Diapositive 1

1
ITS4StartUp
Information Technology Security for Start-Up
A good practise for starting up secured IT
services in young innovative SMEs EBN Awards
2009 18th EBN Congress 26th June FEZ
2
HISTORY
Created in 1989 as a private company (SA). 1992
BIC Labelization 1994 Integration to the
Conseil Général de la Haute-Garonne 2004
French Quality label AFNOR Service Pépinière
3
BIC THEOGONE Two sites
Ramonville St Agne
Martres Tolosane
62 Km
F.O. Link
4
BIC THEOGONE Innovative SMEs
Generalist BIC, 20 years of experience, Survival
rate after 5 years 80 (national mean 50 )
SMEs Today 30 innovative companies, 170
employees, gt 40 M How to help company CEO to
be innovative ? In being innovative too !
5
Steps into the problem
We think one of the most important BIC mission is
to transfer good practises for innovative
business to young and unskilled company creator.
All of us are helping young SMEs to elaborate
their Business Plan, Business
Model, Investor quest, . A bunch of good
practises in Business ! As we consider that
Innovation is a strategic element we offer
secured premises with restricted access. BUT
what about Internet connections ?
6
Steps into the problem
Can you imagine a burglar in your BIC visiting
SMEs premises ?
X
Definitively NOT !!
So why many innovative SMEs not specialized in IT
Systems should have to be alone in front of
Internet Security ? We think we have to help them.
7
The criterions
How to help SMEs ? In creating a basic secured IT
system for them - allowing mobility without
WIFI (not so secured), - check user ID
authenticate check user authorizations -
based on open tools (less expensive, robusts), -
transferable to SMEs when the leave the
BIC system should be multi-platform, made of
blocks, - allowing green IT grade (not only
because we love Earth but to reduce electricity
charges), - easily maintainable (even for a non
computer geeks !)
Thats ITS4Startup !
8
Each connection and every 8 h.
9
CA Portability to SMEs and PKI transfert
PKI items
V1.0 only BIC can deliver e-Access
SIGN Encrypt e-Access
Public Key
Private Key
CA Cert.
PKI items
SIGN Encrypt e-Access
V2.0 BIC signs SME CA to allow SMEs to deliver
their own e-Access
SME CA
Public Key
Private Key
CA Cert.
10
The Internet access protection problem
Classical Internet access protection using
Firewall (point of view of SME)
BIC problem Firewall transferability to SME with
a unique FW
SME 1
SME 2
SME n
11
The Internet access protection solution IPCOP
Classical Internet access protection using
Firewall (point of view of SME)
BIC solution Firewall transferability to SME with
multiple FW
SME 1
SME 2
SME n
12
Does we comply with criterions ?
How to help SMEs ? In creating a basic secured IT
system for them - allowing mobility without
WIFI (not so secured), WIRED - based on open
tools (less expensive, robusts), LINUX,
APACHE, MySQL, OpenRADIUS, OpenSSL -
transferable to SMEs when the leave the
BIC system should be multi-platform, OpenSSL
Win, MAC, UNIXes made of blocks, YES -
allowing green IT grade (not only because we love
Earth but to reduce electricity charges), NO TOO
MUCH COMPUTERS !!! - easily maintainable YES
INTRANET Graphical Interfaces
13
The Green Version
The problem
Firewall 1 server / SME 500 W, CA PKI
server 1 server / SME 500 W Radius server 1
server / SME 500 W LDAP MySQL server
1server / SME 500 W Total / SME 2 kW Sample
Total for 30 SME (case of BIC Theogone) gt 60 kW
!!!!
The Solution VIRTUALIZATION
All In One 500 W, possible, replication
advantage, packaging
Theogone 30 SMEs FWs 500 W, BIC FW auth
system 500 W total 1 kW
14
Does we comply with criterions ?
How to help SMEs ? In creating a basic secured IT
system for them - allowing mobility without
WIFI (not so secured), WIRED - based on open
tools (less expensive, robusts), LINUX,
APACHE, MySQL, OpenRADIUS, OpenSSL -
transferable to SMEs when the leave the
BIC system should be multi-platform, OpenSSL
Win, MAC, UNIXes made of blocks, YES -
allowing green IT grade (not only because we love
Earth but to reduce electricity charges),
Virtualization - easily maintainable YES
INTRANET Graphical Interfaces
15
Transferability Conclusions
When SMEs leave the BIC, they receive a bunch of
DVD containing - all the authorization and
authentication system, - Firewall copy, - log
system, We support them up to 6 monthes after
their exit. System is compatible with VoIP and
ToIP System can support signed email (THE
solution to spam) ITS4Startup is adaptable
whatever infrastructure hardware at low
cost ITS4Stratup is transferable to other BICs
16
THEOGONE Le CEEI de la Haute-Garonne
A Team Board Frédéric Daumas, Caroline
Corpel-Bousquet, Jean-Pierre Thoulouse, Assist
ants to companies Marie-Christine
Lagère-Campos, Marilyne Chiche, Amandine
Mari, Laurent Comet, Marie-Rose
Cazaux, Françoise Surges.
17
Thank you for your attention ! CEEI
THEOGONE frederic.daumas_at_cg31.fr