Download presentation
Presentation is loading. Please wait.
Published byCharlene Lawrence Modified over 8 years ago
1
ICTWG-ECPRD SEMINAR 2006 INFORMATION SECURITY ISSUES AT THE CHAMBER OF DEPUTIES Carlo Simonelli Head of Unit – ICT Systems and User Support ICT Department – Chamber of Deputies Vilnius, 6th October 2006 1
2
OVERVIEW Information System Security “Documento programmatico sulla sicurezza dei dati” (Programmatic Data Security Document) Risk analysis carried out for the Programmatic Data Security Document Other contents of the Document Internet redundant links Projects for improving information system security 2
3
INFORMATION SYSTEM SECURITY Information System Security at the Chamber of Deputies during the past years Security procedures difficult to be implemented 3
4
PERSONAL DATA PROTECTION CODE Internet, Electronic mail and always- on era required more effort in information security Implementing “Personal Data Protection Code” (Decreto Legislativo n. 196, 2003) 4
5
PROGRAMMATIC DATA SECURITY DOCUMENT First edition of “Documento programmatico sulla sicurezza dati” (Programmatic Data Security Document) The “Register of IT systems” is a prerequisite The two parts of the Document 1.Analytic review of all data treatments 2.Rules for managing personal and sensitive data and general instruction to protect the information systems 5
6
RISK ANALYSIS AND ASSESSMENT ISO/IEC 17799 (now ISO/IEC 27799:2005) and other information security standards Risk exposure level established for 51 data bases with sensitive data and for 77 data bases with personal data Activities this year on sensible data 6
7
BENEFITS OF THE DOCUMENT Joint activities improving information security Important managing procedures Procedures for managers and employees Duration of data stored online and offline Who is in charge of deleting data Managing backups and logs Data ciphering Password characteristics and expiration Training of managers and employees 7
8
IMPROVING INTERNET LINK SPEED AND AVAILABILITY 8
9
IMPROVING INFORMATION SYSTEM SECURITY PKI system for digital signatures Smart cards for strong authentication of employees New projects MPs VPN SSL authentication and profiling; use of tokens Protocol 802.1x for administrative user workstation connection 9
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.