微软IT安全管理

InsightWorkshopsApr2009MicrosoftIT安全管理概述RobertSong宋波微软中国高级IT经理通常的安全关注区域●安全管理●Isthereanofficialsecurityteamexplicitlypositionedintheorgchart?●安全政策●Howwelldoweadvertisethem?Canweenforcethem?●资产/数据统计和分级●Doweknowwhattoprotectandwhathaspriority?●第三方关系●Whodowedealwith?Whataretheyallowedtodo?运营安全(OperationalSecurity)●安全问题其实是风险管理问题●Isthereaprocess/setofcriteriato(continuously)evaluaterisklevelofdifferentassets?●BusinessContinuity/DisasterRecovery●ClearPlan,RolesandResponsibilities●SecurityDelegation&职责分离●Isthereaprocessinplacetomanageelevatedprivileges?●SecuritybyDesign●Isthereaprocessinplacetovalidateprojectsagainstsecurityguidelines?●监控●Doweknowinreal-timewhat’sgoingon?Dowereport/scorecardit?●审计●Areourpoliciesworkingasplanned?●事件响应(IncidentResponse)●ClearPlan,RolesandResponsibilities深入防御式安全控制策略●边界网络安全●Doweknowandcontrolit?●主机/客户端安全●Didwedefinestandardconfigurations?Canwecontroliftheyareadopted?●Howdoweapproachsoftwareupdates?●应用安全●Arewesureaboutthesecurityofourowncode?DowehaveaSecurityDevelopmentLicecycleinplace?●数据安全和私密●Ourinformationisverylikelyourbestasset:howdoweprotectit?●物理安全●Arewecoordinatinginformationsecuritywithphysicalsecurity?5124,000台Vista客户端206,900+Office2007客户端186,100个SharePoint站点6个数据中心8,800+台服务器106个国家648座大楼255,600+SMS管理的计算机196,700+最终用户154,000+Exchange2007邮箱发35.2M的Internet邮件收505.9M的Internet邮件每月1,100,000+远程连接每月77,800,000+即时通讯微软公司IT环境微软IT使命成为微软产品的第一个和最好的用户为微软的数字资产提供安全保证世界级的IT运营环境成为微软的战略资产EnableascalableandflexibleLIVEinfrastructure相似之处不同之处微软IT是微软产品的“真实”客户●信息安全是首要任务●不同版本系统和配置并存●最大限度平衡安全、成本、效率是基本要求●异构网络环境●需要整合不同的系统●是微软产品第一个也是最好的用户●多次地测试部署新产品●绝大多数用户都有技术背景并且都是本机的系统管理员●是被外部攻击的首要目标●近乎完美的网络架构和最新的操作系统●Windows是唯一平台不同业务挑战的均衡•3万合作伙伴需要连接到公司网络•迅捷和自治性强的公司文化(AgilityandAutonomy)•众多的移动客户端N+1环境“首位和最佳客户”保护网络+遵守规定独特的软件开发需求不断发展的隐蔽的复杂的网络攻击是…风险评估资产威胁影响弱点减轻可能性+=Whatareyoutryingtoassess?Whatareyouafraidofhappening?Whatistheimpacttothebusiness?Howcouldthethreatoccur?Whatiscurrentlyreducingtherisk?Howlikelyisthethreatgiventhecontrols?目前风险级别Whatistheprobabilitythatthethreatwillovercomecontrolstosuccessfullyexploitthevulnerabilityandaffecttheasset?MissionandVisionOperatingPrinciplesRiskBasedDecisionModelTacticalPrioritization风险分析(byAssetClass)Exploitofmisconfiguration,bufferoverflows,openshares,NetBIOSattacks主机Unauthenticatedaccesstoapplications,uncheckedmemoryallocations应用Compromiseofintegrityorprivacyofaccounts账户Unmanagedtrustsenablemovementamongenvironments信任关系Datasniffingonthewire,networkfingerprinting网络资产MissionandVisionOperatingPrinciplesRiskBasedDecisionModelTacticalPrioritization安全生命周期DefineAssessDesignRespondOperateMonitor“FAST.RELIABLE.PROTECTED.SECUREBYDESIGN.”DefineAssessDesignRespondOperateMonitor安全生命周期AppConsulting&Engineering•End-to-EndAppAssessment&Mitigation•ApplicationThreatModeling•External&InternalTrainingEngineering&Engagement•EngineeringLifecycleProcess&Methods•SecureDesignReview•Awareness&CommunicationNetworkSecurity•Monitor,Detect,Respond•Attack&Penetration•TechnicalInvestigations•IDSandA/VIdentity&AccessManagement•IdMSecurityArchitecture•IdMGov&Compliance•IdMEngOps&Services•IdMAccounts&LifecycleAssessment&Governance•InfoSecRiskAssessment•InfoSecPolicyManagement•SecurityArchitecture•InfoSecGovernanceCompliance•RegulatoryCompliance•VulnerabilityScanning&Remediation•Scorecarding策略和方法风险评估发现潜在威胁通过五大关键策略降低风险身份和访问管理知识产权和数据保护保护网络加强审计和监控用户教育策略和方法SecureExtranetandPartnerConnectionsSecureRemoteAccessNetworkSegmentationNetworkIntrusionDetectionSystemsHardeningtheWirelessNetworkStrongPasswordsPublicKeyInfrastructure:CertificateServicesE-MailHygieneandTrustworthyMessagingLeastPrivilegedAccessManagedSourceCodeSecurityDevelopmentLifecycle-ITSecuringMobileDevicesAutomatedVulnerabilityScansCombatingMalwareSecurityEventCollectionInformationSecurityPoliciesTrainingandCommunications身份和访问管理知识产权和数据保护保护网络加强审计和监控用户教育追求卓越有“法”可依，有“法”必依从点到面，面面俱到善用资源，左右逢“源”技术全局出发，全面考量标准化，系统化贯彻实施，从上到下流程技术过硬善于思考立足本职，放眼世界人远大的－IT目标适合的－IT员工使命必达的－责任感保护合作伙伴和Extranet连接(保护网络)BacktoAllTactics保护合作伙伴和Extranet连接挑战应用符合安全标准的规定基础架构支持LOB应用的网络和域需求风险分享敏感数据导致的安全和隐私问题网络和Windows基础架构暴露在边缘网络(edgeEnvironment)业务案例保护合作伙伴访问的应用和数据BacktoAllTactics降低风险流程技术未来•统一的流程•变更控制(网络请求)•应用必须符合MicrosoftITSDL•ActiveDirectory组策略•MicrosoftSCCM•Windows应用隔离(ApplicationSegregation)BacktoAllTactics保护远程访问(保护网络)BacktoAllTactics保护远程访问的微软案例TamperresistantPortableandextensibleLeveragesMicrosofttechnologiesSeamlessandsecuredistributionUserperceptionandrequirements业务驱动挑战解决方案益处“Secureaccessanywhere,anytime.”BacktoAllTactics智能卡远程系统安全检验ConnectionManager和RAS隔离风险:恶意用户风险:恶意软件BacktoAllTactics双重验证安全远程访问经验教训“打有准备之仗.”CarefullyconsideryourPKIdecisionUnderstandsecuritythreatsAnticipatetechnicalchallengesDon’tforgetenterprisemanagementtools“Pilot,pilot,pilot.”“Manageexceptionscarefully.”“教育用户.”BacktoAllTactics员工ID的其他用途S/MIME和数字证书的保护域管理员的替代安全账户免现金的员工支付交易BacktoAllTactics集成物理和网络访问+强用户身份验证策略–正在评估中EliminationofpasswordsforalldomainuseraccountsworldwideNewcontainersforTwo-FactorAuthentication●Super-FOB●SmartphoneExpandedapplicationssupport●SecuringfinancialandHRdata●SigningsourcecodeBacktoAllTactics网络隔离(保护网络)Back