – IS Decisions 2014 * http://www.csoonline.com/article/741148/report-indicates-insider-threats-leading- cause-of-data-breaches-in-last-12-months
  • 4. TECHNOLOGY SOLUTIONS FOR THE INSIDER THREAT Nearly 90%* of IT Professionals consider insider threats to be a purely cultural issue and are not aware that technology can help them address internal security issues. TECHNOLOGY SOLUTIONS FOR THE INSIDER THREAT * The Insider Threat Security Manifesto – IS Decisions 2014
  • 5. TECHNOLOGY SOLUTIONS FOR THE INSIDER THREAT TECHNOLOGY SOLUTIONS FOR THE INSIDER THREAT UserLock is an enterprise security software that controls and secures network access for all authenticated users. UserLock helps organizations reduce the risk of security breaches from insider threats (intentional or not), offer an immediate response to suspicious user behavior and get compliant with major regulations.
  • 6. 1. SECURE NETWORK ACCESS Restrictions by location – workstation, device Limit or prevent concurrent logins UserLock sets and enforces effective login controls and restrictions (that cannot be achieved in native Windows) on what authenticated users can do. This fine- grained access control helps ensure inappropriate access to company data is no longer a possibility. ENSURE INAPPROPRIATE ACCESS IS NO LONGER POSSIBLE Restrictions by usage/connection time
  • 7. 2. IMMEDIATE RESPONSE TO SUSPICIOUS USER ACCESS Recognize improper user access and respond to risk behavior or access attempts from someone other than the legitimate user Real-Time Monitoring provides the visibility into what users are doing and the ability to take appropriate security measures to alleviate security threats. IMMEDIATE RESPONSE TO SUSPICIOUS USERS immediate and remote response to suspicious, disruptive or unusual logon connections should be an integral part of any organizations security policy and risk mitigation strategy
  • 8. 3. ACCURATE IT FORENSICS IN THE EVENT OF A SECURITY BREACH Accurate, detailed information about who was connected, from which system(s), since what time, for how long etc… UserLock records and archives all access events across the whole Windows Network, giving IT the ability to support accountability, legal investigations and internal trend analysis. ACCURATE IT FORENSICS IN THE EVENT OF A SECURITY BREACH Time spent manually monitoring and auditing network access can be significantly reduced (up to 90%), freeing up resources for other critical tasks
  • 9. 4. STOP EMPLOYEES SHARING LOGINS Preventing concurrent logins reduce the ability of users to share credentials as it impacts their ability to access the network UserLock helps eliminate the opportunity for fraud resulting from users sharing logins. It’s vital to ensure that employees are limited to using only their own personal login information. STOP EMPLOYEES SHARING LOGINS It provides the motivation for employees to adhere to password security policy and help protect the organization’s critical assets Also, UserLock ensures access is attributed to an individual employee - making them responsible for each and every activity
  • 10. 5. STOP ATTACKERS USING STOLEN CREDENTIALS Preventing concurrent logins makes it impossible for any rogue user to use valid credentials at the same time as the legitimate owner Restricting access by physical location and setting usage/connection time limits helps organizations avoid these attacks UserLock ensures unauthorized access is no longer possible – even when credentials are compromised - stopping malicious users seamlessly using valid credentials. Such an attacker is likely to log in with stolen credentials from an abnormal location at an usual time. STOP ATTACKERS USER STOLEN CREDENTIALS
  • 11. 6. RAISE USER SECURITY AWARENESS Messages about legal and contractual implications discourage employees from committing cybercrime or lashing out for a perceived injustice UserLock notifies all users about any access denials on their account Informed employees are an important line of defense. UserLocks’ notification system supports organizations efforts to communicate security policies, increase user security awareness and educate about insider threats. RAISE USER SECURITY AWARENESS
  • 12. 7. ENFORM COMPLIANCE WITH MAJOR REGULATIONS UserLock provides features to identify, search, report and archive user access for compliance with major industry regulations, including NIST 800-53, Sarbanes-Oxley, NIPSOM Chapter 8, PCI, ICD 503… ENFORCE COMPLIANCE WITH MAJOR REGULATIONS
  • 14.
  • 15.