Presentation is loading. Please wait.

Presentation is loading. Please wait.

People, Process and Technology Andy Papadopoulos.

Published byEsperanza Parker Modified over 9 years ago

Similar presentations

Presentation on theme: "People, Process and Technology Andy Papadopoulos."— Presentation transcript:

1 People, Process and Technology Andy Papadopoulos

2 Fighting Fraud Go after low hanging fruit – start with the most sensitive data and the areas where they are vulnerable - then work outwards Leverage existing investments in Microsoft technologies Implement Scorecards and Monitoring

3 More than 80% of enterprise's digitized information reside in individual hard drives and in personal files and 80% of the data is unstructured, not secure nor backed up. Individuals hold the key to the knowledge economy and most of it is lost when they leave the enterprise Employees get 50%-75% of their relevant information directly from other people Today’s Information Challenge Source: Gartner Group/CIBC World Markets

4 Confidentiality Ensure privacy of user information and transmission Integrity Ensure accuracy of data and data processing Availability Maximize functionality and uptime Trust Confidence to transact

5 Workplace E-mail Stats Emails per day (%)100+≥5031-49 Weighted Total Estimate the percentage email increase in the past 12 months (2002-3) 21181016 In your opinion, is email communication at your workplace out of control? No0275835 Potentially 14201721 Yes86 532544 Should elimination of bad email habits be a corporate responsibility? Yes90866778 No10639 Don’t know 072913 Christina Cavanagh Professor, Richard Ivey School of Business

6 Keeping it Confidential Don’t add layers …. Users won’t use them Take advantage of tools already in place with the interfaces they are already used to Information Rights Management

7

8

9

10 Collaboration and Control Wasted Time is a key ROI I know we did this before …. I can’t find it Intellectual Property Lessons learned leave with employees Leverage past experience Aging Work Force Losing that valuable experience

11 Common ‘problems’ with data Common agreed definitions (shared context) lacking Inconsistent definitions across applications Manual transformations and analysis Manual Audit Trails Poor Data Quality Poor Connectivity from applications to resources One Way Data Traffic (errors not corrected at the source)

12 What does FINE mean ? “Don’t worry everything is Fine” How do I get the validation I need Make use of dashboards and scorecards

13

14

15 Service Level Reporting

16 The Identity Lifecycle New User User ID Creation Credential Issuance Access Rights Account Changes Promotions Transfers New Privileges Attribute Changes Password Mgmt Strong Passwords “Lost” Password Password Reset Retire User Delete/Freeze Accounts Delete/Freeze Entitlements

17 Identity Business Impact 24% lower productivity End user spends 16 minutes a day logging in to various system Provisioning new users take 28 hours longer than business requirements Increased IT Operational Costs Roughly 48% of help desk calls are password resets ($45-$153 each) User management consumers 5.25% of all IT productivity Most admin tasks (moves, adds, changes) take 10x longer than necessary 23% additional security risks Only 70% of users deleted on departure New users provisioned to 16 apps, on departure deleted from 10 A survey of over 600 organizations concluded that the average cost impact of security breaches on each organization alone is over $972K* Source: Metagroup/PwC Survey 2002, * CSI/FBI Survey

18

19 It’s a Virtual World … The fine balance between keeping safe and allowing employees to do their jobs. Workforce is mobile Laptops are everywhere

20 Mobile Workforce Why We Need Quarantine

21 Internet and PC Usage Policy “I didn’t know I couldn’t sell stuff on ebay 4 hours a day ….” Put it in writing, keep it current, make it part of your HR process.

22 Microsoft Best Practice Tools Microsoft Baseline Security Analyzer Exchange Best Practice Analyzer SQL Best Practice Analyzer Validates that your installation and configuration are done to best practice guidelines

23 Microsoft Security Assessment Tool Free tool to drive security awareness around people, process and technology Download from: www.securityguidance.com

24 A Layered Approach to Compliance Engages the entire business for success Allows for the allocation of controls outside of IT Legislation Policies Procedures Physical Controls Application Features Inherent System Capabilities

25 A Layered Approach to Security Policies, Procedures, & Awareness OS hardening, patch management, authentication Firewalls, VPN quarantine Guards, locks, tracking devices Network segments, Isolation Application hardening, antivirus Access controls- data encryption Documented Process and User Education ! Physical Security Perimeter Internal Network Desktop and Servers Applications Data

26 Discovery Session Offer Discovery Session Offer 1-2 day offer from Office Systems Team Makes use of scorecards and collaboration Show you how you can use tools to better communicate/collaborate/share Show accountability to stakeholders andy@legendcorp.com

27 Summary Leverage investments already made with Microsoft Technology Make use of scorecards and monitoring systems to ensure things really are FINE

Download ppt "People, Process and Technology Andy Papadopoulos."

Similar presentations

About Certiport Worldwide administrator of the Microsoft Business Certification program: –Microsoft Business Certification Credentials Microsoft Office.

About Certiport Worldwide administrator of the Microsoft Business Certification program: –Microsoft Business Certification Credentials Microsoft Office.
Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.

Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.
Copyright Critical Software S.A. 1998-2008 All Rights Reserved. COTS based approach for the Multilevel Security Problem Bernardo Patrão.

Copyright Critical Software S.A All Rights Reserved. COTS based approach for the Multilevel Security Problem Bernardo Patrão.
Whats New in Microsoft Office 365 Module 01 | Daniel Sierra | Account Technology Strategist Microsoft Education México.

Whats New in Microsoft Office 365 Module 01 | Daniel Sierra | Account Technology Strategist Microsoft Education México.
Application Security Best Practices At Microsoft Ensuring the lowest possible exposure and vulnerability to attacks Published: January 2003.

Application Security Best Practices At Microsoft Ensuring the lowest possible exposure and vulnerability to attacks Published: January 2003.
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.

Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
Security Controls – What Works

Security Controls – What Works
The State of Security Management By Jim Reavis January 2003.

The State of Security Management By Jim Reavis January 2003.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Secure Data Transmission James Matheke Information Security Architect Ohio Department of Job and Family Services.

Secure Data Transmission James Matheke Information Security Architect Ohio Department of Job and Family Services.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Identity and Access Management

Identity and Access Management
Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard
Lexmark Print Management

Lexmark Print Management
Account Reset Console Delegated and secure self password resets Joe Vachon Sales Engineer.

Account Reset Console Delegated and secure self password resets Joe Vachon Sales Engineer.
Patch Management Strategy

Patch Management Strategy
Enhanced Collaboration and other benefits of Sharepoint Technologies Kern Sutton Business Productivity Group Microsoft Corporation.

Enhanced Collaboration and other benefits of Sharepoint Technologies Kern Sutton Business Productivity Group Microsoft Corporation.

Similar presentations

Ads by Google