Information Security as a Business Enabler Panos Dimitriou, MSc InfoSec, CISSP,CISM Director, Managed Security Services 2007.

Slides:



Advertisements
Similar presentations
Manage your technology for optimal return on investment (ROI) The Tivoli ® Configuration & Operations management solution from IBM.
Advertisements

The IT Staff of the Future: The Importance of IT Business Alignment for Staff Development Katherine Spencer Lee Executive Director Robert Half Technology.
1/17/20141 Leveraging Cloudbursting To Drive Down IT Costs Eric Burgener Senior Vice President, Product Marketing March 9, 2010.
OTP – SMS Two-Factor Authentication. TABLE OF CONTENTS Introduction3 OTP – SMS Two-Factor Authentication5 Technical Overview9 Features10 Benefits11 About.
Software for Professional Services Time & Expense Recording Billing Project Management Management Information Resource Planning Accounting.
Financial Management Service © 2008 Federal Reserve Bank of Boston. p. 2 Introduction Dana Strecker  Bureau of Public Debt/ARC  Project Manager, Accounting.
Privileged Identity Management Enterprise Password Vault
COBIT - II.
Financial Closing Scenario Overview
Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.
Identity Management, what does it solve By Gautham Mudra.
Identity and Access Management — at the Core of Business Andrew A. Afifi, M.Sc. Network Security, CISSP Technology Strategist.
CRM Deployment. GROWTH Growth in CRM markets Deploymen t Types.
Electronic Customer Portal System. Reducing Risks – Increasing Efficiency – Lowering Costs Secure Internet based Communication Gateway direct to your.
Identity and Access Management Dustin Puryear Sr. Consultant, Puryear IT, LLC
IDENTITY MANAGEMENT: PROTECTING FROM THE INSIDE OUT MICHAEL FORNAL, SECURITY ANALYST PROVIDENCE HEALTH & SERVICES SOURCE SEATTLE CONFERENCE
© 2009 IBM Corporation Delivering Quality Service with IBM Service Management April 13 th, 2009.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.
1. Windows Vista Enterprise And Mid-Market User Scenarios 2. Customer Profiling And Segmentation Tools 3. Windows Vista Business Value And Infrastructure.
BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
what is contacts? In-contacts is an online contacts database designed from the ground up to be compatible with modern business needs.
1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.
What may fundamentally transform pharma dispensing….. May 2013.
Delivering Security for Mobile Device and Mobile Application Management INSERT MSP LOGO HERE.
New Generation Core Banking System For Sustained Growth
COMPDIRS NATHAN DORS APRIL 16, AGENDA  IAM – who we are, what we do  HRP Modernization & Workday  What’s new in IAM?  Identity.UW soft.
One Platform, One Solution: eToken TMS 5.1 Customer Presentation November 2009.
Engineering Essential Characteristics Security Engineering Process Overview.
© 2005 IBM Corporation IBM Business-Centric SOA Event SOA on your terms and our expertise Operational Efficiency Achieved through People and SOA Martin.
Life cycle services for automation products
National Australia Group (UK) With Hindsight!. Rules of Engagement If you have a question… raise your hand. If you are shy… speak to me later or drop.
Identity Assurance Emory University Security Conference March 26, 2008.
Company Confidential Leverage Your E-Business Suite as Part of Your Sales Performance Management Strategy January 17, 2008.
Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.
Identity Management and Enterprise Single Sign-On (ESSO)
Global Infrastructure Tenets Strategic Value 1.Growth - Identify enabling technologies that can boost employee productivity and agility, bring products.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Impact Research 1 Enabling Decision Making Through Business Intelligence: Preview of Report.
David Saslav Principal Product Manager Database and Application Server Technologies Oracle Corporation.
De Ann Williams-Doonan Director, Global Payroll Dell De Ann Williams-Doonan Director, Global Payroll Dell Strategic Agility.
ROLE OF ANALYTICS IN ENHANCING BUSINESS RESILIENCY.
COBIT. The Control Objectives for Information and related Technology (COBIT) A set of best practices (framework) for information technology (IT) management.
Bookkeeping Gold Coast 101 – How Outsourcing Help Your Business.
ABOUT COMPANY Janbask is one among the fastest growing IT Services and consulting company. We provide various solutions for strategy, consulting and implement.
IDC Says, "Don't Move To The Cloud" Richard Whitehead Director, Intelligent Workload Management August, 2010 Ben Goodman Principal.
 Remote monitoring and management (RMM), also known as network management or remote service software, is a built on application to help managed IT service.
How Sage ERP X3 Systems Can Benefit Businesses.  Sage X3 is an affordable and flexible ERP solution designed to help mid-sized companies manage business.
Best Things Done in Managing Hybrid Clouds. Businesses are moving to cloud set-up. However the concerns are security issues, regulatory obstacles, abnormal.
Segmap Solutions Mapping segments.
Financial Closing Scenario Overview
Citrix: Proactively Addressing Enterprise Wide Access Compliance with SAP® Access Violation Management Company Citrix Systems Inc. Headquarters Ft. Lauderdale,
Service Owner: Andrea Beesing 9 February 2016
Identity and Access Management
Transforming IT Management
Employcoder - An offshore custom software developer to solve complex business problems!
Securing the Threats of Tomorrow, Today.
Financial Closing Scenario Overview
Bee the hive Presented by the University of Glasgow:
JOINED AT THE HIP: DEVSECOPS AND CLOUD-BASED ASSETS
Is Cloud Identity Management Ready
What are IAM Key Processes.
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
GRC - A Strategic Approach
Agenda The current Windows XP and Windows XP Desktop situation
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
OU BATTLECARD: Oracle Identity Management Training
Recommendation Tree from a Marketing Manager
Recommendation Tree from a Marketing Manager
Presentation transcript:

Information Security as a Business Enabler Panos Dimitriou, MSc InfoSec, CISSP,CISM Director, Managed Security Services 2007

Agenda  “Visualizing” Information Security  Information Security as a Business Enabler...Case Studies –e-Banking/Business Authentication –Identity & Access Management –Remote Access –Outsourcing  …Epilogue

“Visualizing” Information Security You are here Information Security

Case Studies

Internet Banking and more  Banks approach Internet Banking as a Strategic Alternative Channel –Cost reduction –Customer Reach –Bear necessity  The first approach was to secure their side (the Bank’s side) and leave the customer’s side as “easy” as possible (i.e. username & passwords)  However, after a series of incidents they realised that in order to keep and extend their e-customer reach they had to secure also the “client side”

Internet Banking and more  Currently Banks give “One Time Passwords” Authentication Tokens –Customers are willing to pay for them! –Customers are being less reluctant to jump on the Internet Banking bandwagon  Some Banks are going a step further and they provide both the good-old “ease of use” (username & passwords) without the good-old risks, by leveraging: –Login Risk Analytics and back-end Fraud Management engines and thus making the best of both worlds!

Identity & Access Management  Companies are leveraging ITC and they are expanding, streamlining and optimising their business operations and functions  However, as they expand at the same time they get with –numerous persons to manage and even more user accounts –More applications –More complexity  So, –It takes them a long time to get new starters productive –They have to utilise valuable IT resources to manage accounts and passwords, when they could have been used in expanding your IT capabilities –It’s more difficult to ensure a secure operating environment –…

Identity & Access Management Who are your users? User Name: Password: x  What do your users have access to? X What are they doing with their access? Who approved their access? Lifecycle management of employees Extend the reach to partners, customers, vendors Audit & compliance

Identity & Access Management

 By using an IAM system they –Streamline and automate the user provisioning process –Reduce costs from Less help desk calls for trivial tasks (password resets) Less IT personnel is required for trivial tasks (provisioning) or for resource-intensive ones (Compliance) –Enhance User Productivity –Are able to allocate their IT personnel to tasks that really matter –Achieve Business Agility More services to more people M&As with less risks and less time

Remote Access  Companies need to provide Remote Access to their IT and Information resources in order to: –Support their “road warriors” (Sales teams…) –Resolve technical issues 24/7 in the minimum time possible –Reduce cost from “onsite visits” from third-party service providers –Support their teleworkers –…  However, when they are thinking about the risks they are bit reluctant to give such access  So, they usually: –Minimize services available –Introduce cumbersome manual processes Or in other words they lose half of the benefits but not reducing the corresponding risks accordingly

Remote Access  Advanced RAS Infrastructures can address all the concerns: –Ensure authorised access to only the resources allowed –Ensure complete auditability of authorised users actions on systems and data –Ensure critical data containment –…  And thus allow companies to provide the entire range of required services –Quickly, in a standardized fashion, securely –And get the full potential of RAS

Outsourcing  Outsourcing is a main trend for modern enterprises –Collection Agencies –Call Centers –Printing Houses –Software Development –IT Operations –…  However, just as in the case of RAS, when companies are thinking about the security risks and the corresponding regulatory compliance they get more reluctant to follow the trend

Outsourcing  Leading International companies are currently using Data Leak Prevention systems to achieve Accountability & Control on Outsourcers and corresponding data access and processes

Epilogue  We have to approach Information Security as a Business Enabler  We have to see Info Sec as the “railing” at our balcony that enable us to go (our company) to the edge  …without being at risk of getting “crashed” by the smallest wrong step

Epilogue Security Ease-of-use, Flexibility… Cost

_

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.