Information Security Report 2010 - Nec

More documents

Recommendations

Info

IT Platform for PC and Network Protection The IT platform for PC and network protection is designed to maintain the security of all information devices connected to the NEC Intranet and protect the network from viruses, worms, and other attacks. The system provides monitoring and controls to ensure secure use of the Intranet, including restricting access from PCs with security problems, and running periodic vulnerability scans. (1) Protecting PCs from Cyber-Attacks (Monitoring Security Patch Updates) New vulnerabilities are being found in OSs and software every day. To protect them from attacks by malicious programs, it is necessary to strictly apply the security patches that address these vulnerabilities. At the NEC Group, installation of software to monitor PC and network status is required for all PCs connecting to the NEC Intranet, enabling us to visualize the status. This makes it possible to monitor whether the necessary security patches for OS and software have been applied, send messages to the user if they have not been applied, and restrict network access after a while. The system can also check any security patches installed on the PC, and display messages on the PC warning the user to install or update the software as needed. (Implementation of Anti-Virus Measures) We have standardized anti-virus software and security settings for all PCs to prevent the spread of virus and worm infections. If the system finds an unsecure PC, the PC is quickly isolated from the Intranet. ■ Protecting PCs from Cyber-Attacks User Environment Support Strengthen Management Network Management Prompt Detection, Localization and Restoration Monitor Information on Network-Connected Devices ■ Collection of information on network connection status OK! Installed Monitor Information on Pc ■ Hardware and software information, patch information, etc. Integrated database ■ Server/PC licenses, patch information, usage status ■ Integrated management and display of status of improper network use Network Surveillance ■ Automation of network disconnection/restoration Installed Miharitai updated patches and virus definitions Disconnect Uninstalled Distribute Policies Distribute Updated Virus Definitions Distribute Patches Intrusion Detection Router Management Strengthen Prevention ■ Detection of improper packets ■ Centralized management of router configuration Prevention Detection Localization Restoration Ensure Secure and Reliable Intranet Use 10 NEC CORPORATION Information Security Report 2010
(Centralized Management of Security Status) Status data associated with security measures, including the software patches and anti-virus software noted above, is collected in a centralized management system. The data is available for Information Security Managers and Security Promotion Managers in their own divisions in a timely manner. (2) Vulnerability Scans Information devices running on a variety of platforms, such as Windows, UNIX, LINUX, and Mac, connect to the NEC Intranet. We check the status of all information devices via our network by vulnerability scans. Managers in each division are able to view the status and address any vulnerabilities using specified methods. We can check the status of addressing the vulnerabilities across the NEC Group. By scanning vulnerabilities on a regular basis, we make it possible to address new vulnerabilities and thus maintain security levels. IT Platform for Information Protection To prevent information leak, it is necessary to identify the illegal route by which information is being distributed and to put in place appropriate measures based on a risk analysis. The NEC Group manages not only our own Group information but information from customers and information disclosed to suppliers. We maintain comprehensive measures based on the characteristics of networks, PCs, electronic media, and other IT components. (1) System to Prevent Information Leak The NEC Group has built a system to prevent information leak using its proprietary InfoCage system. Specifically, the system encrypts hard disks and files, restricts use of USB flash drives and other external storage media, and monitors PC operations. The system has proved to be enormously effective in preventing information leak. ■ Overview of IT Platform for Information Protection ■ Overview of System to Prevent Information Leak NEC Group System to Prevent Information Leak Preventing leak of customer information, confidential information and information on contracted work Secure Information Exchange Site Enables secure exchange of information with customers Secure Email Distribution System Prevents misdelivery of emails sent from NEC Thin Client Service System in which customer information is not stored on the PC InfoCage PC Security Function 1: Hard Disk Encryption Function 2: Control Over Use of External Storage Media Through policy settings, allow use of only particular USB flash drives and other devices Function 3: Pc Operation Logging Client PC Policy Receipt Client File Access Control Management Function 5: File Auto-Encryption Regular automated scanning finds unencrypted files and automatically encrypts them Function 4: Obtains Latest Policy Settings as Defined Company-Wide or by Division NEC CORPORATION Information Security Report 2010 11
Page 1 and 2: Information Security Report 2010 Ye
Page 3 and 4: NEC’s Initiatives to Build a Secu
Page 5 and 6: NEC’s Initiatives to Build a Secu
Page 7 and 8: ■ NEC Group Management Policy The
Page 9 and 10: ■ Utilizing Results from Organiza
Page 11: IT Platform for User Management and
Page 15 and 16: (4) Thin Clients To prevent informa
Page 17 and 18: Development of Security Promotion M
Page 19 and 20: 1) Designating managers responsible
Page 21 and 22: When development takes place while
Page 23 and 24: We aim to speed up management, visu
Page 25 and 26: Privacy Mark Certification The foll
Page 27 and 28: The NEC Way “The NEC Way” is th
Page 29 and 30: NEC Information Security Statement

Information Security Report 2010 - Nec

Create successful ePaper yourself

Delete template?

Save as template?