Presentation is loading. Please wait.

Presentation is loading. Please wait.

State Data Center Oregon Consumer Identity Theft Protection Act Information Forum October 31, 2007.

Published byStephen Boyd Modified over 8 years ago

Similar presentations

Presentation on theme: "State Data Center Oregon Consumer Identity Theft Protection Act Information Forum October 31, 2007."— Presentation transcript:

1 State Data Center Oregon Consumer Identity Theft Protection Act Information Forum October 31, 2007

2 SB 583 Technical Requirements Assess risks in network and software design Assess risks in information processing, transmission and storage Test and monitor key controls, systems and procedures Detect, prevent and respond to intrusions

3 Protecting Personal Information Agencies own their data, including personal information, and are responsible for protecting it and reporting breaches Technical architecture at the State Data Center can assist agencies in protecting personal information

4 State Data Center Role in Assessment Provide input to the risk assessment process regarding: Network design Network design Network security controls Network security controls Storage architecture Storage architecture Location of applications Location of applications

5 State Data Center Role in Monitoring and Intrusion Detection System monitoring tools can be set up to alert on key failures Log aggregation tools can provide alerting on key events Network intrusion detection can alert on attempts to access key systems from the Internet

6 How State Data Center efforts will benefit agencies New technical environment, “Shared Services,” provides granular network control Increased network intrusion detection Standard technical security controls on systems

7 Next steps … Convene a work group of SDC staff and state agency representatives to: Develop a common framework for assessing technical risks Develop a common framework for assessing technical risks Develop a set of best practices for applying technical safeguards to protect personal information Develop a set of best practices for applying technical safeguards to protect personal information Identify opportunities to apply consistent controls to personal information access Identify opportunities to apply consistent controls to personal information access

8 Contact information Marshall Wells, Security Manager State Data Center (503) 373-0949 Al Grapoli, Network Services Manager State Data Center (503) 378-3338

Download ppt "State Data Center Oregon Consumer Identity Theft Protection Act Information Forum October 31, 2007."

Similar presentations

Protecting Personal Information Guidance for Business.

Protecting Personal Information Guidance for Business.
FAIR AND ACCURATE CREDIT TRANSACTIONS ACT (FACTA)- RED FLAG RULES University of Washington Red Flag Rules Protecting Against Identity Fraud.

FAIR AND ACCURATE CREDIT TRANSACTIONS ACT (FACTA)- RED FLAG RULES University of Washington Red Flag Rules Protecting Against Identity Fraud.
SL21 Information Security Board Mission, Goals and Guiding Principles.

SL21 Information Security Board Mission, Goals and Guiding Principles.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
Module 2.2 Security, legal and ethical issues Theme: Finding solutions.

Module 2.2 Security, legal and ethical issues Theme: Finding solutions.
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
Security Controls – What Works

Security Controls – What Works
Prepared: October, 2005 1 Ann Garrett, State Chief Information Security Officer Statewide Security Update October 25, 2005 Information Technology Advisory.

Prepared: October, Ann Garrett, State Chief Information Security Officer Statewide Security Update October 25, 2005 Information Technology Advisory.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
IBM Security Network Protection (XGS)

IBM Security Network Protection (XGS)
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Toolbox Helping You Define Value and Close Business The Business Value of Managed Security Services.

Toolbox Helping You Define Value and Close Business The Business Value of Managed Security Services.
Securing Information Systems

Securing Information Systems
Storage Security and Management: Security Framework

Storage Security and Management: Security Framework
Kholoud AlSafadi 120050375 Ethical Issues in Information Systems and the Internet.

Kholoud AlSafadi Ethical Issues in Information Systems and the Internet.
Overview of Systems Audit

Overview of Systems Audit
Computer Based Information Systems Control UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.

Computer Based Information Systems Control UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.

Similar presentations

Ads by Google