Women in Technology 2009 Mary Henthorn
Security Prevent loss, theft, or inappropriate access Privacy Ensure freedom from intrusion or disturbance Security Policies Protect Privacy
Whos responsible?
Chief Executive Officer Chief Technology Officer Chief Security Officer IT Professional Other Business Mom Everyone
Physical Logical
Cameras Logs Monitoring Breach notification letters Data backup tapes RFID
Breach laws Freedom of information $20 Million Settlement on VA Data Theft State tape with data on 800,000 missing
Know your enemies Classify your assets Identify constraints and parameters Assess risks Implement security, develop policies Repeat!
Physical Equipment failure Natural disaster Manmade disaster Theft Logical Malware Denial of service Data corruption
Physical accessibility Physical weaknesses Location People Application weaknesses Memory, input, race, privilege, user interface Inadequate access control
Property Dollar value Systems Criticality Data Sensitivity Extremely Critical CriticalNot Critical
Laws Regulations Contracts Policies
Violation of law Disclosure of personal information Violation of contracts, regulations, or policy Loss of revenue Misuse of resources Corruption of data Unavailable resources Loss of reputation Criminal or civil liability Loss of trust
1. Use and update firewalls and anti-virus 2. Properly setup and patch OS and applications 3. Use appropriate authentication – passwords 4. Lock unattended workstations 5. Backup data 6. Use the Internet with caution 7. Be careful with , social networking 8. Review security regularly 9. Respond to incidents appropriately 10. Recognize security is everyones responsibility
Layers of protection Internet access point traffic analysis Router firewall Desktop firewall Fence and secured gate Locked front door Locked office door
Variety of protection Firewall Anti-virus Authentication Security cameras Locked doors and file cabinets Scanners
Computer Emergency Readiness Team National Institute of Standards and Technology Identity Theft Arkansas Security