1 / 40

Securing Your Data with Microsoft Technologies

What you can expect Today. Our current thinking on Scenarios

octavio
Download Presentation

Securing Your Data with Microsoft Technologies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


    1. Securing Your Data with Microsoft Technologies Mike Smith-Lonergan Sr. Technical Program Manager Microsoft Corporation MIKESL@microsoft.com TechEd 2006 - Securing your Data with Microsoft Technologies EFS, RMS, Full Volume Encryption, SQL 2005 - lots of encryption for overlapping sets of data. Which do you use, when and why? This talk will help you understand the common security basis for all these technologies, and then discuss the different threats for which each is and isn't suitable. Next we'll examine the best configuration settings to get the maximum security benefit for your organization, and finally look at current security attack scenarios and which security technologies will actually help protect your data against such attacks.TechEd 2006 - Securing your Data with Microsoft Technologies EFS, RMS, Full Volume Encryption, SQL 2005 - lots of encryption for overlapping sets of data. Which do you use, when and why? This talk will help you understand the common security basis for all these technologies, and then discuss the different threats for which each is and isn't suitable. Next we'll examine the best configuration settings to get the maximum security benefit for your organization, and finally look at current security attack scenarios and which security technologies will actually help protect your data against such attacks.

    2. What you can expect Today Our current thinking on Scenarios & Solutions What technologies to use where and why 60 minutes for discussion & quick demo 15 minutes for questions at the end

    3. Why Am I Talking To You About This? When should I use X? EFS, RMS, S/MIME, BDE, XPS, CAPI, CAPICOM, CAPI-NG, WS-Sec, Smart Cards What is the right encryption to use? Give me a strategic direction Plus all the supporting technologies: CSPs, password hashing (LM, NTLM), cached password verifiers, SYSKEY, DPAPI, managed DPAPI classesPlus all the supporting technologies: CSPs, password hashing (LM, NTLM), cached password verifiers, SYSKEY, DPAPI, managed DPAPI classes

    4. Where is your Data Stored? Q: Where is your biggest security exposure? Trick question! Statistics on where the most data is stored in the least-well-protected systems Clients (notebooks, desktops) Servers (branch office, data center) removable storage (flash, USB, DVD-RW) Mobile devices (phone, PDA, UMPC) Managing risk = focus attention on greatest exposures first dont try to solve problem all at once Server roles: F&P, email, docman/collab, RDBMS, SAN, HSM Statistics on where the most data is stored in the least-well-protected systems Clients (notebooks, desktops) Servers (branch office, data center) removable storage (flash, USB, DVD-RW) Mobile devices (phone, PDA, UMPC) Managing risk = focus attention on greatest exposures first dont try to solve problem all at once Server roles: F&P, email, docman/collab, RDBMS, SAN, HSM

    5. Clients Documents Where do your users keep their documents? User Profile Outlook, Sharepoint, Desktop, Temp per-machine data Search index, file cache Documents - it may sound simple but in reality, many orgs have different standard locations for users docs -root folder, redirect to server , Separate partition, -plus all the app-specific data locations (e.g. desktop search, MSDE/Access)Documents - it may sound simple but in reality, many orgs have different standard locations for users docs -root folder, redirect to server , Separate partition, -plus all the app-specific data locations (e.g. desktop search, MSDE/Access)

    6. Servers File Shares Collaboration store (e.g. Sharepoint) RDBMS (e.g. SQL) Mail (e.g. Exchange) SAN HSM Enterprise backup Where ISNT Data stored?

    7. Big Picture

    8. What Technologies Can Be Used? ACLs Rights Management (eek!) Role-based Access System encryption Application encryption

    9. ACLs Classic approach Configuring: Windows Explorer, cacls.exe Group Policy/Secedit NEW! .NET Framework 2.0 (SDDL) Good: protect against online/remote attackers Bad: protecting against local Admins Ugly: protecting against offline attacks

    10. ACLs example: File server Uses AD, Group Policy, Windows client Goal: users cannot see each others files Server shares folder \\Server\Home Share permissions = Users: Change Folder root permissions allow: Users: Traverse folder, List folder, Create folders, Read (This folder only) Creator/owner: Change (Subfolders and files only) Result: User creates new folder Can do anything they want with that folder No other user can see inside that folder

    11. Rights Management The ACL goes wherever the document goes Combines encryption with policy enforcement Good: protecting against offline, online attacks Bad: protecting against Super Users Ugly: protecting against Active Directory admins

    12. Roles-based access (RBAC) Idealized approach Must combine with other tech ACLs Encryption Rights Management App-specific authorization (e.g. SQL, Exchange) Issues: Every Windows app has a different approach Still no better against offline attacks

    13. RBAC scenario: rights management Leverage Active Directory, RMS, Office Assign users to groups (roles) in AD RMS Templates assign rights to groups Use RMS-enabled app (e.g. Office) to assign rights via templates RMS server and client grant limited access to documents

    15. System encryption Encrypt each file = Encrypting File System (EFS) Encrypt each sector = BitLocker Drive Encryption (BDE) Good: protect against offline attack Bad: doesnt protect against user error Ugly: doesnt protect between systems

    16. (BitLocker Data Encryption) (Encrypting File System) (Rights Management Services) BDE, EFS & RMS

    17. Application Encryption Leverage each apps data protection approach Every app has its own approach, e.g. Outlook S/MIME, SQL Server, Office, Winzip Good: theres encryption Bad: hard to manage Ugly: brutal to manage across the enterprise

    18. App example: SQL 2005 SQL 2005 uses DPAPI Comparable to EFS Multiple layers of keys Partition access Encrypt instances, databases, tables with separate keys Leverage HSM @ server level Advantages: keys managed with data, max perf, uses system libraries Disadvantages: Server & DB Ops can get keys

    19. Scenarios Loss or Theft of PC aka notebook in taxi Reduced data leaks aka whoopsie Server-side encryption aka untrustworthy Admins End-to-end encryption aka regulatory compliance These are the most common These are the most common

    20. (1) Loss or Theft of PC Threat: Attackers with infinite time, many tools, well-documented attack techniques Goal: mitigate the risk of Data exposure Reduce the risk, NOT eliminate Good Application Encryption Better Minimize the stored data System Encryption Don't bother with ACLs, RBAC, DRM

    21. (1) Loss or Theft of PC EFS Mitigates offline attacks except against user account Prevents online attacks (on encrypted files) Threats focus on users password BitLocker with TPM or USB (Vista) Prevents offline attacks (replace passwords, copy hashes, change system files) Threats focus on user logons Ideal: BitLocker with TPM + EFS with Smart Card (Vista) Attacker with notebook + Smart Card needs PIN (not password) After x bad tries, Smart Card locked FOREVER

    22. (1) Loss or Theft of PC Reality check: Windows XP today Attack focus: user passwords, cleartext data Tactics: Better passwords/phrases Encrypt significant sets of data EFS for Documents, email, desktop, TIF, server caches Smartcard logon per-PC Residual risk: pagefile fragments, hiberfile, cached logon verifiers Hey Mike, are you dreaming? We arent running Vista in our organizations. Better passwords = longer passphrases then ditch the complexity Per-PC smartcard logon XPSP2 Group Policy aka Interactive logon: require smart card If you believe every person that finds a lost laptop from your org is an uber-hacker just waiting to find some secrets company documents, well then maybe you work for Microsoft. ? Hiberfile encrypted in XPSP2Hey Mike, are you dreaming? We arent running Vista in our organizations. Better passwords = longer passphrases then ditch the complexity Per-PC smartcard logon XPSP2 Group Policy aka Interactive logon: require smart card If you believe every person that finds a lost laptop from your org is an uber-hacker just waiting to find some secrets company documents, well then maybe you work for Microsoft. ? Hiberfile encrypted in XPSP2

    23. (2) Reduced data leaks Threat: Authorized users with legit access giving data to others Goal: mitigate the risk of spread of data Reduce, NOT eliminate Good ACLs, Role-based Access Better DRM, Application encryption Don't bother with System encryption

    24. (2) Reduced data leaks ACL shared files on servers with RBAC groups Prevents users from granting each other permissions Leverage a rights management technology Reduces the amount of unprotected files Ideal: RM automatically assigned (RMS partners) Enforces RM protection according to pre-defined business rules Bonus: encryption on physical media Bonus: removable media policy (Vista) Bonus: encryption on physical media reduces the risk of accidentally left-behind CDs, USB drives, etc. allowing malicious people to find sensitive data on devices that become separated from the computer.Bonus: encryption on physical media reduces the risk of accidentally left-behind CDs, USB drives, etc. allowing malicious people to find sensitive data on devices that become separated from the computer.

    25. (2) Reduced data leaks Reality check: user-initiated RMS is unreliable Risk focus: leaks to outsiders Tactics: do not forward emails from execs, legal, R&D RMS automation on servers (future) Converting AD roles to security-enabled Distribution Groups Experiment with WinFX, Print-to-XPS

    26. (3) Server-Side Encryption Threat: some Admins have or grant themselves access with no oversight or detection Goal: mitigate the risk of widespread leaks Reduce, NOT eliminate Good Role-based Access Better System encryption, Application encryption, ERM Don't Bother with ACLs

    27. (3) Server-Side Encryption Roles-based access on all servers (and clients) Prevents Admins from unaudited access to data EFS, BitLocker, RMS with central keys managed elsewhere Reduces opportunity for quick access to protected data Threats switch to impersonating users Bonus: audit for Object Access (Take Ownership, Change Permissions), Policy Change, System Events Bonus: role-separated audit collection

    28. (4) End-to-end encryption Challenges Approaches Futures

    29. (4) End to End: Challenges Lack of product integration Key management Keep keys close to data (performance, portability)? Keep keys far from data (security, administration)? Cross-platform issues Managing transitions between systems, applications and organizations

    30. (4) End to End: Approaches Standard algorithms Third-party products Best-fit solutions Mitigate greatest exposures first Best-fit solutions are also known as point solutions or as good as you can get for now.Best-fit solutions are also known as point solutions or as good as you can get for now.

    31. (4) End to End: Futures information protection platform Possibly integrate EFS, RMS, NGSCB WS-Sec (and other standards) .NET Framework 3.0 (WinFX) IPv6

    32. Beyond Microsoft technologies Pervasive hardware-integrated crypto ISV encryption ISV rights management Smart cards other multi-factor access control

    33. Calls to Action Fill out the Survey Please! Give me specific feedback: Guidance you need for Protecting Data with Microsoft technologies What bugs you about the current product stack Send me email: MIKESL@microsoft.com When you get home IT: Plan your AD schema upgrade! Dev: Download WinFX

    34. Want More of Us? Breakout Session: Regulatory Compliance SEC211 with Bill Canning WED 8:30am CIS or Security Booth in TLC Red TechEd Connect AND Focus Group: Data Protection (drop me a business card)

    35. Resources

    38. Sample IRM UI if needed or if demos not possibleSample IRM UI if needed or if demos not possible

    39. Sample IRM UI if needed or if demos not possibleSample IRM UI if needed or if demos not possible

    40. Safeguarding Confidential Data

    41. RMS at Microsoft Example of RMS Templates Corporate RMS templates available from the Permission menu of Outlook, Word, PowerPoint, and Excel

More Related