Securing the SEMS Network ECAM 2018 Overview SEMS

Securing the SEMS Network ECAM 2018

Overview • SEMS 2017 Security Audit Results • SEMS Current Security Measures • SEMS Security & User Responsibility • SEMS Security Risks • Presentation Q & A

SEMS 2017 Security Audit Results

SEMS 2017 Security Audit Results • Advanced External Penetration Testing • Social Engineering • Tricking users to provide information about the network or credentials • Internet-Facing Attacks • Gaining access from the internet • Advanced Internal Penetration Testing • Attached Intrusion Device • Hacking device directly connected to the SEMS network • Other Findings • Known Security Issues • Did not actually test, but suggested mediation

SEMS 2017 Security Audit Results RESULTS • Advanced External Penetration Testing • Social Engineering • 2 of 5 failures over the phone • 3 of 40 failures via email • Internet-Facing Attacks • 0 failures from external hacking attempts

SEMS 2017 Security Audit Results RESULTS • Advanced Internal Penetration Testing • Attached Intrusion Device • 7 vulnerabilities contributed to: • • Default settings Outdated software versions Undecrypted protocols Exposed account credentials All vulnerabilities have been mitigated

SEMS Current Security Measures

SEMS Current Security Measures SEMS is a mirrored systems using real-time replication between sites. The system is designed to be always available. • • Specialized Network Configuration Data Encryption Firewalls Intrusion Detection Device 24/7 Data Traffic Monitoring User Access Rights Antivirus Protection

SEMS Security & User Responsibility

SEMS Security & User Responsibility • • System security must be a priority for everyone Network security is never stronger than the weakest link Network security generally is not convenient All users on the network have an obligation to ensure the security of the network • Acceptable Use Policy • Users should not take shortcuts with network security

SEMS Security Risks

SEMS Security Risks Weak Passwords • • Strong passwords should change at least every 90 days Strong passwords should not be reused for one year Strong passwords should be at least eight characters Strong passwords should contain characters from three of the four following classes of characters • Special characters ( !, *, $, or other punctuation symbols) • English uppercase letters (A, B, C) • English lowercase letters (a, b, c) • Numerals (1, 2, 3)

SEMS Security Risks Viruses A computer virus, much like a flu virus, is designed to spread from host to host and has the ability to replicate itself. • Ensure all computers are running antivirus • Make sure to keep the antivirus updated • Simple running antivirus software will not keep you protected • Do not install unknown software • Do not click on suspicious links

SEMS Security & User Responsibility Malware" is short for 'malicious software' and is usually used as a catch-all term to refer to any software which causes damage to a single computer, server, or computer network. • • Generally is installed from the internet or an email Can capture keystrokes Can change computer settings Can damage your PC

SEMS Security Risks Hackers Someone who uses computers to gain unauthorized access to data. • • • Attack directly and/or subversively Attack the network externally and/or internally Are always looking their next target Can use social engineering to gain network information Can go unnoticed for long periods of time Always seek the weakest point to gain access

SEMS Security Risks Carelessness • • Weak passwords Unprotected passwords Being to comfortable Not keeping updates current Assuming there are no vulnerabilities Not ensuring due diligence Choosing convenience over security

SEMS Security Risks Carelessness Thinking security is someone else’s problem.

Presentation Q & A

Contact Information SEMS IT 601 -359 -5075 Matthew Summerlin matthew. Summerlin@sos. ms. gov Zach Simmons zach. simmons@sos. ms. gov Charlie Case charlie. case@sos. ms. gov