Control Valuable Data By Using Maps

Posted on October 11, 2011 by Phil Grimes

As the battle rages, attackers look for every angle they can leverage in order to access your data. Our team has spent countless hours discussing the importance of identifying what ‘valuable data’ means (it is NOT the same for everyone), learning where that data lives, and understanding how it is accessed. Data flow mapping provides a useful tool that helps illustrate how data moves through any given process or system. When approaching this project in the field, we often see how compartmentalized our business processes are as each person, department, and/or unit knows a little about the target system/process. But when we take an in depth look, rarely does anyone understand it thoroughly! While this philosophy presents a challenge to any organization, the payoff can be priceless- especially in the case of a breach!

These maps are not only helpful to a new employee; but can also explain the system/process to an auditor or regulatory authority in a fraction of the time, and more thoroughly than most employees can. Realizing how our data is handled is vital to the next stage in protecting the data as the battlefield continually changes!

We have to focus on wrapping better controls around our valuable data. Don’t be discouraged by the challenge ahead. Instead, embrace the opportunity to help change the way the world thinks about Information Security! Nothing worth doing is ever easy, and applying this strategy to your environment won’t be either. But as we repeat the process over each facet of our organizations we become more efficient. After all, practice makes perfect!

The graphic below is what the finished product looks like. Yours will look entirely different, no doubt! Don’t focus on this map or this process, but on the underlying principle instead. By combining this with a network map, trust map, and surface map, we can create a comprehensive mechanism to provide useful, accurate intelligence that is easily parsed and processed on demand.

Why a Data Flow Map Will Make Your Life Easier

Posted on October 7, 2011 by Brent Huston

It’s impossible to protect everything in your environment if you don’t know what’s there. All system components and their dependencies need to be identified. This isn’t a mere inventory listing. Adding the dependencies and trust rela- tionships is where the effort pays off.

This information is useful in many ways

If Server A is compromised incident responders can quickly assess what other components may have been affected by reviewing its trust relationships
Having a clear depiction of component dependencies eases the re-architecture process allowing for faster, more efficient upgrades
Creating a physical map in accordance with data flow and trust relationships ensures that components are not forgotten
Categorizing system functions eases the enclaving process

Don’t know where to start? It’s usually easiest to map one business process at a time. This enables everyone to better understand the current environment and data operations. Once the maps are completed they must be updated peri- odically to reflect changes in the environment.

Click here to see an example of a Data Flow Map. The more you know, the better prepared you can be!

MSI Strategy & Tactics Talk Ep. 12: Managing Mobile Security Part II

Posted on October 4, 2011 by Mary Rose Maguire

“Enterprises are starting to move toward mobile device management services. This could be in-house or off-site. It allows remote provisioning and configuration. It really helps an organization with policy issues.” – Adam Hostetler, Network Engineer and Security Analyst, MicroSolved, Inc.

Samsung Galaxy, Google Android, Apple iPad — mobile devices are a hot item and consumers are bringing them to their workplaces. We wrap up our discussion from Episode 9 on Mobile Security by discussing what you can do to choose your mobile devices wisely and create an action plan for your organization. Discussion questions include:

Does it matter which mobile device you use?
How can an organization create a plan that is focused on attack prevention?

Panelists:

Adam Hostetler, Network Engineer and Security Analyst
Phil Grimes, Security Analyst
John Davis, Risk Management Engineer

Mary Rose Maguire, Marketing Communication Specialist and moderator

Click the embedded player to listen. Or click this link to access downloads. Stay safe!

Apple’s iOS5 and the iCloud: Great Ideas, Huge Security Impact

Posted on September 29, 2011 by Mary Rose Maguire

Wondering how Apple’s iOS5 and the iCloud will affect your life? Check our recent slide deck that tackles some potential challenges as Apple gets ready to roll out their newest creation. In this deck, you’ll learn:

What is key
iOS5 idealism and reality
The good news and bad news
What do do and not do

As always, we’re here for discussion. Follow Brent Huston on Twitter to engage even more!

Chaos, Insecurity, and Crime

Posted on September 27, 2011 by Mary Rose Maguire

We recently presented the attached slide deck at an OWASP meeting and it was well-received. In it, you’ll learn:

What are the new targets for hackers?
The new crimeware model
What we’re seeing and what we’re not
Thoughts on controls

Feel free to contact us with questions. Follow Brent Huston on Twitter and engage him. He’s more than happy to talk security!

MicroSolved Winner of First Americas Information Security Leadership Award

Posted on September 23, 2011 by Mary Rose Maguire

We’re thrilled to announce that MSI has received an award from (ISC)2, the world’s largest information security professional body and administrators of the CISSP®!

MicroSolved, Inc. has worked hard over the years to provide information security awareness to our community. We’ve been involved in everything from volunteering at local community colleges for security events to providing insights and advice to WordPress. Quite simply, MSI wants to make the world’s data safer.

Congratulations to Brent Huston, Founder, CEO, and Security Evangelist of MSI for his commitment and vision. At MSI, we will continue our mission toward bringing security awareness wherever we can. View the press release here.

HoneyPoint Maturity Model

Posted on September 22, 2011 by Brent Huston

Many folks have asked for a quick review of the way HoneyPoint users progress as they grow their confidence in the product suite and in their capability to manage threat data. To help answer those questions and to give folks a quick way to check out how some folks use HoneyPoint beyond simple scan/probe detection, we put together this quick maturity model to act as a roadmap.

If you are interested in hearing more about a specific set of functions or capabilities, give us a call or drop us a line. We would be happy to walk you through the model or any of the specific items. HoneyPoint users, feel free to engage with support if some of this sparks a new idea for how your organization can deepen your own HoneyPoint use cases. Thanks for reading and stay safe out there!

Audio Blog Post: How to Choose the Best Security Partner

Posted on September 19, 2011 by Brent Huston

In this audio post, Brent Huston, CEO and Security Evangelist, interviews MSI’s Constance Matthews and Chris Lay about choosing the right security partner. Also discussed is MicroSolved’s backstory with the State of Ohio’s voting system and how clients benefit from MSI’s partnership philosophy.

Click here to listen: How to Choose the Best Security Partner

A Framework For Managing Mobile Devices For Security

Posted on September 16, 2011 by Brent Huston

After several discussions the last few days with a number of folks around mobile technologies and the security risks they pose to organizations, I thought I might be able to help folks by putting forth a quick a dirty (“back of the napkin”) framework diagram.

This should easily demonstrate a high level strategy and give you some thinking points about how your organization manages mobile devices and data interactions from them.

As always, thanks for reading and feel free to engage with me via twitter (@lbhuston), phone or email if you want to discuss the framework or any of the components. My team is always available to help and willing to engage with readers for help with creating the components or reviewing what you have so far. I hope this helps some folks!

Click this link to access the PDF: MobileTechSecFramework

MSI Strategy & Tactics Talk Ep. 11: Managing Mobile Security

Posted on September 14, 2011 by Mary Rose Maguire

“We’re not seeing good reporting processes yet. Many organizations… do not know who has these mobile devices or where they are located and what they’re being used for.” – Brent Huston, CEO, MicroSolved, Inc.

Samsung Galaxy, Google Android, Apple iPad — mobile devices are a hot item and consumers are bringing them to their workplaces. Along with the popularity are malware developers who would like nothing better than to steal sensitive information from them. How can you protect your organization’s data from mobile device usage? Discussion questions include:

Who is managing mobile devices?
There needs to be some reporting – who does this and who should be involved?
Who are the groups that should be included when talking about mobile security? How should an organization start their strategy?
Regarding the data layer: what controls can we wrap around the data itself?