TFT13 - Shane Carlson, Augmented Human - Your Cell Phone Thinks You're An Asshole
TFT13 - Nathan McNeill, Securing Remote Support
-
Upload
tft-presentations-tomorrows-it-service-future-today -
Category
Business
-
view
241 -
download
2
description
Transcript of TFT13 - Nathan McNeill, Securing Remote Support
![Page 1: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/1.jpg)
Bomgar Product Strategy
![Page 2: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/2.jpg)
Bomgar Product Strategy
Company Overview
![Page 3: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/3.jpg)
Bomgar Product Strategy
200 Fatalities Per Year
![Page 4: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/4.jpg)
Bomgar Product Strategy
1% Of Breaches in Study 47%
Of Breaches in Study
Physical Theft Remote Access
![Page 5: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/5.jpg)
Bomgar Product Strategy
Remote Support (Access)
Service Desk (Process)
Systems Management (Infrastructure)
Support
Incident
Incident
Resolved
Infrastructure Process Access
![Page 6: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/6.jpg)
Bomgar Product Strategy Why You Need Access
Error!
2
1 3
5
4
6
![Page 7: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/7.jpg)
Bomgar Product Strategy
Not This Kind of Access
![Page 8: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/8.jpg)
Bomgar Product Strategy
Support Rep End-User
Error!
Error!
![Page 9: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/9.jpg)
Bomgar Product Strategy
A Mobile Environment
![Page 10: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/10.jpg)
Bomgar Product Strategy
VPN
Point-to-Point Tools
![Page 11: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/11.jpg)
Bomgar Product Strategy
Inadequate Controls
![Page 12: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/12.jpg)
Bomgar Product Strategy
![Page 13: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/13.jpg)
Bomgar Product Strategy
2011 Data Breach Investigations Report
– Verizon Business RISK Team
The Usual Suspects
![Page 14: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/14.jpg)
Bomgar Product Strategy
2010 Data Breach Investigations Report – Verizon Business Risk Team
![Page 15: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/15.jpg)
Bomgar Product Strategy
2010 Global Security Report – Trustwave SpiderLabs
![Page 16: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/16.jpg)
Bomgar Product Strategy
In approximately four of 10 hacking-
related breaches, an attacker gained
unauthorized access to the victim via
one of the many types of remote
access and management software.
Rather than for internal usage, most of
these connections were provisioned to
third parties in order to remotely
administer systems. 2009 Data Breach Investigations Report – Verizon Business Risk Team
![Page 17: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/17.jpg)
Bomgar Product Strategy
42%
34%
24%
9%
21%
2008 Data Breach
Investigations Report
– Verizon Business
Risk Team
![Page 18: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/18.jpg)
Bomgar Product Strategy
“Legacy remote control tools are incapable
of supporting increasingly complex
environments, and companies must find
new ways to provide support services to users.”
P2
─ PC Remote Control Security: Risks & Recommendations Gartner, Apr 2009
![Page 19: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/19.jpg)
Bomgar Product Strategy Enterprises are Like Opera Houses
Pretty and Polished On-Stage
![Page 20: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/20.jpg)
Bomgar Product Strategy
Backstage Filled with Secret Passages
![Page 21: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/21.jpg)
Bomgar Product Strategy
Translation: You Should Be Afraid
![Page 22: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/22.jpg)
Bomgar Product Strategy
A New Twist
![Page 23: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/23.jpg)
Bomgar Product Strategy
![Page 24: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/24.jpg)
Bomgar Product Strategy
Mobile Device Remote
From
Remote To Functionalities
Screen
Sharing
System
Info Chat
File
Transfer
Screen
Capture
Remote
Config
BlackBerry®
Windows
Mobile(1)
Android™
iPad®
iPhone®
(1) Windows Mobile 6.5 and Below
(2) For carriers and device manufacturers. Not available for all businesses
(2) (2)
![Page 25: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/25.jpg)
Bomgar Product Strategy
![Page 26: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/26.jpg)
Bomgar Product Strategy
1. Architecture
2. Authentication
3. Access Controls
4. Audit
![Page 27: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/27.jpg)
Bomgar Product Strategy
1. Architecture
![Page 28: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/28.jpg)
Bomgar Product Strategy
“There are three basic forms of PC
remote control: client/server (agent-
based), Web-based (agentless) and
appliance-based (agent not
required).” P4
─ PC Remote Control Security: Risks & Recommendations Gartner, Apr 2009
![Page 29: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/29.jpg)
Bomgar Product Strategy
![Page 30: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/30.jpg)
Bomgar Product Strategy
![Page 31: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/31.jpg)
Bomgar Product Strategy
![Page 32: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/32.jpg)
Bomgar Product Strategy
![Page 33: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/33.jpg)
Bomgar Product Strategy
• LDAP
• RSA/RADIUS
• Kerberos
![Page 34: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/34.jpg)
Bomgar Product Strategy
• Group Policies
• System-Level Permissions − Remote Control
− Unattended Access
− Command Line
− File Transfer
− Script Usage
• Session-Level Permissions − Access Elevation
− Collaboration Settings
− Team Membership
![Page 35: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/35.jpg)
Bomgar Product Strategy
![Page 36: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/36.jpg)
Bomgar Product Strategy
![Page 37: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/37.jpg)
Bomgar Product Strategy
• Customer-initiated
• Remote Control or View Only
• Restrict Access by Application
• Over-Riding Mouse Control
• Prominent "Stop Session" Button
• Notifications/Permissions for All Rep
Actions
![Page 38: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/38.jpg)
Bomgar Product Strategy Vendor Controls
•Dedicated Silo for Each Partner
•Per-Partner Access & Security Policy
•Integration with Access Directories
•Policy-Based Collaboration with
Internal Teams
•Direct or Accompanied Access to
Systems
•Ad-Hoc, or Ongoing Access
•Complete Audit Trail of Partner Access
![Page 39: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/39.jpg)
Bomgar Product Strategy
• Detailed Session Logs − Session Membership
− Activity Transcripts
− File Transfers
− Survey Responses
• Video Session Recording − Screen Sharing
− Command Line Sessions
• Track Admin Changes Via Syslog
• Integrated with Service Desk / CRM
![Page 40: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/40.jpg)
Bomgar Product Strategy
Real-Time Audit
![Page 41: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/41.jpg)
Bomgar Product Strategy
• Remote Support Is a Current Security Risk
• Remote Support Is Extending to Mobile
• Four ‘A’s Needed for Remote Support Security
![Page 42: TFT13 - Nathan McNeill, Securing Remote Support](https://reader033.fdocuments.us/reader033/viewer/2022052506/5575cb04d8b42a312a8b51d0/html5/thumbnails/42.jpg)
Bomgar Product Strategy