One Banks Layered Approach to Security

1
One Banks Layered Approach to Security
2

• Kevin Heatley, VP of Information Systems
• Gorham Savings Bank
• kheatley_at_gorhamsavingsbank.com

3

• WHY DO WE NEED
• ALL OF THIS SECURITY?

4
GOAL 1 KEEP THE BAD GUYS OUT
5
GOAL 2 KNOW WHATS GOING ON
6

GOAL 3 KEEP UP WITH REGULATIONS
7

• Thieves steal

DATA
And banks are great targets for both!
MONEY
8
LETS START HERE
9

• POSTINI Inbound mail filter for
• spam, viruses, and other malware

Annual averages of emails at GSB
of emails received by Postini intended for GSB
5,024,424
of emails sent onto GSB email server 577,824
(11.5)
of emails rejected by Postini 4,082,844 (81.3)
of emails quarantined by Postini (for user
review) 363,756 (7.2)
10

• INTERNET
• FACING
• SYSTEMS

11

• INTRUSION PREVENTION SYSTEM
• Monitored 24x7 by third party
• Alerts to all attacks, more info on high severity
  attacks
• FIREWALL
• Monitored 24x7 by a different third party vendor
• High rated attacks are reported immediately, all
  others are sent in daily summation reports

12

• VPN FOR REMOTE USERS
• RSA tokens require two factor authentication
• 40 remote users, including some vendors
• Looking into Network Access Control
• - Symantec, Citrix, Cisco, and others

13

• EMAIL ENCRYPTION
• Outbound email manually encrypted by a keyword or
  scanned for keywords or phrases
• Blocks incoming mail with specific attachment
  types and keywords in subject line

14

• WEB FILTERING SOFTWARE
• System to block malicious websites and the bad
  things on those sites
• Also blocks sites with keyloggers, bot networks,
  spyware, and other potentially unwanted software

15

• INTERNAL
• SYSTEMS

16

• WSUS (Windows Server Update Services)
• Patches all PC and server Microsoft OSes monthly,
  sometimes more often
• Test environment is crucial!
• Keep up with other OSes (dont forget network
  equipment), software (IE, Adobe, etc.), patches,
  and anything that can be upgraded

17

• ANTIVIRUS ON ALL DESKTOPS
• LOCAL FIREWALLS ON SOME DESKTOPS
• Local AV signatures updates daily from a central
  location on the network
• Local firewalls only on systems running specific
  secure applications

18

• EMPLOYEE LEVEL SECURITY
• Bank-defined Information Systems Security Policy
• All employees are trained at orientation and
  annually sign off of acceptance is mandatory
• All systems require complex passwords with strong
  minimum requirements, if possible
• Servers and network equipment are locked away
  from all but IT workers

19

• TESTING
• Third party penetration tests done semi-annually
• Third party social engineering testing performed
  annually
• In-house vulnerability assessments done quarterly
  and followed up by annual third party testing

20
And of course

• COMMON SENSE !!

21

• ANY QUESTIONS?

22

• THANK YOU!
• For more info, please contact me
• kheatley_at_gorhamsavinsgbank.com