Security and the Questions Business Users should be asking the Techies.

Slides:

Advertisements

Similar presentations

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.

Advertisements

Service Manager for MSPs

A university wide electronic research ethics review system?

1 SANS Technology Institute - Candidate for Master of Science Degree 1 Automating Crosswalk between SP 800, 20 Critical Controls, and Australian Government.

Confidential & Proprietary to Cooper Compliance Corporation Revised September 8, 2014 AUDiT-READY TM.

File Server Organization and Best Practices IT Partners June, 02, 2010.

Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.

Compliance on Demand. Introduction ComplianceKeeper is a web-based Licensing and Learning Management System (LLMS), that allows users to manage all Company,

General Business Secure Information Sharing in SharePoint 2010 Antonio Maio Senior Product Manager, Titus Inc.

Web Services, SOA and Security May 11, 2009 Michael Burnett.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

ELIMINATING DATA SECURITY THREATS Presented by: Michael Hartman Varonis Systems. Proprietary and confidential.

1 Host – Based Intrusion Detection “Working of Tripwire”

SYSTEM CENTER: ENDPOINT PROTECTION FUNDAMENTALS Howard A. Carter III Senior Consultant Microsoft Consulting Services September 21, 2013 TechGate 2013 –

©2011 Quest Software, Inc. All rights reserved.. Manage, Migrate & Customize SharePoint Control Your SharePoint Chaos.

Relgo Networks, Inc. Jubilee Hills, Hyderabad Realty Enterprise Resource Planning (ERP)

Compliance System Validation - An Audit Based Approach December 2012 Uday Gulvadi, CPA, CIA, CISA, CAMS Director - Internal Audit, Risk and Compliance.

Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

First Look Clinic: What’s New for IT Professionals in Microsoft® SharePoint® Server 2013 Sayed Ali (MCTS, MCITP, MCT, MCSA, MCSE )

11 SECURITY TEMPLATES AND PLANNING Chapter 7. Chapter 7: SECURITY TEMPLATES AND PLANNING2 OVERVIEW  Understand the uses of security templates  Explain.

1 GENI Operational Security GEC4 Stephen Schwab Miami, Florida.

©2011 Quest Software, Inc. All rights reserved. Patrick Hunter EMEA IDAM Team Lead 7 th February 2012 Creating simple, effective and lasting IDAM solutions.

1 Authority on Demand Flexible Access Control Solution.

User Manager Pro Suite Taking Control of Your Systems Joe Vachon Sales Engineer November 8, 2007.

Identifying Security Opportunities NetIQ Security Solution

Web Application Firewall (WAF) RSA ® Conference 2013.

1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.

Module 9 Configuring Messaging Policy and Compliance.

Microsoft SharePoint Server 2010 for the Microsoft ASP.NET Developer Yaroslav Pentsarskyy

1 Action Automated Security Breach Reporting and Corrections.

MEDIU Learning for HE Ahmad Nimer | Project Manager.

Module 9 Configuring Messaging Policy and Compliance.

Planning a Group Policy Management and Implementation Strategy Lesson 10.

Developing Policy and Procedure Management System إعداد برنامج سياسات وإجراءات العمل 8 Safar February 2007 HERA GENERAL HOSPITAL.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Network security Product Group 2 McAfee Network Security Platform.

Module 7 Planning and Deploying Messaging Compliance.

NON-COMPULSORY BRIEFING SESSION REQUEST FOR INFORMATION: ICT SECURITY SOLUTIONS RAF /2015/00019 Date: 29 September 2015 Time: 10:00.

SharePoint enhancements through SQL Server RSS integration with SharePoint What’s New Elimination of IIS

Inventory & Monitoring Program SharePoint Permissions Who has access? What can they do with the access? What is the easiest way to manage the permissions?

System Center & SharePoint On- Prem Matija Blagus, Acceleratio

Security fundamentals Topic 2 Establishing and maintaining baseline security.

Windows SharePoint 2007 Introduction. What is Microsoft SharePoint 2007? Microsoft SharePoint 2007 is the central information sharing and collaboration.

Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.

DenyAll Delivering Next-Generation Application Security to the Microsoft Azure Platform to Secure Cloud-Based and Hybrid Application Deployments MICROSOFT.

Return to the PC Security web page Lesson 4: Increasing Web Browser Security.

Web Content And Customer Relationship Management Solution. Transforming web sites into a customer-focused, revenue generating channel with less stress.

The Ultimate SharePoint Admin Tool

NON-COMPULSORY BRIEFING SESSION REQUEST FOR INFORMATION: ICT SECURITY SOLUTIONS RAF /2015/00019 Date: 29 September 2015 Time: 10:00.

Stop Those Prying Eyes Getting to Your Data

Identity and Access Management

Cybersecurity - What’s Next? June 2017

Brandon Botes #SPSJHB Records Management – Friend or Foe ???

Brandon Botes #SPSDBN Records Management – Friend or Foe ???

9/14/2018 2:22 AM THR2026 Set up secure and efficient collaboration for your organization with Office 365 Joe Davies Senior Content Developer Brenda Carter.

SAP Dynamic Authorization Management by NextLabs

SysKit Security Manager

Welcome: How to use this presentation

11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Automating Security in the Cloud

Secure once, run anywhere Simplify your security with Sophos

Brandon Botes #SPSJHB Records Management – Friend or Foe ???

GRC - A Strategic Approach

Designing IIS Security (IIS – Internet Information Service)

Securely run and grow your business

SharePoint Server Assessment Results

Protect data in core business applications

STEALTHbits Technologies, Inc.

SysKit Security Manager

Presentation transcript:

Security and the Questions Business Users should be asking the Techies

Protect web applications from attack Deploy a proven web application firewall (WAF) technology. The advantage Provide a powerful defence against common attacks, such as SQL injection and cross-site scripting. Streamline and automate regulatory compliance. Mitigate data risk. Your Question to techies What proven web application firewall (WAF) technology will you deploy to keep my site safe from attach?

Ensure access rights are aligned with business needs “Unstructured data now accounts for more than 90% of the digital universe.” – IDC 2011 Understand who has access to what data or, conversely, what data any given user or group can access, and how that access was assigned or inherited. Simplify the process of identifying where excessive access rights have been granted, if there are dormant users, and who owns each item and document. Help administrators and data owners establish a baseline snapshot of access rights and conduct rights reviews. Your Question to techies How do I aggregate permissions across the entire SharePoint deployment and automate the review process to keep rights aligned with business needs?permissions across the entire SharePoint deployment

Respond to suspicious activity in real time “96% of breaches were avoidable through simple or intermediate controls.” – Verizon Data Breach Report 2011 Native SharePoint activity auditing does not provide the ability to automatically analyse access activity and respond with an alert or block. Monitor, control and respond to suspicious activity in real time. Balance the need for trust and openness with security concerns. Your Question to techies What policy framework will you use to build rules across SharePoint’s web, file and database components to identify suspicious behaviour and complement native access controls?

Address compliance mandates “60% of organisations have yet to bring SharePoint into line with existing data compliance policies.” – AIIM 2011 Native SharePoint activity monitoring lacks an intuitive, easy-to-use interface for reporting and analytics. Without a third-party solution, businesses must first decode SharePoint’s internal representation of log data before they can access meaningful information. Generate compliance reports on time and tailored to each recipient’s needs. Drill down, filter and organise data. Enrich native data with relevant information such as type of data, department and data owner. Your Question to techies What enterprise-class technology that combines permissions and activity details to automate compliance reporting, is available as add on to native SharePoint?