You laptop is not your friend - End user device security

Transcript

1. GDS Your laptop is not your friend! End User Device

   security End User Devices are computers in Government speak

2. GDS Gareth Rushgrove Congratulations, your web servers are super secure

   and well monitored* * for the purposes of this talk, they are

3. GDS Gareth Rushgrove Apple, Facebook employees hacked via website malware,

   Java vulnerability http://www.zdnet.com/apple-facebook-employees-hacked-via-website-malware-java-vulnerability-7000011601/

4. GDS Gareth Rushgrove Here’s 12 things you should do

5. GDS Gareth Rushgrove Data-in-transit protection 1

6. GDS Gareth Rushgrove VPNs are your friend

7. GDS Gareth Rushgrove Data-at-rest protection 2

8. GDS Gareth Rushgrove Authentication 3

9. GDS Gareth Rushgrove User to device, User to service, Device

   to service

10. GDS Gareth Rushgrove Secure boot 4

11. GDS Gareth Rushgrove 5 Platform integrity and application sandboxing

12. GDS Gareth Rushgrove Application whitelisting 6

13. GDS Gareth Rushgrove 7 Malicious code detection and prevention

14. GDS Gareth Rushgrove 8 Security policy enforcement

15. GDS Gareth Rushgrove Sounds like configuration management to me

16. GDS Gareth Rushgrove 9 External interface protection

17. GDS Gareth Rushgrove 10 Device update policy

18. GDS Gareth Rushgrove 11 Event collection for analysis

19. GDS Gareth Rushgrove Reminder, you need central systems outside the

    laptop

20. GDS Gareth Rushgrove 12 Incident response

21. GDS Gareth Rushgrove Because things will go wrong

22. GDS Gareth Rushgrove Public guidance on GOV.UK

23. GDS Gareth Rushgrove Per platform configuration

24. GDS Don’t worry too much about this

25. GDS Unless you have to.