Presentation is loading. Please wait.

Presentation is loading. Please wait.

Data Security Best Practices for Non-Profits & Foundations © 2010 Museum of Fine Arts, Boston John C. Newman Highland Street Foundation Breakfast Seminar.

Similar presentations


Presentation on theme: "Data Security Best Practices for Non-Profits & Foundations © 2010 Museum of Fine Arts, Boston John C. Newman Highland Street Foundation Breakfast Seminar."— Presentation transcript:

1 Data Security Best Practices for Non-Profits & Foundations © 2010 Museum of Fine Arts, Boston John C. Newman Highland Street Foundation Breakfast Seminar March 23, 2010

2 © 2010 Museum of Fine Arts, Boston A Non-Profit Case Study

3 450,000 Objects 1 Million Visitors 70,000 Members 1400 SMFA Students 1200 Volunteers 1000 Employees © 2010 Museum of Fine Arts, Boston

4 3 Restaurants 3 Shops 3 4 Web Sites 2 Web Stores 2 Parking Lots 1 Parking Garage Library Concerts Lectures Films © 2010 Museum of Fine Arts, Boston

5 State Street Corporation Fenway Entrance Sharf Information Center Huntington Entrance New Courtyard New American Wing Forsyth Dental School Seven sites Temporary relocations © 2010 Museum of Fine Arts, Boston

6 PCI 1.0 Compliance Review Network Account procedures updated Budgeted for Network Penetration Testing PCI 1.2 Compliance Review Mass CMR issued Revised Data Inventory Published WISP CMR Deadline

7 Tier 4 PCI Vendor No Staff Wireless No Staff Downloads Separate physical staff and student networks Very limited remote system access © 2010 Museum of Fine Arts, Boston

8 Museum-Wide MFA Computer Use Policy Information Technology and System User Responsibilities I.T. Policies MFA Computer Network Accounts: Policies and Procedures MFA Employee Departure Policy and Procedure MFA Mobile Device Policy: Laptops and Off- Site Computers Network Security Policy: Unauthorized Devices I.T. Service Request Procedures Financial Policies MFA Mobile Device Policy: Cell Phones + Smart Phones © 2010 Museum of Fine Arts, Boston

9 Leverage existing systems and procedures New Employee Orientation PCI Data Inventory Track-It! Incident Reporting On-line Publishing Intranet Sharepoint Incident Dashboard © 2010 Museum of Fine Arts, Boston

10 Obtaining Budget for New Services Time Commitment for Application-Data Inventory and Risk Analysis Ongoing Time Commitment for Education and Annual Review © 2010 Museum of Fine Arts, Boston

11 Web site requirements Vendor Registration Form Security Incident Dashboard Network Vulnerability Scan © 2010 Museum of Fine Arts, Boston

12 Increased Security Awareness Increased knowledge of our systems Potential reuse of Data Inventory results © 2010 Museum of Fine Arts, Boston


Download ppt "Data Security Best Practices for Non-Profits & Foundations © 2010 Museum of Fine Arts, Boston John C. Newman Highland Street Foundation Breakfast Seminar."

Similar presentations


Ads by Google