Presentation is loading. Please wait.

Presentation is loading. Please wait.

Crossing Organizational Boundaries to Achieve Mutual Security

Published byÁgoston Mezei Modified over 5 years ago

Similar presentations

Presentation on theme: "Crossing Organizational Boundaries to Achieve Mutual Security"— Presentation transcript:

1 Crossing Organizational Boundaries to Achieve Mutual Security
Peter J. Murray, Ph.D. James E. McNamee, Ph.D. Vice President and CIO Associate Dean and CIO University of Maryland Baltimore University of Maryland School of Medicine

2 IT Security Challenges and Preparedness
Many organizations have recognized the problem’s severity and are working to minimize the risk and damage from the next computer virus or attack on network and systems. The degree of preparedness, however, varies from one organization to the next, and some institutions of higher education have yet to develop quality IT security services. Kvavik and Voloudakis (2003). Information Technology Security: Governance, Strategy, and Practice in Higher Education, Research Study from the Educause Center for Applied Research.

3 University of Maryland Baltimore (UMB)
Large, complex academic health, human services, law and hospital center Addressing IT security challenges and problems in a complex environment CIOs agreed to change the culture and build a collaborative environment

4 Building a Collaborative Environment
A multi-organization IT security strategy Help desk coordination Security technologies implemented Policies and procedures re-written Preparing for HIPAA Privacy rule Closing organizational “gaps” Yet, the security program was still not strong enough

5 Rising Threats, Regulatory Compliance
Virus infections and hack attempts Grow 150% yearly Deplete bandwidth Threaten research, teaching and business processes HIPAA regulations impact healthcare IT Federal mandate Calls for IS preparedness

6 Joint Organizational Response
Leadership jointly called for safe computing CIOs formed technical Security Committee Campus (UMB) School of Medicine (SoM) Physicians practice plan (UPI) Hospital (UMMC) Committee charged to write standards and policies to boost network and workstation security

7 Existing State UMB Acceptable Use Policy Disparate IT practices
Defined allowed and prohibited behaviors on the network Disparate IT practices No device naming conventions Mix of managed and unmanaged workstations Laissez faire security measures

8 Low-Hanging Security Fruit
Network device naming Password management Anti-virus management OS patch management Remote access Incident response

9 HIPAA Security-Inspired
Media reuse/disposal Mobile devices Authentication & authorization Termination of access Secure transmission Disaster recovery Etc.

10 The Security Committee: Other Success Factors
Leadership direction and support Improved communication Professional and social interaction Sharing expertise Openness and collaborative spirit No organizational barriers, just problem-solving Cohesiveness, effectiveness, and mutual benefit

11 Plans for the Future Use Collaborative Solutions Model for other initiatives Additional Working Committees formed: Directory services Wireless eLearning Technology classrooms We show by example that by sharing goals, expertise, knowledge, and resources, mutual benefits and success with information technology can be achieved within, and across, organizational boundaries.

Download ppt "Crossing Organizational Boundaries to Achieve Mutual Security"

Similar presentations

Infrastructure Services. Introducing Al-Futtaim Technologies One of the regions leading System Integrators Strong partnerships with leading global ICT.

Infrastructure Services. Introducing Al-Futtaim Technologies One of the regions leading System Integrators Strong partnerships with leading global ICT.
National HIT Agenda and HIE - 2007 John W. Loonsk, M.D. Director of Interoperability and Standards Office of the National Coordinator Department of Health.

National HIT Agenda and HIE John W. Loonsk, M.D. Director of Interoperability and Standards Office of the National Coordinator Department of Health.
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
National Public Health Performance Standards Program Orientation to the Essential Public Health Services.

National Public Health Performance Standards Program Orientation to the Essential Public Health Services.
New Technologies for Tuberculosis Control: Programme Perspective Draft Definitions Retooling Task Force Meeting Geneva, Switzerland 15-16 January 2008.

New Technologies for Tuberculosis Control: Programme Perspective Draft Definitions Retooling Task Force Meeting Geneva, Switzerland January 2008.
PORTFOLIO.

PORTFOLIO.
Making Sense out of the Information Security and Privacy Alphabet Soup in terms of Data Access A pragmatic, collaborative approach to promulgating campus-wide.

Making Sense out of the Information Security and Privacy Alphabet Soup in terms of Data Access A pragmatic, collaborative approach to promulgating campus-wide.
CAMP Med Building a Health Information Infrastructure to Support HIPAA Rick Konopacki, MSBME HIPAA Security Coordinator University of Wisconsin-Madison.

CAMP Med Building a Health Information Infrastructure to Support HIPAA Rick Konopacki, MSBME HIPAA Security Coordinator University of Wisconsin-Madison.
Chapter 4: Security Policy Documents & Organizational Security Policies.

Chapter 4: Security Policy Documents & Organizational Security Policies.
Prepared for: DISA September 17, 2003 Establishing a Government Information Security System Presented to the IT AND COMMUNICATIONS SYSTEMS SECURITY CONFERENCE.

Prepared for: DISA September 17, 2003 Establishing a Government Information Security System Presented to the IT AND COMMUNICATIONS SYSTEMS SECURITY CONFERENCE.
Security Controls – What Works

Security Controls – What Works
Affiliated Information Security Collaborative An Affiliated Enterprise Approach to Information Security Deans and Vice Presidents Meeting April 17, 2014.

Affiliated Information Security Collaborative An Affiliated Enterprise Approach to Information Security Deans and Vice Presidents Meeting April 17, 2014.
Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.

Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.
© 2003, EDUCAUSE/Internet2 Computer and Network Security Task Force Computer Access, Privacy and Security: Legal Obligations and Liabilities Rodney J.

© 2003, EDUCAUSE/Internet2 Computer and Network Security Task Force Computer Access, Privacy and Security: Legal Obligations and Liabilities Rodney J.
Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.

Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.
Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.

Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.
SLIDE 1 Innovations Conference March 2012. SLIDE 2 The National Lone Star Report Aligning Technology with Student Success.

SLIDE 1 Innovations Conference March SLIDE 2 The National Lone Star Report Aligning Technology with Student Success.
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
HASTILY FORMED NETWORKS. Hastilly Formed Networks The ability to form multi-organizational networks rapidly is crucial to humanitarian aid, disaster relief,

HASTILY FORMED NETWORKS. Hastilly Formed Networks The ability to form multi-organizational networks rapidly is crucial to humanitarian aid, disaster relief,
Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,

Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,

Similar presentations

Ads by Google