As thought leaders at the largest dedicated security company in the world, we are tapped into all the hot cyber security topics at all times. So when we hear news about a breaking trend, like the Heartbleed vulnerability or the Target hack, we understand the issue and know how to respond.
However, many average Americans are not as tapped into the cyber issues du jour, despite the fact that these issues affect them in different and important ways. That’s why we support efforts to educate the public on cybersecurity issues, and that’s why recently, we worked on an educational piece with we worked on an educational piece with Daniel Humphries of Software Advice. In his column “Buzzword Babylon,” Daniel took the approach of identifying hot, important cybersecurity terms we all should know about but may not be aware of. He then worked with experts to provide definitions to these terms for the layperson. Intel Security Public Sector CTO Scott Montgomery and CTO of the Americas Curt Aubley were tapped for the latest ‘Buzzword’ column and provided definitions on Network Access Control, Threat Intelligence and Identity Access Management.
Check below for those definitions:
1. Scott Montgomery defining Network Access Control (NAC): Many people liken NAC to a bouncer at a nightclub, but this isn’t entirely accurate. It’s not just whether you’re “on the list” to get in; there are specific criteria, and if you don’t meet them, you’re detained until you do. It’s more like the Department of Homeland Security’s Customs and Border Protection (CBP), which checks very specific things when you return from traveling internationally, including:
- Your name, date of birth, street address, passport country and number and the airline and number of your arrival flight
- Where you visited and who you’re traveling with
- If your trip was for business or pleasure
- If you’re returning with items such as fruits, plants, food and/or animals, and if you were in proximity to livestock
- If you’re carrying $10,000 USD (or the foreign equivalent) or more
- If you’re carrying commercial merchandise, and
- The total value of all goods with you
NAC uses a similarly granular level of criteria to determine if a machine can gain access to your network. This includes whether you:
- Have the right OS service pack
- Have the most up-to-date software patches for commonly exploited software packages, such as Adobe Reader or Internet Explorer
- Have up-to-date anti-virus signatures (a string of characters/numbers anti-virus programs use to detect viruses)
- Are running older/deprecated software versions, and
- A large variety of other administrator-defined criteria
Based upon a check performed when the machine is trying to gain network access, the NAC “CBP agent” can decide not to allow it through until necessary changes are made.
2. Scott Montgomery defining Threat Intelligence: Think about threat intelligence like a credit bureau and your credit rating. There are a number of different credit bureaus, just like there are different information security and privacy vendors with useful information. Imagine that you’re trying to decide whether or not to give someone a loan. You’d want to know a variety of different things that credit bureaus track, such as:
- Does the person owe more than they earn?
- Do they pay their bills on time?
- How many other recent large loans have they taken out?
- Have they defaulted on loans in the last seven years?
- Have they gone bankrupt in the last seven years?
Threat intelligence gives you the ability to learn what to expect from a variety of Internet entities, such as IP addresses, domain names and URLs. When you allow something to connect to your network, you have the right to know everything there is to know before allowing that connection. McAfee and other threat intelligence brokers can answer various types of “credit bureau” questions based on what’s been observed about particular Internet entities.
3. Curt Aubley, Intel Security CTO of the Americas, defining Identity Access Management (IAM): IAM is an information security, risk management and business discipline with a broad range of measurable and demonstrable benefits.
At its foundation, IAM is all about:
- Who needs and is authorized to access what (e.g. applications/systems/information)
- Controlling that access
- Ensuring a person is who they say they are
- Ensuring access is easy and secure, and
- Ensuring that, if something changes, the associated access and controls change as well
While it sounds simple, there are a few challenges. First, IAM is a cross-functional business imperative, rather than strictly an IT infrastructure-led engagement. This means the human resource process of adding a new employee to an IAM system, expanding their access privileges or removing them from the system, must be tightly integrated with the specific IT requirements of IAM technologies to include internal employees, external consultants and suppliers.
Complicating things a bit more, IAM must be integrated across all devices, as well as any place that could be attacked—including the realms of mobility and the cloud.
Our Intel Security experts enjoyed this fun challenge rather than the kinds they usually get. Thanks to Daniel for assembling this great piece!