Presentation is loading. Please wait.

Presentation is loading. Please wait.

ICTWG-ECPRD SEMINAR 2006 INFORMATION SECURITY ISSUES AT THE CHAMBER OF DEPUTIES Carlo Simonelli Head of Unit – ICT Systems and User Support ICT Department.

Published byCharlene Lawrence Modified over 8 years ago

Similar presentations

Presentation on theme: "ICTWG-ECPRD SEMINAR 2006 INFORMATION SECURITY ISSUES AT THE CHAMBER OF DEPUTIES Carlo Simonelli Head of Unit – ICT Systems and User Support ICT Department."— Presentation transcript:

1 ICTWG-ECPRD SEMINAR 2006 INFORMATION SECURITY ISSUES AT THE CHAMBER OF DEPUTIES Carlo Simonelli Head of Unit – ICT Systems and User Support ICT Department – Chamber of Deputies Vilnius, 6th October 2006 1

2 OVERVIEW  Information System Security  “Documento programmatico sulla sicurezza dei dati” (Programmatic Data Security Document)  Risk analysis carried out for the Programmatic Data Security Document  Other contents of the Document  Internet redundant links  Projects for improving information system security 2

3 INFORMATION SYSTEM SECURITY  Information System Security at the Chamber of Deputies during the past years  Security procedures difficult to be implemented 3

4 PERSONAL DATA PROTECTION CODE  Internet, Electronic mail and always- on era required more effort in information security  Implementing “Personal Data Protection Code” (Decreto Legislativo n. 196, 2003) 4

5 PROGRAMMATIC DATA SECURITY DOCUMENT  First edition of “Documento programmatico sulla sicurezza dati” (Programmatic Data Security Document)  The “Register of IT systems” is a prerequisite  The two parts of the Document 1.Analytic review of all data treatments 2.Rules for managing personal and sensitive data and general instruction to protect the information systems 5

6 RISK ANALYSIS AND ASSESSMENT  ISO/IEC 17799 (now ISO/IEC 27799:2005) and other information security standards  Risk exposure level established for 51 data bases with sensitive data and for 77 data bases with personal data  Activities this year on sensible data 6

7 BENEFITS OF THE DOCUMENT  Joint activities improving information security  Important managing procedures ­Procedures for managers and employees ­Duration of data stored online and offline ­Who is in charge of deleting data ­Managing backups and logs ­Data ciphering ­Password characteristics and expiration ­Training of managers and employees 7

8 IMPROVING INTERNET LINK SPEED AND AVAILABILITY 8

9 IMPROVING INFORMATION SYSTEM SECURITY  PKI system for digital signatures  Smart cards for strong authentication of employees  New projects ­MPs VPN SSL authentication and profiling; use of tokens ­Protocol 802.1x for administrative user workstation connection 9

Download ppt "ICTWG-ECPRD SEMINAR 2006 INFORMATION SECURITY ISSUES AT THE CHAMBER OF DEPUTIES Carlo Simonelli Head of Unit – ICT Systems and User Support ICT Department."

Similar presentations

Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Data Ownership Responsibilities & Procedures

Data Ownership Responsibilities & Procedures
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
PKI and E-mail. E-mail Considerations Behind Firewall E-mail System Security On the Internet –Simple Mail Transfer Protocol (SMTP)

PKI and . Considerations Behind Firewall System Security On the Internet –Simple Mail Transfer Protocol (SMTP)
Information Security Policies and Standards

Information Security Policies and Standards
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Brooks Evans – CISSP-ISSEP, Security+ IT Security Officer Arkansas Department of Human Services.

Brooks Evans – CISSP-ISSEP, Security+ IT Security Officer Arkansas Department of Human Services.
Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.

Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
EIRB Training IRB Committee Member A Paperless IRB System.

EIRB Training IRB Committee Member A Paperless IRB System.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.

Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.
Internet Security for Small & Medium Business Week 6

Internet Security for Small & Medium Business Week 6
Forms Management: Compliance, Security & Workflow Efficiencies.

Forms Management: Compliance, Security & Workflow Efficiencies.
Security Squad Keeping your Equipment and Information Safe Security Squad Keeping your Equipment and Information Safe Security Squad Video Series, Part.

Security Squad Keeping your Equipment and Information Safe Security Squad Keeping your Equipment and Information Safe Security Squad Video Series, Part.
Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.

Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.

Similar presentations

Ads by Google