Presentation is loading. Please wait.

Presentation is loading. Please wait.

Data Security Best Practices for Non-Profits & Foundations © 2010 Museum of Fine Arts, Boston John C. Newman Highland Street Foundation Breakfast Seminar.

Published byJames Larson Modified over 10 years ago

Similar presentations

Presentation on theme: "Data Security Best Practices for Non-Profits & Foundations © 2010 Museum of Fine Arts, Boston John C. Newman Highland Street Foundation Breakfast Seminar."— Presentation transcript:

1 Data Security Best Practices for Non-Profits & Foundations © 2010 Museum of Fine Arts, Boston John C. Newman Highland Street Foundation Breakfast Seminar March 23, 2010

2 © 2010 Museum of Fine Arts, Boston A Non-Profit Case Study

3 450,000 Objects 1 Million Visitors 70,000 Members 1400 SMFA Students 1200 Volunteers 1000 Employees © 2010 Museum of Fine Arts, Boston

4 3 Restaurants 3 Shops 3 4 Web Sites 2 Web Stores 2 Parking Lots 1 Parking Garage Library Concerts Lectures Films © 2010 Museum of Fine Arts, Boston

5 State Street Corporation Fenway Entrance Sharf Information Center Huntington Entrance New Courtyard New American Wing Forsyth Dental School Seven sites Temporary relocations © 2010 Museum of Fine Arts, Boston

6 2010 20052006200720082009 PCI 1.0 Compliance Review Network Account procedures updated Budgeted for Network Penetration Testing PCI 1.2 Compliance Review Mass CMR 17.00 issued Revised Data Inventory Published WISP CMR 17.00 Deadline

7 Tier 4 PCI Vendor No Staff Wireless No Staff Downloads Separate physical staff and student networks Very limited remote system access © 2010 Museum of Fine Arts, Boston

8 Museum-Wide MFA Computer Use Policy Information Technology and System User Responsibilities I.T. Policies MFA Computer Network Accounts: Policies and Procedures MFA Employee Departure Policy and Procedure MFA Mobile Device Policy: Laptops and Off- Site Computers Network Security Policy: Unauthorized Devices I.T. Service Request Procedures Financial Policies MFA Mobile Device Policy: Cell Phones + Smart Phones © 2010 Museum of Fine Arts, Boston

9 Leverage existing systems and procedures New Employee Orientation PCI Data Inventory Track-It! Incident Reporting On-line Publishing Intranet Sharepoint Incident Dashboard © 2010 Museum of Fine Arts, Boston

10 Obtaining Budget for New Services Time Commitment for Application-Data Inventory and Risk Analysis Ongoing Time Commitment for Education and Annual Review © 2010 Museum of Fine Arts, Boston

11 Web site requirements Vendor Registration Form Security Incident Dashboard Network Vulnerability Scan © 2010 Museum of Fine Arts, Boston

12 Increased Security Awareness Increased knowledge of our systems Potential reuse of Data Inventory results © 2010 Museum of Fine Arts, Boston

Download ppt "Data Security Best Practices for Non-Profits & Foundations © 2010 Museum of Fine Arts, Boston John C. Newman Highland Street Foundation Breakfast Seminar."

Similar presentations

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
606 CMR 14.00: Background Record Checks What you need to know!

606 CMR 14.00: Background Record Checks What you need to know!
Identify risks with mobile devices: Portable data storage Wireless connections 3 rd party applications Data integrity Data availability 2.

Identify risks with mobile devices: Portable data storage Wireless connections 3 rd party applications Data integrity Data availability 2.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Case Franchise Support & Training. Case Support Who? Who do I call for support? What? What types of questions can be answered by the corporate support.

Case Franchise Support & Training. Case Support Who? Who do I call for support? What? What types of questions can be answered by the corporate support.
New PCI Credit Card Security Requirements An in depth look at how to apply the new standards and protect your institution.

New PCI Credit Card Security Requirements An in depth look at how to apply the new standards and protect your institution.
Security Education and Awareness Workshop January 15-16, 2004 Baltimore, MD.

Security Education and Awareness Workshop January 15-16, 2004 Baltimore, MD.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Implementing MA 201 CMR 17.00 in a cultural institution… Richard Snow Director of Information Technology Mount Auburn Cemetery

Implementing MA 201 CMR in a cultural institution… Richard Snow Director of Information Technology Mount Auburn Cemetery
Information Security Awareness:

Information Security Awareness:
The Necessity of Collaboration A State-Wide Plan Ray Walker CIO UVU.

The Necessity of Collaboration A State-Wide Plan Ray Walker CIO UVU.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
BUSINESS SERVICES PLANNING PRIORITIES FOR 2010-11.

BUSINESS SERVICES PLANNING PRIORITIES FOR
Effective Customer Service: Exploring the process from beginning to end.

Effective Customer Service: Exploring the process from beginning to end.
New Data Regulation Law 201 CMR 17.00. TJX Video.

New Data Regulation Law 201 CMR TJX Video.
©2013 Cengage Learning. All Rights Reserved. Business Management, 13e Technology and Information Management 12.1 12.1Electronic Technology Fundamentals.

©2013 Cengage Learning. All Rights Reserved. Business Management, 13e Technology and Information Management Electronic Technology Fundamentals.
 Value Proposition  Key Features  A Closer Look  Operational Support  Essential Payback Employee Access TM Your Window to Employee and Manager Self-Service.

 Value Proposition  Key Features  A Closer Look  Operational Support  Essential Payback Employee Access TM Your Window to Employee and Manager Self-Service.
Confidential Crisis Management Innovations, LLC. CMI CrisisPad TM Product Overview Copyright © 2011, Crisis Management Innovations, LLC. All Rights Reserved.

Confidential Crisis Management Innovations, LLC. CMI CrisisPad TM Product Overview Copyright © 2011, Crisis Management Innovations, LLC. All Rights Reserved.
Audit Challenges and Best Practices in a Research University Environment NSAA Annual Conference Jeffrey Huskamp Vice President and CIO.

Audit Challenges and Best Practices in a Research University Environment NSAA Annual Conference Jeffrey Huskamp Vice President and CIO.
Information Security Training for Management Complying with the HIPAA Security Law.

Information Security Training for Management Complying with the HIPAA Security Law.

Similar presentations

Ads by Google