If your business partners are accessing your sensitive data on your mission critical servers, you may find yourself living in excessively interesting times.

A signed agreement among business partners helps, but guarantees nothing. Incidentally, it can also discourage disclosure. Persuading them to implement better information security practices (i.e., spend more) can be fruitless.

Despite the difficulties, we often need an agreement signed to help facilitate avoiding the following risks posed by our business partner endpoints:

• Infect our mission critical servers (Risk 1)
• Leak data via malware (Risk 2)
• Leak data via removable media (Risk 3)
• Leak data via high-risk endpoint hard drives (Risk 4)

Limit server access to partner endpoints of acceptable risk.
Limit access to machines not just people. Limiting access based on both identity and health requires network access control (NAC) technology, such as Microsoft Network Access Protection (NAP).

• Try to limit access to machines that process as little data, documents, or media from the outside world as practical (Risk 2). This also means denying access to endpoints running p2p and other software.
• Ensure that anti-virus and anti-spyware software are running, up-to-date, and frequently conduct full scans (Risk 2)
• Try to require other anti-malware tools because signature-based anti-malware products are becoming more ineffective every week (Risk 2).
• Deny access to endpoints with promiscuous removable media settings (Risk 3)

Data stored on partner endpoints must be encrypted.
Fixed and mobile PCs can be physically compromised. Limit server access to endpoints with full disk encryption (Risk 4). Second, also limit access to machines that require two factor authentications to utilize the endpoint (Risk 4). If your partner’s disk encryption solution can ensure that write operations to removable media are encrypted, then you might ease up on removable media settings requirements (Risk 3).

Consider limiting partner server access to thin client machines.
One can be very confident that no malware is operating within a freshly rebooted thin client machine (Risk 1). This can also be the most effective, albeit Draconian, risk mitigation to data leaks (Risk 2, 3, and 4). BTW, you could also have them access mirrors of your mission critical servers instead (Risk 1).

Posted: Thursday, August 21st, 2008 - Endpoint Security
RSS 2.0 - Comment - Trackback