Active authentication to protect IT assets

download Active authentication to protect IT assets

of 19

  • date post

    11-Feb-2017
  • Category

    Technology

  • view

    288
  • download

    1

Embed Size (px)

Transcript of Active authentication to protect IT assets

THIS IS YOUR PRESENTATION TITLE

ACTIVE AUTHENTICATION FOR INFRASTRUCTURE

HELLO!I am Anirban Banerjee.I am the Founder and CEO of Onion ID.

https://calendly.com/anirban/enterprise-demo/

THE STATUS QUO4

IT INFRASTRUCTURE TODAY

WHO IS ACCESSING

THE STATUS QUO

CHALLENGES AND THREATS

CHALLENGES IT Outsourcing

CHALLENGES Inflexible Multiple dev teams Geographically distributed Shadow IT

High Velocity Changes IaaS/Paas via APIsAWS, Rackspace, DockerAll types of web apps

Employee churn

Compliance and Audits

Attack surface has changedHorizontal attacker movementVertical privilege escalation

THE THREAT LANDSCAPEHorizontal and Vertical Attacker Movement

GOING FORWARD

ACTIVE AUTHENTICATION CAN HELP Concept of least privilege Risk score everything Every command is analyzed Learn, Match, Act, Update

WHAT TO LOOK FOR AND WHAT TO DO

COMPLIANCEPCI DSS, HIPAA, FedRamp, FFIEC, SOX, SOC I,II

Legal consequencesProvide proof of controlsKeep the board informedUse tools for reporting, automate

BEST PRACTICESSSH Key rotationsDevice fingerprintingCredential rotations for VPNMAC address pinningReview logs regularlyAudit user accounts

CONTINUOUS IMPROVEMENT

Connect with us18calendly.com/anirban/enterprise-demo/Free Trial on OnionID.comSales@onionid.com1-888-315-4745Twitter - @onion_idConnect with us on FB or Linkedin

We will be posting these slides

Feedback is very welcomehttps://calendly.com/anirban/enterprise-demo/

THANK YOU!Any questions?You can find more about us at:Onion ID Privilege Management in 60 Secondswww.onionid.com , sales@onionid.comTel: +1-888 315 4745