Secure Communications Tony Payne YJB IT Security Officer

Slides:

Advertisements

Similar presentations

Data Security Breach Code of Practice. Data Security Concerns Exponential growth in personal data holdings Increased outsourcing 3 rd countries cloud.

Advertisements

The Office of Information Technology Network Access Control (NAC) Anthony Espinoza Information Security Officer UTSA Office of Information Security.

Domestic Violence Information System (DVIS) Presented by The Office of the State Attorney Fifteenth Judicial Circuit Palm Beach County, Florida.

Domestic Violence Information System (DVIS) Presented by The Office of the State Attorney Palm Beach County, Florida Michael F. McAuliffe State Attorney.

Secure Transit & Storage HOW TO SECURELY STORE & SEND CONFIDENTIAL DATA by The UTHSC Information Security Team.

ICS 417: The ethics of ICT 4.2 The Ethics of Information and Communication Technologies (ICT) in Business by Simon Rogerson IMIS Journal May 1998.

 Act as Executive Officer of the chapter;  Assist the chapter to meet the goals of ANAC and the chapter;  Facilitate communication and a collaborative.

Data-Sharing and Governance Consultation ANALYSIS OF RESPONSES.

PRIVACY COMPLIANCE An Introduction to Privacy Privacy Training.

Safeguarding and behaviour management: Staff and young people, community and custody Phil Sutton Head of Business Change and Benefits Realisation, YJB.

Access to Electronic Media Acceptable Use Policy August 8, 2011 Meece Middle School.

Social Engineering Jero-Jewo. Case study Social engineering is the act of manipulating people into performing actions or divulging confidential information.

Appropriate Adult scheme models December Contents Introduction to Appropriate Adults Appropriate Adult scheme models What models are available?

2014 Redrock Software Conference 160 Characters Or Less Communicating With Students Through Trac With Iliana Ramos And Jennifer Turley.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.

IT Security Challenges In Higher Education Steve Schuster Cornell University.

Duncan Woodhouse – Assistant Registrar for Information Security, Risk Management and Business Continuity Helen Wollerton – Administrative Officer (Legal.

Information Asset Classification

Managing Offender’s Personal Property Corrections Technology Association Charleston, SC Tuesday May 8, 2007.

TTBIZLINK PROJECT MINISTRY OF TRADE, INDUSTRY, INVESTMENT & COMMUNICATIONS.

Extranet Enhancements JTC Spring 2015 May 13, 2015.

Overview Of Information Security Management By BM RAO Senior Technical Director National Informatics Centre Ministry of Communications and Information.

Code of Conduct University of New England. Employment at the University carries with it an obligation to act in the public interest. All staff members.

 Board Policy GBEAA (The Internet Acceptable Use Policy): › “Employees will have access to the Internet for the purpose of instruction, resources and.

Joseph Kummer Terri Berry Brad White.  1. Specific instances of employee hacking and the consequences which resulted therefrom.  2. How employees utilize.

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

Recordkeeping for Councillors

Dimensions of E – Commerce Security

What are the rules? Information technology is available to every student, faculty and staff member in support of the essential mission of the University.

LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.

1 SMART Training Update – May 2011 Michaela Butterworth.

The Data Protection Act What Data is Held on Individuals? By institutions: –Criminal information, –Educational information; –Medical Information;

INFORMATION SHARING TOOLKIT Presentation by Sarah Maynard Planning & Service Development Officer Commissioning & Service Development Team Trafford CYPS.

Information Asset Classification Community of Practicerev. 10/24/2007 Information Asset Classification What it means to employees.

Data Protection Property Management Conference. What’s it got to do with me ? As a member of a management committee responsible for Guiding property you.

How to apply for jobs. After creating your account the Financial Aid Office will view and approve your request to be a supervisor within 24 hours.

to Groups Robby Seitz. What is it? It gives authorized users the ability to send messages to employees and students without having to manage.

Secure into Care Homes Toolkit October 2015.

SCHOOLS FINANCE OFFICERS MEETINGS Records Management, “Paper-Lite” Environments and Procedures when a school closes Elizabeth Barber.

Change in Business Process for Requests for Supplier Adds/Updates Procurement Services December 2008.

Government Agency’s Name April  At the end of this course, the learner will be able to: ◦ Define personally identifiable information ◦ List examples.

A REVIEW OF THE NPSD’S ACCEPTABLE USE POLICIES AND ADMINISTRATIVE REGULATIONS JUNE 17 TH & 20 TH TEACHER IN-SERVICE The Acceptable Use of Technology 1.

Government Agency’s Name April Identity Theft is when someone steals your personal information and uses it as their own, usually for some financial.

A REVIEW OF THE NPSD’S ACCEPTABLE USE POLICIES AND ADMINISTRATIVE REGULATIONS JUNE 17 TH & 20 TH TEACHER IN-SERVICE The Acceptable Use of Technology 1.

Going live at [INSTITUTION] on [DATE]. At [INSTITUTION] we are committed to providing a safe and secure environment for all of our students, faculty.

Information Security January What is Information Security?  Information Security is about the physical security of our equipment and networks as.

Data protection—training materials [Name and details of speaker]

Sharing Personal Data ‘What you need to know’ Corporate Information Governance Team Strategic Intelligence.

Section 13 Activities. Activity 1 Complete the following table with possible reasons why ICT security might be compromised Security BreachPossible reason.

 How to Reach Us  Service Support Levels  Support Definitions & Standards  Response Levels  Point of Contact  Our Escalation Processes  Expect a.

Proper Internet and Social Media Usage Internet Usage While on Premise Board Policy GBEAA (The Internet Acceptable Use Policy): “Employees will.

Assessing and Meeting the Needs of Individuals in the Secure Estate Overview.

HIPAA Training. What information is considered PHI (Protected Health Information)  Dates- Birthdays, Dates of Admission and Discharge, Date of Death.

Security Bob Cowles

Understanding Privacy An Overview of our Responsibilities.

Introduction to Data Protection Plan »Brief Introduction to Data Protection  Example  Principles  P3, 4, 7  Sensitive Data  Conditions for Processing.

Purpose of Youth Criminal Justice Act Purpose of Youth Criminal Justice Act Mechanics of the YCJA Mechanics of the YCJA Consequences under YCJA Consequences.

Data Protection and Confidentiality

Data Protection Session

SAMMS Secure Authorized Monitored Messaging System

GDPR - Individual’s Rights

General Data Protection Regulation

Move this to online module slides 11-56

Pooja programmer,cse department

Identify the laws and guidelines that affect day-to-day use of IT.

Operation Encompass Information for Headteachers and DSL’s

Understanding Data Protection

Handling information 14 Standard.

Presentation transcript:

Secure Communications Tony Payne YJB IT Security Officer

Overview: The YJB and Youth Offending Teams share data on a regular basis, be it for project or BAU purposes To facilitate the sharing of data, in particular young offender personal data, certain controls have to be implemented to ensure the data is communicated securely The data processed as part of the YJS, relating to Young People, is sensitive in its nature and could cause harm or distress to the individual or incur reputational damage and financial consequences to the YJB or local authority if lost or misplaced. If there is a data breach where a member of staff communicates sensitive data insecurely, then the YJB has a duty to log and report it as a security breach. If the breach contains a large amount of personal data or data that is particularly sensitive, the incident report may get escalated to the Information Commissioners Office

Secure ICT Communication Methods There are two approved methods, which both the YJB and users of the Youth Justice System (YOT’s, Local Authorities etc) can communicate securely. Connectivity User Group and Secure . Connectivity User Group The YJS Connectivity System provides a secure mechanism for the transfer of data between various stakeholders within the youth justice community. Secure - There are currently two options with regards to secure ; CJSM – Criminal Justice Secure Mail, YJB’s preferred option GCSX – (Government Connect Secure Extranet) Mail

Points to note regarding communication All data of a sensitive nature (including YP personal data) should be sent from a secure address to YJB address, preferably via a CJSM account. For example; to or if you have a GCSX address to The below communication method examples are not secure and must not be used to transmit sensitive data; to to

Security Breaches and the Data Protection Act The YJB have stipulated controls in Data Sharing Agreements and Information Sharing Policies, both organisations should follow to ensure the confidentiality and integrity of sensitive data. What questions need asking prior to communicating personal/sensitive data; Is the address I’m sending from secure ? Is the address I’m sending to secure ? Do I need to send the data at all ?