We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byJames Larson
Modified over 5 years ago
Data Security Best Practices for Non-Profits & Foundations © 2010 Museum of Fine Arts, Boston John C. Newman Highland Street Foundation Breakfast Seminar March 23, 2010
© 2010 Museum of Fine Arts, Boston A Non-Profit Case Study
450,000 Objects 1 Million Visitors 70,000 Members 1400 SMFA Students 1200 Volunteers 1000 Employees © 2010 Museum of Fine Arts, Boston
3 Restaurants 3 Shops 3 4 Web Sites 2 Web Stores 2 Parking Lots 1 Parking Garage Library Concerts Lectures Films © 2010 Museum of Fine Arts, Boston
State Street Corporation Fenway Entrance Sharf Information Center Huntington Entrance New Courtyard New American Wing Forsyth Dental School Seven sites Temporary relocations © 2010 Museum of Fine Arts, Boston
2010 20052006200720082009 PCI 1.0 Compliance Review Network Account procedures updated Budgeted for Network Penetration Testing PCI 1.2 Compliance Review Mass CMR 17.00 issued Revised Data Inventory Published WISP CMR 17.00 Deadline
Tier 4 PCI Vendor No Staff Wireless No Staff Downloads Separate physical staff and student networks Very limited remote system access © 2010 Museum of Fine Arts, Boston
Museum-Wide MFA Computer Use Policy Information Technology and System User Responsibilities I.T. Policies MFA Computer Network Accounts: Policies and Procedures MFA Employee Departure Policy and Procedure MFA Mobile Device Policy: Laptops and Off- Site Computers Network Security Policy: Unauthorized Devices I.T. Service Request Procedures Financial Policies MFA Mobile Device Policy: Cell Phones + Smart Phones © 2010 Museum of Fine Arts, Boston
Leverage existing systems and procedures New Employee Orientation PCI Data Inventory Track-It! Incident Reporting On-line Publishing Intranet Sharepoint Incident Dashboard © 2010 Museum of Fine Arts, Boston
Obtaining Budget for New Services Time Commitment for Application-Data Inventory and Risk Analysis Ongoing Time Commitment for Education and Annual Review © 2010 Museum of Fine Arts, Boston
Web site requirements Vendor Registration Form Security Incident Dashboard Network Vulnerability Scan © 2010 Museum of Fine Arts, Boston
Increased Security Awareness Increased knowledge of our systems Potential reuse of Data Inventory results © 2010 Museum of Fine Arts, Boston
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
606 CMR 14.00: Background Record Checks What you need to know!
National Bank of Dominica Ltd Merchant Seminar Facilitator: Janiere Frank Fraud & Compliance Analyst June 16, 2011.
PCI Compliance: The Gateway to Paradise PCI Compliance: The Gateway to Paradise.
Identify risks with mobile devices: Portable data storage Wireless connections 3 rd party applications Data integrity Data availability 2.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Case Franchise Support & Training. Case Support Who? Who do I call for support? What? What types of questions can be answered by the corporate support.
© Robert G Parker – UW-CISA 2010 S-1 New and Emerging Technologies 3 - New and Emerging Technologies.
New PCI Credit Card Security Requirements An in depth look at how to apply the new standards and protect your institution.
Security Education and Awareness Workshop January 15-16, 2004 Baltimore, MD.
CAMP Med Building a Health Information Infrastructure to Support HIPAA Rick Konopacki, MSBME HIPAA Security Coordinator University of Wisconsin-Madison.
© Vendor Safe Technologies 2008 B REACHES BY M ERCHANT T YPE 70% 1% 9% 20% Data provided by Visa Approved QIRA November 2008 from 475 Forensic Audits.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.
Implementing MA 201 CMR in a cultural institution… Richard Snow Director of Information Technology Mount Auburn Cemetery
Copyright 2004 Turning Point Solutions Establishing Lines Of Communication Before a Crisis.
Secure Computing Network
August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.
02/12/00 E-Business Architecture
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
© 2019 SlidePlayer.com Inc. All rights reserved.