FOLIOの情報戦略のこれから_-_情報システムを添えて.pdf

Transcript

1. FOLIOͷ৘ใઓུͷ͜Ε͔Β - ࣾ಺γεςϜΛఴ͑ͯ 2018/11/4

2. 1. FOLIO͕ࠓ·Ͱ΍͖ͬͯͨ͜ͱ 2. FOLIOͷηΩϡϦςΟཁ݅ 3. FOLIOͷ࣮૷ํ਑ 4. Mic ໨࣍

3. ೥݄
   ख఻͍
   ೥݄
   ೖࣾ
   

4. ࠾༻ ೥݄
   ख఻͍
   ೥݄
   ೖࣾ
   "84
   (VBSE%VUZ ౿Έ୆ߏங "84
   *". ϖωτϨʔγϣϯςετ -*/&࿈ܞରԠ 8FC੬ऑੑ਍அ ֎෦ஂମ࿈ܞ

5. - ʮओཁߦ౳޲͚ͷ૯߹తͳ؂ಜࢦ਑ʯ - ”؂ಜ্ͷධՁ߲໨” > “III-3-7 ۀ຿ͷద੾ੑ: γεςϜϦεΫ” - ϑΥʔΧε

   - ڴҖ: γεςϜো֐ɺαΠόʔηΩϡϦςΟ߈ܸ - ରࡦ: γεςϜ౷߹ϦεΫɾϓϩδΣΫτͷ؅ཧଶ੎ɺγε ςϜɾηΩϡϦςΟ ཁ݅:૯߹؂ಜࢦ਑ɺFISC҆ର… ৘ઓ͕ରॲ͢ΔڴҖͱͦͷରࡦ

6. ઃܭ: Cybersecurity Framework(CSF) - NIST: ถࠃཱඪ४ٕज़ݚڀॴ - AESͳͲ҉߸ٕज़ͷબఆͱඪ४ԽͳͲ - CSF:

   ΦόϚલେ౷ྖ͕ൃ෍ͨ͠ߦ੓໋ྩʢExecutive Order)ʹج͖ͮNIST͕࡞ͬͨFW - ओʹɺاۀʹ͓͚ΔαΠόʔηΩϡϦςΟϦεΫͷ؅ ཧΛࢧԉ͢ΔͨΊͷɺۀքඪ४͓Αͼϕε τϓϥΫ ςΟεΛ·ͱΊͨࣗओࢀՃܕͷɺϦεΫϕʔεɾΞϓ ϩʔνʹجͮ͘FW

7. ࣮૷: Zero Trust Model

8. - ෳ਺ͷσʔλ͔Βࢉग़͢ΔϦεΫධՁ - ैདྷ: risk (0 or 1) = f(network)

   - Zero Trust: risk(0<y<1) = f(nw, id, device, edr…) - ੑѱઆΑΓ΋ʮධՁͰ͖ͳ͍΋ͷ͸൑அ͠ͳ͍ʯ - ϚΠφεͷελʔτͰ͸ͳ͘ɺθϩ͔Βͷελʔτ - ϝτϦΫεͱσʔλத৺ͷηΩϡϦςΟ Զ͸͜͏ࢥ͏Zero Trust

9. ࣾ಺γεςϜͷ࿩

10. ɹɹɹɹ ͷݞʹ৐Δ

11. σʔλΛControl Planeͱͯ͠ͷAzureʹू໿ People Services Devices Data

12. Data Plane

13. ิ׬తͳผαʔϏε͔ΒσʔλΛߋʹ࿈ܞ

14. ୺຤ΠϯϕϯτϦͷू໿

15. EDRͷू໿

16. ͦΕͧΕͷσʔλ͕ԣஅతʹ࿈ܞ People Services Devices Data

17. ྫ1: ۀ຿୺຤͔ΒͷΞΫηεͷΈڐՄ People Services Devices

18. ྫ: ۀ຿୺຤͔ΒͷΞΫηεͷΈڐՄ People Services Devices "DDFTT
    0L

19. ྫ: ۀ຿୺຤͔ΒͷΞΫηεͷΈڐՄ People Services Devices "DDFTT
    0L

20. ྫ2: ݸਓ৘ใ୺຤͔Β͸ಛఆαʔϏεͷΈ Services Devices QSJWBDZ Ұൠ

21. ྫ3: ϦεΫͷߴ͍୺຤ͷΞΫηεΛ੍ݶ

22. Not So Easy

23. - Ϧετ - Ϧετ - Ϧετ - Ϧετͷڧௐจࣈ - Ϧετ

    ڍಈ͕ෆ҆ఆ

24. OSX LaunchCTL͋ΒͿΓਿ

25. - Ϧετ - Ϧετ - Ϧετ - Ϧετͷڧௐจࣈ - Ϧετ

    ೖΕࢠͳάϧʔϓʹׂΓ౰ͯΒΕͳ͍ϥΠηϯε

26. IdPҾͬӽ͠ = ѱເʢઈର΍Γͨ͘ͳ͍ʣ

27. σʔλΛ௥ٻͨ͠ ηΩϡϦςΟͰ վֵ͍͖ͯ͠·͠ΐ͏

28. None