Enhanced Security and Compliance with Your K1000
-
Upload
dell-world -
Category
Software
-
view
48 -
download
4
Transcript of Enhanced Security and Compliance with Your K1000
![Page 1: Enhanced Security and Compliance with Your K1000](https://reader034.fdocuments.net/reader034/viewer/2022042701/55aadd901a28abeb1f8b4620/html5/thumbnails/1.jpg)
Dell World 2014
Enhanced Security and Compliance
with Dell Endpoint System ManagementBrandon Whitman, Sales EngineerAlejandro Vazquez, Software Technologist
Dell WorldUser Forum
![Page 2: Enhanced Security and Compliance with Your K1000](https://reader034.fdocuments.net/reader034/viewer/2022042701/55aadd901a28abeb1f8b4620/html5/thumbnails/2.jpg)
Compliance?
A baseline for security
• Authoritative Documents– HIPAA– SOX– PCI– Etc.
• Process Compliance– ITIL
• Software Compliance– Licensing– Configuration
Dell World User Forum
![Page 3: Enhanced Security and Compliance with Your K1000](https://reader034.fdocuments.net/reader034/viewer/2022042701/55aadd901a28abeb1f8b4620/html5/thumbnails/3.jpg)
Security?
How you become compliant
• Discovery– SCAP– OVAL– Inventory
• Action– Patching– Permissions– Processes
Dell World User Forum
![Page 4: Enhanced Security and Compliance with Your K1000](https://reader034.fdocuments.net/reader034/viewer/2022042701/55aadd901a28abeb1f8b4620/html5/thumbnails/4.jpg)
ESM SolutionsEnd to end system management
• K1000 Management Appliance– Device Inventory– Software Catalog– Patching– Helpdesk– Vulnerability Assessment
• Desktop Authority Management Suite– Least Privilege Access– User Workspace Management
• Password Manager– Self Service Password Management
Dell World User Forum
![Page 5: Enhanced Security and Compliance with Your K1000](https://reader034.fdocuments.net/reader034/viewer/2022042701/55aadd901a28abeb1f8b4620/html5/thumbnails/5.jpg)
Dell World 2014
What are SCAP and OVAL
SCAP
• Easy to use tool to ensure common endpoint configurations and confirm organizational compliance.
• Published and maintained by the National Institute of Standards and Technology (NIST) for Windows.
OVAL
• Comprehensive suite of tests to detect security vulnerabilities.
• Community based but primarily sponsored by DHS Office of Cyber Security.
• Reports offer recommended remediation steps.
Discover
Analyze
Secure
![Page 6: Enhanced Security and Compliance with Your K1000](https://reader034.fdocuments.net/reader034/viewer/2022042701/55aadd901a28abeb1f8b4620/html5/thumbnails/6.jpg)
Dell World 2014
Why SCAP and OVAL?
SCAP
• Ensure systems are deployed at “Known Good” baseline.
• Meet FDCC Compliance and/or enable organizations to enforce their own configuration standards
OVAL
• Preventative maintenance to close vectors for malware infections
• Automate the task of finding vulnerabilities and configuration issues.
• Reports offer recommended remediation steps.
Discover
Analyze
Secure
![Page 7: Enhanced Security and Compliance with Your K1000](https://reader034.fdocuments.net/reader034/viewer/2022042701/55aadd901a28abeb1f8b4620/html5/thumbnails/7.jpg)
Dell World 2014
How? Preventative Image Hardening
• Deploy with K2000
• Image is already compliant with company policies
• Easier to manage in the future.
• Prepare K1000 agent for imaging
• Run amptools.exe cloneprep=1
• Removes KUID
• Use SysprepCreator
• Capture with K2000
• Remediate per current policies
• Run additional scans
• Confirm compliance with current policies
• Install K1000 agent
• Run Benchmarks
• OS
• MS Office
• IE
• Analyze Results
• Compare to current policies
Scan Comply Capture Deploy
![Page 8: Enhanced Security and Compliance with Your K1000](https://reader034.fdocuments.net/reader034/viewer/2022042701/55aadd901a28abeb1f8b4620/html5/thumbnails/8.jpg)
Dell World 2014
What is Desktop Authority Management Suite?
Desktop Authority Standard & Privilege Manager
• Toolset to enable administrators to proactively provision and manage the Windows user environment.
• Create a secure, consistent environment for each user
• Ensure applications run with only the privileges and access needed
• Targeted configurations and privileges to ensure a balance security with user productivity
Profiles
Privileges
Happy Users!
![Page 9: Enhanced Security and Compliance with Your K1000](https://reader034.fdocuments.net/reader034/viewer/2022042701/55aadd901a28abeb1f8b4620/html5/thumbnails/9.jpg)
Dell World 2014
Why Desktop Authority Management Suite?
• Managing the user environment has always been difficult
• Built-in management tools, namely GPOs, can apply many settings, however, application can be cumbersome to configure
• Logon scripts are widely used and often embedded into GPOs
• Desktop Authority is simply easier to use than a collection of configuration tools.
• Happy IT Staff AND Happy Users!
• Complements Endpoint Management Solutions
Profiles
Privileges
Happy Users!
![Page 10: Enhanced Security and Compliance with Your K1000](https://reader034.fdocuments.net/reader034/viewer/2022042701/55aadd901a28abeb1f8b4620/html5/thumbnails/10.jpg)
10
Dell - Restricted - Confidential
How to make Happy Users! (and Happy IT Staff)
Configuration and Management
• Validation Logic• Replace Logon Scripts• Customize Applications• Printer and Drive Mapping• Folder Redirection
Dynamic Security
• Validation Logic• USB Port Security• Group Policy Templates• Security Policies• Least Privilege Application
Access
Enhance Traditional Client Management
• Complete the User Workspace Configuration
• Complement Existing System Management Infrastructure
Power Management
• Validation Logic• Inactivity Monitoring• Power Schemes• Savings Calculator
![Page 11: Enhanced Security and Compliance with Your K1000](https://reader034.fdocuments.net/reader034/viewer/2022042701/55aadd901a28abeb1f8b4620/html5/thumbnails/11.jpg)
Dell World 2014
What is Dell Password Manager?
• Self-service password reset tool with an end-user friendly interface
• Tool to allow IT to easily enforce stronger password policies and automate password change intervals
• Seamless integration with Windows and the K1000
• Increase data security by eliminating common intrusion vectors
Forgotten
Locked
Fixed
![Page 12: Enhanced Security and Compliance with Your K1000](https://reader034.fdocuments.net/reader034/viewer/2022042701/55aadd901a28abeb1f8b4620/html5/thumbnails/12.jpg)
Dell World 2014
Why use Dell Password Manager?
• Reduce helpdesk and IT involvement
• Increase user productivity
• Eliminate the need for users to write down passwords
• Reduce the risk of data breach due to weak passwords
• Reduce lost productivity
Forgotten
Locked
Fixed
![Page 13: Enhanced Security and Compliance with Your K1000](https://reader034.fdocuments.net/reader034/viewer/2022042701/55aadd901a28abeb1f8b4620/html5/thumbnails/13.jpg)
Dell World 2014
How?Familiar User InterfaceDell Password manager presents end users with an interface much like web commerce sites.
Dell Password Manager
Self-EnrollmentUsers enroll and choose from a list of security questions and provide their unique answers.
Self-ServiceWhen a user forgets their password, they simply answer their questions and can reset it without the need for IT intervention.
![Page 14: Enhanced Security and Compliance with Your K1000](https://reader034.fdocuments.net/reader034/viewer/2022042701/55aadd901a28abeb1f8b4620/html5/thumbnails/14.jpg)
Dell World User Forum
All together now…
• Preventative Image Compliance
• Using SCAP and OVAL to secure the OS prior to Deployment with the K2000 Deployment Appliance
• Live System Auditing
• Using SCAP and OVAL on currently running systems
• Least Privilege Access
• Privilege Manager can allow legacy programs to run as Administrator while the user retains a lower privilege set
• User Workspace Management
• USB Port Security
• Prevent the need for end users to seek other methods to do their job.
• Password Manager
• Increase security and reduce cost
• Empower users
![Page 15: Enhanced Security and Compliance with Your K1000](https://reader034.fdocuments.net/reader034/viewer/2022042701/55aadd901a28abeb1f8b4620/html5/thumbnails/15.jpg)
Dell World 2014
Thank you.
![Page 16: Enhanced Security and Compliance with Your K1000](https://reader034.fdocuments.net/reader034/viewer/2022042701/55aadd901a28abeb1f8b4620/html5/thumbnails/16.jpg)
Dell World 2014
Reference
![Page 17: Enhanced Security and Compliance with Your K1000](https://reader034.fdocuments.net/reader034/viewer/2022042701/55aadd901a28abeb1f8b4620/html5/thumbnails/17.jpg)
Dell World 2014
Helpful Links
• Unified Compliance– https://www.unifiedcompliance.com/
• Addressing HIPAA Challenges with KACE and SecureWorks– http://www.kace.com/~/media/Files/Resources/White-Papers/Addressing-HIPAA-Challenges-Dell-KACE-and-Dell-
SecureWorksoach.pdf
• Desktop Authority Licensing and FAQ– http://www.quest.com/docs/desktop-authority-management-suite-faq-24287.pdf
• Dell Password Manager Datasheet– http://www.quest.com/documents/password-manager-datasheet-3490.pdf
• The Privilege Management Conspiracy– https://software.dell.com/docs/the-privilege-management-conspiracy-whitepaper-7789.pdf
• Killing Administrator– https://software.dell.com/docs/WPW-KillingAdministrator-082212.pdf
• Six Ways to Extend and Expand Your Systems Management Capabilities to Your User Environment – http://software.dell.com/documents/six-ways-to-extend-and-expand-your-system-management-capabiltiies-to-
your-user-environment-whitepaper-27653.pdf