Presentation is loading. Please wait.

Presentation is loading. Please wait.

Layered Security Solutions - Simplified www.SoftwareSecuritySolutions.com 303-232-9070 © 2008 Monte Robertson - CEO Layered Security Solutions – Simplified!

Published bySydni Webb Modified over 9 years ago

Similar presentations

Presentation on theme: "Layered Security Solutions - Simplified www.SoftwareSecuritySolutions.com 303-232-9070 © 2008 Monte Robertson - CEO Layered Security Solutions – Simplified!"— Presentation transcript:

1 Layered Security Solutions - Simplified www.SoftwareSecuritySolutions.com 303-232-9070 © 2008 Monte Robertson - CEO Layered Security Solutions – Simplified!

2 If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com The Layered Security Solution for Small Businesses Goals and Outcomes: Begin to understand layered security. Put information to immediate use, at home and at work. Use this to help others with awareness.

3 If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com The Small Business Situation SMB does not have the knowledge or skills to address this complex issue. Small Business Information Security Act of 2008 (Senator Olympia J. Snowe, R-Maine) As Mentors - You can help!

4 Identification of Risk What data could cause them harm if lost, changed or compromised? What do they need to protect? If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com 1.Financial Data 2.Customer Data 3.Vendor Data 4.Employee Data 5.Health Care, Investments 6.Corporate Intellectual Property 7.Investors

5 Identification of Risk What is the value of each category? Where is this information kept? What regulations apply to the business’ data? –PCI, SOX, GLB, HIPAA –E-Discovery requirements for pertinent data If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

6 Data Back-up All categories of Data 1.Critical\Non Critical 2.Email – Archiving, new legal requirements 3.Data Shares If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

7 Data Back-up Local – on site, DAS, NAS, Appliances Tape vs. new technology Off site, Online Redundancy & DR Standards & Regulations If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

8 Data Back-up Research If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com Are all areas identified & backed up? Both on & off site? What type do they use & is it efficient? Time & resources required to maintain? Time & resources required to restore? Have backups been tested? Comfort & Consequences!

9 Disaster Recovery Plan Identify and assign resources Business Continuity Insurance Tools to help If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

10 Disaster Recovery Research Disaster Recovery Journal http://www.drj.com/ Gartner http://www.gartner.com/5_about/news/disaster_recovery.html SBA http://www.sba.gov/services/disasterassistance/index.html Plans are a work in progress as business changes. Less than 10% survive without a plan If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

11 Anti Malware Client machines – laptop, desktop, mobile Servers Gateways 1.Internet, Email Changes in technology New Threats –Mashups & Web 2.0 $100 additional cost per user If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

12 Anti Malware Research Virus Bulletin http://www.virusbtn.com Anti Virus Comparatives http://www.av-comparatives.org AV Test http://www.av-test.org –Times have changed & so have solutions www.SoftwareSecuritySolutions.com/anti-virus-cost- calculator.phpwww.SoftwareSecuritySolutions.com/anti-virus-cost- calculator.php If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

13 Firewalls Gateway Inspection types Additional layers 1.Anti Malware 2.Anti Spam 3.Content Filtering 4.Intrusion prevention Personal Firewalls If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

14 Firewall Research ICSA http://www.icsa.net/icsa/icsahome.php West Coast Labs http://www.westcoastlabs.com If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

15 Email Security & Filtering All user devices Email Technology Spam 1.Volume, Cost Malware Phishing Social Engineering Archiving, Legal If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

16 Email Security Research How critical is Email to their business? Associated cost? POP3 vs. SMTP Conduct CBA on Service vs. Appliances & Software If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

17 Wireless Security Mobile Devices 1.Anti malware 2.Backup & theft recovery Wireless Networks Authentication Encryption WEP\WPA If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

18 Web Security & Filtering All user devices\Servers Shift in threat Web applications –PCI compliance Searching\Surfing Liabilities If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

19 User Education & Application updates Weakest link Threat Surface Future attacks Updates 1.OS 2.Office 3.Common apps 4.Checked regularly? If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

20 User Education Resources Employee Awareness: http://www.gocsi.com/awareness/awareness_peer_group.jhtml Security Video: http://i.cmpnet.com/gocsi/wsc/video.html World Security Challenge: http://www.gocsi.com/WSC/ Customizable Awareness Newsletter: http://www.gocsi.com/awareness/front.jhtml If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

21 Security Policy Definitions –All Layers –Acceptable Use –Consequences Resources –What to use –Who supports If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

22 Security Policy Resources Policies, Standards and Guidelines: https://www2.sans.org/resources/policies/ https://www2.sans.org/resources/policies/ If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

23 What they can (and should) do right now Network Configuration (P2P vs. Domain) Updates – 3 rd party Office machines – (all in one) Laptop encryption, theft tracking User rights File Access Physical Access If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

24 Implementing a Layered Security Solution Create a Security Policy Formulate an adoption plan Budget Start with most critical areas Set & forget not an option If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

25 Questions and Answers If your data isn’t secure, it isn’t your data.® www.SoftwareSecuritySolutions.com

26 Layered Security Solutions - Simplified www.SoftwareSecuritySolutions.com 303-232-9070 © 2008 Monte Robertson – CEO Layered Security Solutions – Simplified!

Download ppt "Layered Security Solutions - Simplified www.SoftwareSecuritySolutions.com 303-232-9070 © 2008 Monte Robertson - CEO Layered Security Solutions – Simplified!"

Similar presentations

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Women in Technology 2009 Mary Henthorn. Security Prevent loss, theft, or inappropriate access Privacy Ensure freedom from intrusion or disturbance Security.

Women in Technology 2009 Mary Henthorn. Security Prevent loss, theft, or inappropriate access Privacy Ensure freedom from intrusion or disturbance Security.
!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.

Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
Mission Critical Messaging Platform Roni Havas Unified Communications Solution Specialist Specialists Technology Unit – EPG - Microsoft Israel

Mission Critical Messaging Platform Roni Havas Unified Communications Solution Specialist Specialists Technology Unit – EPG - Microsoft Israel
Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 12, 2014 DRAFT1.

Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 12, 2014 DRAFT1.
Supporting The Mobile Client: Expanding Our Borders John Guidone Manager, Desktop Technologies and Dawn E. Colonese Manager, Help Desk & Client Access.

Supporting The Mobile Client: Expanding Our Borders John Guidone Manager, Desktop Technologies and Dawn E. Colonese Manager, Help Desk & Client Access.
4 Information Security.

4 Information Security.
Current Security Threats WMO CBS ET-CTS Toulouse, France 26-30 May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.

Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.
Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor

Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Information Security in Real Business

Information Security in Real Business
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Policies and Implementation Issues.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.

Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.
Barracuda Networks Steve Scheidegger Commercial Account Manager 734-887-2422

Barracuda Networks Steve Scheidegger Commercial Account Manager

Similar presentations

Ads by Google