For those who are not familiar with the Cisco Prime Security Manager, it is a management application that was introduced in 2012 to manage Cisco ASA 5500-X Series Next-Generation Firewalls. It is built on Web 2.0 technologies and supports both single-device and multi-device manager form factors to help manage various features such as Application Visibility and Control (AVC), along with web security in a simple, light-weight, and scalable manner. The AVC capability helps to block around 1200+ applications and 150,000+ micro-applications, in addition to specific users, behaviors, micro-applications, and devices. The web security service also provides URL filtering and Web reputation features to proactively restrict web application usage based on reputation of the site. Through Cisco Security Intelligence Operations (SIO), these services provide a comprehensive view of the local and global threat intelligence landscape. This is eventually translated to actionable items such as security polices and information feeds that protect your business from near real-time zero-day threats. Read More »
We all know we need it, but no one wants to talk about. Today, we break through that taboo. Secure the Infrastructure! This bold declaration brought to you courtesy of Matthew Brender (@mjbrender) and Mike Foley (@mikefoley) as they talk about how to use a hardening guide, and how to execute security in the real world. This is a great discussion about people, policy, and how not to be “the person who puts ‘no’ in innovation.”
Roll the video:
And it wouldn’t be Engineers Unplugged without a unicorn, in this case a security unicorn. Please do not try this at home.
What are you seeing in the industry? Agree or disagree, post a comment, send a tweet, follow along using one of the methods below!
Welcome to Engineers Unplugged, where technologists talk to each other the way they know best, with a whiteboard. The rules are simple:
- Episodes will publish weekly (or as close to it as we can manage)
- Subscribe to the podcast here: engineersunplugged.com
- Follow the #engineersunplugged conversation on Twitter
- Submit ideas for episodes or volunteer to appear by Tweeting to @CommsNinja
- Practice drawing unicorns
Join the behind the scenes by liking Engineers Unplugged on Facebook.
The HIPAA Omnibus Final Rule is now in effect and audits will continue in 2014. The Department of Health and Human Services’ Office for Civil Rights has stated several times that both Covered Entities and Business Associates will be audited. And the scope of Business Associates has greatly expanded. I wrote another blog directed towards these new Business Associates. This final blog of this series focuses on covered entities that work with business associates.
- HIPAA Audits will continue
- The HIPAA Audit Protocol and NIST 800-66 are your best preparation
- Knowledge is a powerful weapon―know where your PHI is
- Ignorance is not bliss
- Risk Assessment drives your baseline
- Risk Management is continuous
- Security best practices are essential
- Breach discovery times: know your discovery tolerance
- Your business associate(s)must be tracked
The HIPAA Omnibus Final Rule changed the Business Associate definition, and also makes Business Associates obligated to comply with HIPAA. You most likely will have more business associates than previously, and those business associates that have access to your network and/or your PHI data are obligated to be HIPAA compliant. The Ponemon Institute’s Third Annual Benchmark Study on Patient Privacy and Data Security (December 2012), reveals that 42% of the breaches involved a third party “snafu”.
The web browsing behaviour of users changes as the end of the year approaches. The holiday season can provide a large distraction from work duties that may need to be managed. Equally, even during periods when the office is closed, there will be some individuals who cannot resist accessing work systems. Managing these changes in behaviour is difficult for network administrators unless they know what to expect.
Read More »
Securing the Critical Internet Infrastructure is an ongoing challenge for operators that require collaboration across administrative boundaries. Last September something exceptional happened in Ecuador, a small South American country. The entire local network operation community got together to be pioneers in securing its local Internet infrastructure by registering its networks in the Resource Public Key Infrastructure (RPKI) system and implementing secure origin AS validation. This project is a great example on how a global technology change can be accelerated by maximizing its value to local communities.
The global inter-domain routing infrastructure depends on the BGP protocol that was initially developed in the early 90s. Operators know that a number of techniques are needed to improve BGP security (a good reference can be found here). Although these improvements, it is still possible to impersonate the entity with the right of use of Internet resources and produce a prefix hijack as the famous attack in 2007. The IETF, vendors and Regional Internet Registries have been working inside the SIDR working group to create technologies that allow the cryptographic validation. The initial outcomes of this effort have been the RPKI and the BGP origin AS validation; two complementary technologies that work together to improve inter-domain routing security.