Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing and Protecting Citizens' Data

Published byBeatrice Jefferson Modified over 5 years ago

Similar presentations

Presentation on theme: "Securing and Protecting Citizens' Data"— Presentation transcript:

1 Securing and Protecting Citizens' Data
Bob Bence CIO St. Louis County June 18, 2009

2 Citizen Data Information Needing Protection Governance Policies
IT Architecture

3 Information Needing Protection
Personal identification (SSN) Medical records Credit card Law enforcement Criminal history records Finger prints Certain addresses on real estate web site Stalking victims

4 Governance Have a culture of awareness & security
Compliance (HIPAA, PCI, CJIS, etc) IT Security Team Peer Reviews, Gartner Security report to IT Steering Committee three times/yr Internal & External security audits

5 Policies Identify & label Confidential & Private information
Limit access to systems with sensitive information No credit card numbers stored on our systems Website privacy statement on web site Redact personal information Review web content before posting Security section in bids & RFPs

6 St. Louis County E-commerce Architecture
DMZ Zone 1 Zone 2 Zone 3 Applicat-ion Servers Database Server Web Servers Internet S W EC FW2 FW1 FW3 FW = Firewall S = Switch W = Web Application Firewall VLANS for network segmentation

Download ppt "Securing and Protecting Citizens' Data"

Similar presentations

Database Security Policies and Procedures and Implementation for the Disaster Management Communication System Presented By: Radostina Georgieva Master.

Database Security Policies and Procedures and Implementation for the Disaster Management Communication System Presented By: Radostina Georgieva Master.
09/04/2015Unit 2 (b) Back-Office processes Unit 2 Assessment Criteria (b) 10 marks.

09/04/2015Unit 2 (b) Back-Office processes Unit 2 Assessment Criteria (b) 10 marks.
Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP, CCSK Principal Systems Engineer – Security.

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP, CCSK Principal Systems Engineer – Security.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
Regulatory Issues in Campus Computing Privacy and Security in a Digital World Presented by David Gleason, Esq. University Counsel University of Maryland,

Regulatory Issues in Campus Computing Privacy and Security in a Digital World Presented by David Gleason, Esq. University Counsel University of Maryland,
Information Security Awareness April 13, 2003. Motivation Recent federal and state regulations and guidance Recent federal and state regulations and guidance.

Information Security Awareness April 13, Motivation Recent federal and state regulations and guidance Recent federal and state regulations and guidance.
Data Incident Notification Policies and Procedures Tracy Mitrano Steve Schuster.

Data Incident Notification Policies and Procedures Tracy Mitrano Steve Schuster.
The Regulation Zoo: Dealing With Compliance Within The Firewall World

The Regulation Zoo: Dealing With Compliance Within The Firewall World
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Introduction to Firewall Technologies. Objectives Upon completion of this course, you will be able to: Understand basic concepts of network security Master.

Introduction to Firewall Technologies. Objectives Upon completion of this course, you will be able to: Understand basic concepts of network security Master.
Network Security Overview Tales from the trenches.

Network Security Overview Tales from the trenches.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Uniqueness of user names is enforced Customer information logged to database Require contact information as well as email address Email address will.

Uniqueness of user names is enforced Customer information logged to database Require contact information as well as address address will.
Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.

Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.
The World-Wide Web. Why we care? How much of your personal info was released to the Internet each time you view a Web page? How much of your personal.

The World-Wide Web. Why we care? How much of your personal info was released to the Internet each time you view a Web page? How much of your personal.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.

Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.
Private and Confidential. Levels of Identity Verification Is this person who they claim to be? Knowledge based Authentication Is this a real identity?

Private and Confidential. Levels of Identity Verification Is this person who they claim to be? Knowledge based Authentication Is this a real identity?
Sensitive Data Accessibility Financial Management College of Education Michigan State University.

Sensitive Data Accessibility Financial Management College of Education Michigan State University.
Responding to a Security Incident Maryland Security Day March 2, 2004 Joy Hughes, CIO

Responding to a Security Incident Maryland Security Day March 2, 2004 Joy Hughes, CIO

Similar presentations

Ads by Google