Secure Data Transmission James Matheke Information Security Architect Ohio Department of Job and Family Services.

Slides:



Advertisements
Similar presentations
Driving Factors Security Risk Mgt Controls Compliance.
Advertisements

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Security Vulnerabilities and Conflicts of Interest in the Provider-Clearinghouse*-Payer Model Andy Podgurski and Bret Kiraly EECS Department & Sharona.
 Group: GTR ver M  Grace Chen  Taru Singhal  Robert Szymanek  Michael Parker.
Public Key Infrastructure (PKI) Hosting Services.
Science Gateway Security Recommendations Jim Basney Von Welch This material is based upon work supported by the.
Information Systems Audit Program (cont.). PHYSICAL SECURITY CONTROLS.
COPYRIGHT © 2010 TECTIA CORPORATION. ALL RIGHTS RESERVED. Proactive Measures to Prevent Data Theft Securing, Auditing and Controlling remote.
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Security Controls – What Works
Chapter 17 Controls and Security Measures
Security+ Guide to Network Security Fundamentals
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.
THE DICOM 2014 Chengdu Workshop August 25, 2014 Chengdu, China Keeping It Safe Brad Genereaux, Agfa HealthCare Product Manager Industry Co-Chair, DICOM.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School
Payment Card Industry (PCI) Data Security Standard
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
Website Hardening HUIT IT Security | Sep
Sybase Confidential Propriety.iAnywhere ConfidentialiAnywhere Confidential Proprietary.Sybase Confidential Propriety. Addressing the Challenges of Device.
Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam
Information Security Technological Security Implementation and Privacy Protection.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
ELKAT Security Engineering Ltd. Poland Activity Plan Avi Arbili Regional Sales Director – Europe Cell:+972-(0) 52 – Tel: +972-(0) Fax:
Storage Security and Management: Security Framework
1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
Joseph Ferracin Director IT Security Solutions Managing Security.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:
Virtual Private Network (VPN) Topics Discussion What is a VPN? What is a VPN?  Types of VPN  Why we use VPN?  Disadvantage of VPN  Types of.
Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,
Directory and File transfer Services By Jothi. Two key resources Lightweight Directory Access Protocol (LDAP) File Transfer protocol Secure file transfer.
System Security Basics. Information System Security The protection of information systems against unauthorized access to or modification of information,
Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.
Database Security and Data Protection Suseel Pachalla, CISSP.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Cloud Computing Security Keep Your Head and Other Data Secure in the Cloud Lynne Pizzini, CISSP, CISM, CIPP Information Systems Security Officer Information.
12 Steps to Cloud Security A guide to securing your Cloud Deployment Vishnu Vettrivel Principal Engineering Lead,
Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.
CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Chapter 2 Securing Network Server and User Workstations.
Identity Assurance Emory University Security Conference March 26, 2008.
DICOMwebTM 2015 Conference & Hands-on Workshop University of Pennsylvania, Philadelphia, PA September 10-11, 2015 Keeping it Safe – Securing DICOM Robert.
Security Environment Assessment. Outline  Overview  Key Sources and Participants  General Findings  Policy / Procedures  Host Systems  Network Components.
© ITT Educational Services, Inc. All rights reserved. IS3230 Access Security Unit 7 Authentication Methods and Requirements.
Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
IS3220 Information Technology Infrastructure Security
By: Matt Winkeler.  PCI – Payment Card Industry  DSS – Data Security Standard  PAN – Primary Account Number.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.
Citrix: Proactively Addressing Enterprise Wide Access Compliance with SAP® Access Violation Management Company Citrix Systems Inc. Headquarters Ft. Lauderdale,
Tim Carter Sales Director Sybase Confidential Propriety.
THE STEPS TO MANAGE THE GRID
Tim Carter Sales Director Sybase Confidential Propriety.
How to Mitigate the Consequences What are the Countermeasures?
Designing IIS Security (IIS – Internet Information Service)
Presentation transcript:

Secure Data Transmission James Matheke Information Security Architect Ohio Department of Job and Family Services

IT Security Management Critical Success Factors Managing Confidentiality, Integrity, and Availability of IT Services and Data Providing Security Cost Effectively Proactively Addressing Security Improvements Where Needed Source: ITIL

How to Share Data Securely with Other Organizations Key Findings –If the IT organization does not proactively address the issue with policies and practical alternatives, then end users will obtain their own mechanisms for sharing sensitive information externally, resulting in unwanted and potentially harmful data leakage. –A growing variety of convenient and cost-effective technologies enable data owners to control the use of their data, even when it is accessed and modified on noncorporate PCs. –Despite availability of technical solutions, lack of appropriate care is the primary cause of unintended data leakage. The most significant control is to ensure that your staff and their external partners are aware of the problem, are willing to help prevent data leakage and know how to share information safely.

How to Share Data Securely with Other Organizations Recommendations –Implement a policy and educational campaign to ensure that employees perform a careful risk analysis before sharing sensitive data with external audiences. –Begin experimenting with mandatory forms of data protection technology. –Look for practical mechanisms to detect and reduce inappropriate use of information through access controls and activity monitoring, remembering that highly motivated persons will always find ways to circumvent controls. Source: Gartner

What are Your Four Greatest File Transfer Concerns? Source: Ziff Davis

FTP Use is Growing Despite the Risks FTP is not secure FTP is not free FTP is unreliable FTP is unmanaged FTP is susceptible to security breaches

Secure File Transfer Control End User –Manual –Automated System-to-System Centralized System

Secure File Transfer Mechanics File Encryption (e.g. WinZip) Network –Private Line with or without Encryption –Virtual Private Network (VPN) Site-to-Site State Wide Remote Access Source: Gartner

Secure File Transfer Mechanics Application/Protocol –SFTP (Secure FTP over SSH) Private/Public Keys –FTPS (Secure FTP over SSL) Certificate –HTTPS (HTTP over SSL) Password –Proprietary (e.g. Sterling Connect:Direct Secure+) Private/Public Keys

Secure File Transfer Best Practices Ensure Confidentiality and Integrity of data both at rest and in transit. Ensure authenticity of all users and processes involved in your transactions. Implement appropriate access control and authorization throughout the transaction lifecycle. Minimize performance and availability cost created by the security controls. Implement a centralized system to deploy, maintain, and monitor security components. Source: SSH

Secure File Transfer Checklist Contract/Agreement for data sharing Ensure perimeter security at the DMZ No storage of data in the DMZ Harden the System/Server Log and audit usage Eliminate anonymous users Leverage existing security infrastructure (e.g. LDAP) Use strong authentication No hard coding of credentials in scripts

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.