Policy Development Milan Adams.

Slides:



Advertisements
Similar presentations
ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.
Advertisements

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
MOBILE DEVICES & THEIR IMPACT IN THE ENTERPRISE Michael Balik Assistant Director of Technology Perkiomen Valley School District.
Protecting Your Identity: What to Know, What to Do.
Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.
Emerging Trends: Cyber Threats Bryan Sheppard Cyber Security Defense Center.
Hey check out this cool PHISHING presentation! Benjamin Ross Lyerly.
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.
Information Systems Security for the Special Educator MGMT 636 – Information Systems Security.
Enforcing Concurrent Logon Policies with UserLock.
Logging onto the Computer for the first time And Signing the Acceptable Use Policy (AUP) for Using the Internet.
IT Security Essentials Lesley A. Bidwell, IT Security Administrator.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.
Arkansas State Law Which Governs Sensitive Information…… Part 3B
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
-Tyler. Social/Ethical Concern Security -Sony’s Playstation Network (PSN) hacked in April Hacker gained access to personal information -May have.
C HAPTER 4 A UTHENTICATION POLICY C YBER S ECURITY FOR E DUCATIONAL L EADERS : A G UIDE TO U NDERSTANDING AND I MPLEMENTING T ECHNOLOGY P OLICIES © Routledge.
Information Security Governance and Risk Chapter 2 Part 3 Pages 100 to 141.
KeePass Open Source Software James Hadvabne Open Source Software James Hadvabne.
Safe Computing Practices. Why would anyone want to hack me? 1 Krebs, Brian - “The Scrap Value of a Hacked PC, Revisited”, 12 Oct 2012,
Acceptable Use Policy by Andrew Breen. What is an Acceptable Use Policy? According to Wikipedia: a set of rules applied by many transit networks which.
Information Systems Security New Faculty Orientation Day Queen’s University August 2011 George Farah, GIAC/GSEC Gold, CRISC, CISA University Information.
Awicaksi E-Commerce Security & Payment System E-Commerce.
Logging Into Your Teachscape Account. Username: (your school address) Password: teach.
Safe Computing Practices. Why would anyone want to hack me? 1 Krebs, Brian - “The Scrap Value of a Hacked PC, Revisited”, 12 Oct 2012,
@ BCHS. The School Policy is your guide to ensuring you and your students are safe. It is your responsibility to make yourself aware and familiar with.
Data Security at Duke DECEMBER What happened: “At this time, we have no indication that research data or personal data managed by Harvard systems.
Langara College PCI Awareness Training
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
USDA 2016 Financial Management Training Transforming Shared Services Cyber Security Presented by Jack Blount.
Appendix A: Designing an Acceptable Use Policy. Overview Analyzing Risks That Users Introduce Designing Security for Computer Use.
How to Enable Account Key Sign Instead Of Password In Yahoo? For more details:
IT Security, Crime, Compliance, and Continuity
 Xfinity is an American based company  Xfinity is basically a telecommunication company  They provide network services to the people of America  Xfinity.
BEST PRACTICES FOR AN IT SECURITY ASSESSMENT
Protecting Your Identity:
2016 Cybersecurity Law If any one of these describes your company
Some Methods Phishing Database & Password Exploits Social Engineering & Networking Weak Controls Default Accounts & Passwords Dated Software & Patch.
I S P S loss Prevention.
Be Safe, use Password Protection Michael Hodges ITS, Identity and Access Management
Data Compromises: A Tax Practitioners “Nightmare”
Cyber Attacks on Businesses 43% of cyber attacks target small business Only 14% of small business rate their ability to mitigate cyber risk highly.
Forensics Week 11.
Rogers Customer Support Tech Support Rogers is substantially becoming the most used service provider nowadays for each and.
Information Security CIS 9002 Kannan Mohan Department of CIS
Malware, Phishing and Network Policies
Martus Account Set Up Benetech is a non-profit organization that develops and supports Martus, a secure information management software for human rights.
FOX3T Internal Policy Audit.
K. HAAS, J. HUISMAN, P. KAPOOR, T. SZOCS
What You MUST Do Be aware of what constitutes Personally Identifiable Information (PII) Protect this information and passwords that.
Computer Security.
Protecting Your Company’s Most Valuable Asset
Anatomy of a Large Scale Attack
Title: File Management Learning Intentions
Logging in How to log in to the Edge Hill Network.
General Data Protection Regulation Q & A Session
Who am I?. Information Security and You: Identity Theft and Credit Card Encryption.
Computer Networks Lesson 5.
Anthem Data Breach Group 2: Jing Jiang, Dongjie Wang, Haitao Huang, Binju Gaire, Parneet Toor.
Yahoo Mail Technical Support Expert Number
Unit 1.6 Systems security Lesson 1
Colorado “Protections For Consumer Data Privacy” Law
Session 1 – Introduction to Information Security
What You MUST Do Be aware of what constitutes Personally Identifiable Information (PII) Protect this information and passwords that.
Cybersecurity Simplified: Phishing
Presentation transcript:

Policy Development Milan Adams

Why do we need policies Tell us what to do Keep us safe Better security

IT Specific policies Email Acceptable Use Policy (AUP) Personal Identification Information (PII)

Email Policies Inform the user what he or she is allowed to email, inter-company or intra-company Inform the users of what a phishing attack is and how to identify one and report it to the IT security staff Include a stipulation about how users should react if their email account was compromised

AUP Describes the key points of special importance to users Personal use Behavioral expectations Employees should be required to read and sign

PII Include all personal information about employees How they are stored and encrypted What to do if there is a breech

PlayStation Network 2011 Confirmed around 77 million users accounts had breach Personal Identifiable Information was stolen Surpassed TJX hack Failed to notify users immediately Non encrypted information Usernames, passwords

PlayStation Network 2011 Possibly poor policy Could be why Sony delayed Didn’t know what to do No procedures in place

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.