Enhanced Security and Compliance with Your K1000
-
Upload
dell-world -
Category
Software
-
view
44 -
download
4
Transcript of Enhanced Security and Compliance with Your K1000
Dell World 2014
Enhanced Security and Compliance
with Dell Endpoint System ManagementBrandon Whitman, Sales EngineerAlejandro Vazquez, Software Technologist
Dell WorldUser Forum
Compliance?
A baseline for security
• Authoritative Documents– HIPAA– SOX– PCI– Etc.
• Process Compliance– ITIL
• Software Compliance– Licensing– Configuration
Dell World User Forum
Security?
How you become compliant
• Discovery– SCAP– OVAL– Inventory
• Action– Patching– Permissions– Processes
Dell World User Forum
ESM SolutionsEnd to end system management
• K1000 Management Appliance– Device Inventory– Software Catalog– Patching– Helpdesk– Vulnerability Assessment
• Desktop Authority Management Suite– Least Privilege Access– User Workspace Management
• Password Manager– Self Service Password Management
Dell World User Forum
Dell World 2014
What are SCAP and OVAL
SCAP
• Easy to use tool to ensure common endpoint configurations and confirm organizational compliance.
• Published and maintained by the National Institute of Standards and Technology (NIST) for Windows.
OVAL
• Comprehensive suite of tests to detect security vulnerabilities.
• Community based but primarily sponsored by DHS Office of Cyber Security.
• Reports offer recommended remediation steps.
Discover
Analyze
Secure
Dell World 2014
Why SCAP and OVAL?
SCAP
• Ensure systems are deployed at “Known Good” baseline.
• Meet FDCC Compliance and/or enable organizations to enforce their own configuration standards
OVAL
• Preventative maintenance to close vectors for malware infections
• Automate the task of finding vulnerabilities and configuration issues.
• Reports offer recommended remediation steps.
Discover
Analyze
Secure
Dell World 2014
How? Preventative Image Hardening
• Deploy with K2000
• Image is already compliant with company policies
• Easier to manage in the future.
• Prepare K1000 agent for imaging
• Run amptools.exe cloneprep=1
• Removes KUID
• Use SysprepCreator
• Capture with K2000
• Remediate per current policies
• Run additional scans
• Confirm compliance with current policies
• Install K1000 agent
• Run Benchmarks
• OS
• MS Office
• IE
• Analyze Results
• Compare to current policies
Scan Comply Capture Deploy
Dell World 2014
What is Desktop Authority Management Suite?
Desktop Authority Standard & Privilege Manager
• Toolset to enable administrators to proactively provision and manage the Windows user environment.
• Create a secure, consistent environment for each user
• Ensure applications run with only the privileges and access needed
• Targeted configurations and privileges to ensure a balance security with user productivity
Profiles
Privileges
Happy Users!
Dell World 2014
Why Desktop Authority Management Suite?
• Managing the user environment has always been difficult
• Built-in management tools, namely GPOs, can apply many settings, however, application can be cumbersome to configure
• Logon scripts are widely used and often embedded into GPOs
• Desktop Authority is simply easier to use than a collection of configuration tools.
• Happy IT Staff AND Happy Users!
• Complements Endpoint Management Solutions
Profiles
Privileges
Happy Users!
10
Dell - Restricted - Confidential
How to make Happy Users! (and Happy IT Staff)
Configuration and Management
• Validation Logic• Replace Logon Scripts• Customize Applications• Printer and Drive Mapping• Folder Redirection
Dynamic Security
• Validation Logic• USB Port Security• Group Policy Templates• Security Policies• Least Privilege Application
Access
Enhance Traditional Client Management
• Complete the User Workspace Configuration
• Complement Existing System Management Infrastructure
Power Management
• Validation Logic• Inactivity Monitoring• Power Schemes• Savings Calculator
Dell World 2014
What is Dell Password Manager?
• Self-service password reset tool with an end-user friendly interface
• Tool to allow IT to easily enforce stronger password policies and automate password change intervals
• Seamless integration with Windows and the K1000
• Increase data security by eliminating common intrusion vectors
Forgotten
Locked
Fixed
Dell World 2014
Why use Dell Password Manager?
• Reduce helpdesk and IT involvement
• Increase user productivity
• Eliminate the need for users to write down passwords
• Reduce the risk of data breach due to weak passwords
• Reduce lost productivity
Forgotten
Locked
Fixed
Dell World 2014
How?Familiar User InterfaceDell Password manager presents end users with an interface much like web commerce sites.
Dell Password Manager
Self-EnrollmentUsers enroll and choose from a list of security questions and provide their unique answers.
Self-ServiceWhen a user forgets their password, they simply answer their questions and can reset it without the need for IT intervention.
Dell World User Forum
All together now…
• Preventative Image Compliance
• Using SCAP and OVAL to secure the OS prior to Deployment with the K2000 Deployment Appliance
• Live System Auditing
• Using SCAP and OVAL on currently running systems
• Least Privilege Access
• Privilege Manager can allow legacy programs to run as Administrator while the user retains a lower privilege set
• User Workspace Management
• USB Port Security
• Prevent the need for end users to seek other methods to do their job.
• Password Manager
• Increase security and reduce cost
• Empower users
Dell World 2014
Thank you.
Dell World 2014
Reference
Dell World 2014
Helpful Links
• Unified Compliance– https://www.unifiedcompliance.com/
• Addressing HIPAA Challenges with KACE and SecureWorks– http://www.kace.com/~/media/Files/Resources/White-Papers/Addressing-HIPAA-Challenges-Dell-KACE-and-Dell-
SecureWorksoach.pdf
• Desktop Authority Licensing and FAQ– http://www.quest.com/docs/desktop-authority-management-suite-faq-24287.pdf
• Dell Password Manager Datasheet– http://www.quest.com/documents/password-manager-datasheet-3490.pdf
• The Privilege Management Conspiracy– https://software.dell.com/docs/the-privilege-management-conspiracy-whitepaper-7789.pdf
• Killing Administrator– https://software.dell.com/docs/WPW-KillingAdministrator-082212.pdf
• Six Ways to Extend and Expand Your Systems Management Capabilities to Your User Environment – http://software.dell.com/documents/six-ways-to-extend-and-expand-your-system-management-capabiltiies-to-
your-user-environment-whitepaper-27653.pdf