top 3 mac spoofing challenges you cannot afford to ignore

21
Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

Upload: great-bay-software

Post on 08-Aug-2015

30 views

Category:

Business


1 download

TRANSCRIPT

Page 1: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

!Top 3 MAC Spoofing Challenges !You Cannot Afford to Ignore

Page 2: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

Data breaches are increasing

Identity Theft Resource !Center reports in 2014 •  18.3% increase in data breaches •  783 data breaches in the U.S. •  85+ million records were affected

Verizon’s 2014 Data !Breach Investigations Report •  Internationally 1,367 confirmed data breaches in 2013 •  Over 10,000 data breaches in the last 10 years

Source:  Informa.on  is  Beau.ful  World’s  Biggest  Data  Breaches  

Page 3: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

Data breaches are costly

Ponemon’s 2014 report !Cost of Data Breach: Global Analysis •  Average data breach costs $3.5 million U.S. dollars •  15% increase in cost over previous year

The research reveals that reputation and the loss of customer loyalty does the most damage to the bottom line.  

Page 4: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

Data breaches are increasing

Figure from Verizon’s 2014 Data Breach Investigation Report

Page 5: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

MAC spoofing

Definition:

Connecting to the network with a falsified media access!control (MAC) address

Page 6: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

History of MAC spoofing

•  Whitelisting as a form of security

•  Falsifying MAC address was too easy for hackers

•  Use MAC address as first line of defense, and combine it with a more contextual understanding of the device

Page 7: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

Top 3 MAC spoofing challenges Lack of visibility

Unable to keep a complete, real-time inventory of what is on the network and where each endpoint is located

Internet of Things trend Increase in headless and non-traditional devices on the

network

Trusting the device Security that relies on the device being the sole source

of information

Page 8: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

Challenge 1: Lack of visibility

The problem

•  Don’t know where unauthorized access or entry points into the system might be

•  Don’t know if there is an unauthorized device touching the network (whether it is misconfigured, etc.)

•  Don’t know if security measures are protecting entire network

Page 9: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

The solution

•  Complete visibility of all endpoints on the network –  Deeper historical and contextual understanding of

all devices on the network

Challenge 1: Lack of visibility

Page 10: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

This is not as simple as it sounds •  Time intensive task

•  Constantly changing landscape –  Increased mobility –  Guest access

•  BYOD initiatives

•  Need for user convenience

Challenge 1: Lack of visibility

Page 11: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

To really solve the problem you need:

•  Automated technology to create an inventory •  Access to contextual data •  Continuous, real-time monitoring for an ever-changing network

Challenge 1: Lack of visibility

Page 12: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

Challenge 2: Internet of Things The trend •  Increase in devices that use your network data to do

amazing things!

Fire extinguishers that tell you when they are in use

Sprinklers that use weather information to determine how often to run

Trash cans that alert you when they are full

Page 13: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

The trend

VOIP Phones HVAC Systems Security Cameras

Challenge 2: Internet of Things

Page 14: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

The problem

•  These devices are outside of the norm, meaning that current solutions may have limited contextual information about them

–  If the MAC address is spoofed the lack of context can make it difficult to identify that a rogue device has been added to the network

Challenge 2: Internet of Things

Page 15: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

The solution

•  Visibility of all devices, including headless devices •  Agentless or clientless security solution (since these often

have specific operating systems dependencies)

Challenge 2: Internet of Things

Page 16: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

The problem

•  Trusting the device by MAC address or MAC OUI !alone is risky

–  The MAC address is not enough information

MAC spoofing is based on a device being dishonest

Challenge 3: Trusting the device

“Communicating externally”

 

“Running Windows apps”

 

176.16.232.134  

Page 17: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

The solution Warehouse of context

Challenge 3: Trusting the device

What is the device?

How is the device! behaving?

Where is the device?

Page 18: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

HOW WE CAN HELP?

Page 19: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

The Beacon suite of solutions Identify. Ensure every endpoint accessing the network is accounted for to eliminate vulnerable blind spots.

Monitor. Know how endpoints are behaving at all times to easily identify and address potential threats quickly.

Enforce. Control access to the network to allow what should be on the network on, and keep what shouldn’t off.

“As far as seeing what’s "on the network, it’s "all about visibility and troubleshooting. When you’re trying to figure out, ‘what’s plugged into this port?’ and you can go and see that in Beacon, it saves you time.” "" –Patrick Printz, "

current Beacon user  

Page 20: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

•  Comprehensive. !Our software provides you with complete visibility. We detect and profile all device types touching your network, including headless devices.

•  Contextual. !Our technology provides you with historical and real-time detailed context.

–  What is the endpoint –  Where is it located –  Is it behaving uncharacteristically

•  Scalable. !Great Bay Software’s technology!has been proven to scale to satisfy !the largest of enterprise customers.

•  Simple. !Our technology is a sophisticated application that is actually easy to deploy and manage. !

Why Beacon?

Page 21: Top 3 MAC Spoofing Challenges You Cannot Afford to Ignore

Contact Us 1.800.503.1715

[email protected]

Find more resources and information at www.greatbaysoftware.com

QUESTIONS?