Presentation is loading. Please wait.

Presentation is loading. Please wait.

Layered Security Solutions - Simplified www.SoftwareSecuritySolutions.com 303-232-9070 © 2008 Monte Robertson - CEO Layered Security Solutions – Simplified!

Similar presentations


Presentation on theme: "Layered Security Solutions - Simplified www.SoftwareSecuritySolutions.com 303-232-9070 © 2008 Monte Robertson - CEO Layered Security Solutions – Simplified!"— Presentation transcript:

1 Layered Security Solutions - Simplified © 2008 Monte Robertson - CEO Layered Security Solutions – Simplified!

2 If your data isn’t secure, it isn’t your data.® The Layered Security Solution for Small Businesses Goals and Outcomes: Begin to understand layered security. Put information to immediate use, at home and at work. Use this to help others with awareness.

3 If your data isn’t secure, it isn’t your data.® The Small Business Situation SMB does not have the knowledge or skills to address this complex issue. Small Business Information Security Act of 2008 (Senator Olympia J. Snowe, R-Maine) As Mentors - You can help!

4 Identification of Risk What data could cause them harm if lost, changed or compromised? What do they need to protect? If your data isn’t secure, it isn’t your data.® 1.Financial Data 2.Customer Data 3.Vendor Data 4.Employee Data 5.Health Care, Investments 6.Corporate Intellectual Property 7.Investors

5 Identification of Risk What is the value of each category? Where is this information kept? What regulations apply to the business’ data? –PCI, SOX, GLB, HIPAA –E-Discovery requirements for pertinent data If your data isn’t secure, it isn’t your data.®

6 Data Back-up All categories of Data 1.Critical\Non Critical 2. – Archiving, new legal requirements 3.Data Shares If your data isn’t secure, it isn’t your data.®

7 Data Back-up Local – on site, DAS, NAS, Appliances Tape vs. new technology Off site, Online Redundancy & DR Standards & Regulations If your data isn’t secure, it isn’t your data.®

8 Data Back-up Research If your data isn’t secure, it isn’t your data.® Are all areas identified & backed up? Both on & off site? What type do they use & is it efficient? Time & resources required to maintain? Time & resources required to restore? Have backups been tested? Comfort & Consequences!

9 Disaster Recovery Plan Identify and assign resources Business Continuity Insurance Tools to help If your data isn’t secure, it isn’t your data.®

10 Disaster Recovery Research Disaster Recovery Journal Gartner SBA Plans are a work in progress as business changes. Less than 10% survive without a plan If your data isn’t secure, it isn’t your data.®

11 Anti Malware Client machines – laptop, desktop, mobile Servers Gateways 1.Internet, Changes in technology New Threats –Mashups & Web 2.0 $100 additional cost per user If your data isn’t secure, it isn’t your data.®

12 Anti Malware Research Virus Bulletin Anti Virus Comparatives AV Test –Times have changed & so have solutions calculator.phpwww.SoftwareSecuritySolutions.com/anti-virus-cost- calculator.php If your data isn’t secure, it isn’t your data.®

13 Firewalls Gateway Inspection types Additional layers 1.Anti Malware 2.Anti Spam 3.Content Filtering 4.Intrusion prevention Personal Firewalls If your data isn’t secure, it isn’t your data.®

14 Firewall Research ICSA West Coast Labs If your data isn’t secure, it isn’t your data.®

15 Security & Filtering All user devices Technology Spam 1.Volume, Cost Malware Phishing Social Engineering Archiving, Legal If your data isn’t secure, it isn’t your data.®

16 Security Research How critical is to their business? Associated cost? POP3 vs. SMTP Conduct CBA on Service vs. Appliances & Software If your data isn’t secure, it isn’t your data.®

17 Wireless Security Mobile Devices 1.Anti malware 2.Backup & theft recovery Wireless Networks Authentication Encryption WEP\WPA If your data isn’t secure, it isn’t your data.®

18 Web Security & Filtering All user devices\Servers Shift in threat Web applications –PCI compliance Searching\Surfing Liabilities If your data isn’t secure, it isn’t your data.®

19 User Education & Application updates Weakest link Threat Surface Future attacks Updates 1.OS 2.Office 3.Common apps 4.Checked regularly? If your data isn’t secure, it isn’t your data.®

20 User Education Resources Employee Awareness: Security Video: World Security Challenge: Customizable Awareness Newsletter: If your data isn’t secure, it isn’t your data.®

21 Security Policy Definitions –All Layers –Acceptable Use –Consequences Resources –What to use –Who supports If your data isn’t secure, it isn’t your data.®

22 Security Policy Resources Policies, Standards and Guidelines: https://www2.sans.org/resources/policies/ https://www2.sans.org/resources/policies/ If your data isn’t secure, it isn’t your data.®

23 What they can (and should) do right now Network Configuration (P2P vs. Domain) Updates – 3 rd party Office machines – (all in one) Laptop encryption, theft tracking User rights File Access Physical Access If your data isn’t secure, it isn’t your data.®

24 Implementing a Layered Security Solution Create a Security Policy Formulate an adoption plan Budget Start with most critical areas Set & forget not an option If your data isn’t secure, it isn’t your data.®

25 Questions and Answers If your data isn’t secure, it isn’t your data.®

26 Layered Security Solutions - Simplified © 2008 Monte Robertson – CEO Layered Security Solutions – Simplified!


Download ppt "Layered Security Solutions - Simplified www.SoftwareSecuritySolutions.com 303-232-9070 © 2008 Monte Robertson - CEO Layered Security Solutions – Simplified!"

Similar presentations


Ads by Google