Before digitization, information was transmitted in letters, and the integrity of the information could be verified through a naked eye. After digitization emerged, all messages have been converted to 0 and 1 and then stored in memories. Additional techniques are required to verify the integrity of the messages. Users have to question the integrity of a file when opening or sending it because the displayed content may not be true and can conceal malicious codes. How do we trust these “invisible data”. Data at rest or data in transit, we should be skeptical about invisible data as they may contain malware; someone may pretend to be a legitimate user and hack into the system and steal data; eavesdroppers may intercept and forward messages between two parties in communication (man-in-the-middle attack). These are just the tip of the iceberg.
In general, threats are either external (e.g., malware, phishing, illegal access, and eavesdropping) or internal (e.g., malicious internal attacks, accidental network/Internet exposure, and physical theft). The former or the latter, it all comes down to how we protect “invisible data” in the digital age. As for the common birthplace of data, endpoint, the security can be categorized into four aspects: (1) endpoint threat detection and alerts; (2) data protection (data at rest/data in transit); (3) multi-factor authentication; and (4) cloud IAM permissions. Upon creation, data is then shared, transmitted, used, modified, etc. It is of great significance to prevent data from being stolen by insiders, to keep customers’ personal information confidential and to track user behavior at all times. In the past, various data protection and authentication solutions had different frameworks, making their adoption, maintenance, and compatibility real challenges.
In recent years, the world’s leading companies have established FIDO Alliance to promote a unified FIDO authentication framework already compatible with off-the-shelf hardware devices, operating systems and web browsers. With this framework, companies and service providers can implement crypto-based multi-factor and password-less authentication as a turnkey solution. In this event, three information security companies in Europe and Asia are invited to share how to ensure the trustworthiness of invisible digital data. FIDO2-certified WiSECURE Technologies and Chunghwa Telecom will introduce security keys and web-based authentication (WebAuthn) respectively, and Energy Logserver will talk about the threat detection and alerts in cloud environments. They all together elaborate on corporate data protection through the lens of data life cycle and user journey.
在數位化之前,資訊以書信傳遞,可以透過肉眼確保訊息的完整性。直到數位化浪潮席捲全球,訊息全部被轉換為 0 與 1 後儲存在記憶體中,驗證訊息完整性需要額外技術。當我們打開文件或傳輸時,需質疑其完整性,因為顯示的內容可能不真,惡意代碼可能偽裝成正當合法的樣子。我們不得不問:我們如何信任那些「看不見的資料」?無論是靜態儲存的資料還是傳輸中的資料,我們都應抱持著不信任態度。因為可能會被注入惡意軟體;有人可能會偽裝成合法用戶,侵入系統並竊取數據;竊聽者可能會在通訊的兩方之間截獲並轉發消息(中間人攻擊),這些還只是冰山一角。 基本上,威脅可以分為內部和外部。外部威脅包括惡意軟體、網路釣魚、非法存取與竊聽等。內部威脅包括員工植入惡意程式、資料洩漏、濫用權限、竊取資料等。
一般的端點安全性可分為 (1) 端點威脅檢測和告警 (2) 數據保護 (靜態數據/傳輸中數據) (3) 多因素身份驗證 (4) 雲端權限管理。從資料被創造的那一刻,緊接著共享、傳輸、使用、修改等,如何每分每秒不讓資料被公司內賊竊取、確保客戶個資不外洩、掌握使用者行為? 因過去的資料保護及身分認證解決方案百家爭鳴,框架不一,導入、維護、兼容都是問題。
近年由諸多國際大廠組成 FIDO Alliance,推動統一的FIDO認證框架,已兼容各硬體裝置、作業系統、網頁瀏覽器,企業及服務商可快速導入以密碼學為基礎的多因素、無密碼身分驗證。本次【歐亞企業資安需求商業媒合活動】跨亞洲與歐洲聯手三家優秀資安公司以「數位時代如何信任看不見的資料」為主軸,邀請通過 FIDO2 認證的匯智安全介紹安全金鑰、通過FIDO2 認證的中華電信介紹雲端身分認證伺服器,以及Energy Logserver 介紹雲環境威脅偵測及告警,以「資料生命週期」為視角,分享如何滴水不露地保護企業智慧資產及機密資料。
July 29, 2021 (Thursday)
09:00-10:00 (CEST)
16:00-17:00 (Taiwan Time)
The conference will be held online and a reminder email, as well as the meeting link, will be sent by the organizer.
English
2021/07/29 (四)
16:00-17:00 (台灣時間)
09:00-10:00. (CEST)
採用 Webex 線上會議系統,會議連結於活動前一天發送。
英文
The organizer reserves the right to cancel, postpone or change the venue, date and time of the event should unforeseen circumstances occur.
Dango Chen
Researcher
Chunghwa Telecom Laboratories
Phil Liang
CIO
WiSECURE Technologies
Simon Ćwieka
Security Systems Engineer
Energy Logserver
Host:
Panelists:
Researcher
Chunghwa Telecom Laboratories
Specialized in internet security, software security, endpoint security, and etc., Dango Chen is currently working in the Information & Communication Security Lab of Chungwha Telecom Laboratories and responsible for designing and developing internal
server information and security management system an
Researcher
Chunghwa Telecom Laboratories
Specialized in internet security, software security, endpoint security, and etc., Dango Chen is currently working in the Information & Communication Security Lab of Chungwha Telecom Laboratories and responsible for designing and developing internal
server information and security management system and researching, developing and promoting the endpoint security product, “SecuWizard.” She is now researching on the application of FIDO standards.
MSc in Information Management, National Central University.
陳婉宜研究員現任中華電信研究院資通安全研究所。其專長研究領域包括網路安全、軟體安全、終端安全管控等,於中華電信負責內部伺服器安全管控系統設計開發,以及終端安控產品SecuWizard之研發與推廣,現在研究FIDO標準之應用與研發。畢業於中央大學資訊管理學系碩士。
CIO
WiSECURE Technologies
CIO
WiSECURE Technologies
Security Systems Engineer
Energy Logserver
Simon is experienced IT security specialist with focus on Big Data and Data Lakes projects. With many years of experience in improving system monitoring and security tools, specializes in both administrating, implementing and enhancing SIEM solutions. Proud member of Energy Logserver team, promot
Security Systems Engineer
Energy Logserver
Simon is experienced IT security specialist with focus on Big Data and Data Lakes projects. With many years of experience in improving system monitoring and security tools, specializes in both administrating, implementing and enhancing SIEM solutions. Proud member of Energy Logserver team, promoting SIEM, Network Probe and Log Management functionalities across Europe, Middle East and Asia.
Simon是一位經驗豐富的 IT 安全專家,專注於大數據與Data Lakes項目。憑藉著其在改善系統監控能力與安全工具方面的多年經驗,Simon長於管理、執行與強化 SIEM 解決方案,也是自豪的Energy Logserver 一份子,負責在歐洲、中東和亞洲地區推廣SIEM、網路探測與記錄檔日誌管理功能。
Chunghwa Telecom Company, Ltd. and WiSECURE Technologies Corporation attained the FIDO2 certification this year. They assist companies in deploying password-less login and multi-factor authentication, using strong authentication to log in to corporate data centers, management systems, webpages and more to solve the problems arising from phishing websites, password leakages, and password management, and strictly controlling access to data and services.
中華電信及匯智安全於今年通過 FIDO2 認證,協助企業布署無密碼登入及多因素認證,使用強認證登入企業資料中心、管理系統、網頁服務等,解決釣魚網站、密碼洩漏、密碼管理所衍伸的諸多問題,於前線嚴格把關資料及服務的存取。
Energy Logserver is a powerful tool that can search, detect, alert and point threats and problems of IT architecture. Originally started as a Log Management solution, now it’s fully grown SIEM. It has an advanced internal incident risk calculation system that can help you estimated impact of incident . This means that the Energy Logserver can not only detected problems, but also help you set priority for them.
Energy Logserver 可以主動搜尋、偵測、提供警報並識別IT架構內存在的威脅與安全漏洞。Energy Logserver的前身是日誌管理解決方案,現在則成長為能提供完整安全資訊與事件管理系統(SIEM)的服務。透過先進的內部事件風險運算,Energy Logserver可以協助評估一事件帶來的影響衝擊,可以偵測安全漏洞及安排優先處理順序。