Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Data Transmission James Matheke Information Security Architect Ohio Department of Job and Family Services.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Secure Data Transmission James Matheke Information Security Architect Ohio Department of Job and Family Services."— Presentation transcript:

1 Secure Data Transmission James Matheke Information Security Architect Ohio Department of Job and Family Services

2 IT Security Management Critical Success Factors Managing Confidentiality, Integrity, and Availability of IT Services and Data Providing Security Cost Effectively Proactively Addressing Security Improvements Where Needed Source: ITIL

3 How to Share Data Securely with Other Organizations Key Findings –If the IT organization does not proactively address the issue with policies and practical alternatives, then end users will obtain their own mechanisms for sharing sensitive information externally, resulting in unwanted and potentially harmful data leakage. –A growing variety of convenient and cost-effective technologies enable data owners to control the use of their data, even when it is accessed and modified on noncorporate PCs. –Despite availability of technical solutions, lack of appropriate care is the primary cause of unintended data leakage. The most significant control is to ensure that your staff and their external partners are aware of the problem, are willing to help prevent data leakage and know how to share information safely.

4 How to Share Data Securely with Other Organizations Recommendations –Implement a policy and educational campaign to ensure that employees perform a careful risk analysis before sharing sensitive data with external audiences. –Begin experimenting with mandatory forms of data protection technology. –Look for practical mechanisms to detect and reduce inappropriate use of information through access controls and activity monitoring, remembering that highly motivated persons will always find ways to circumvent controls. Source: Gartner

5 What are Your Four Greatest File Transfer Concerns? Source: Ziff Davis

6 FTP Use is Growing Despite the Risks FTP is not secure FTP is not free FTP is unreliable FTP is unmanaged FTP is susceptible to security breaches

7 Secure File Transfer Control End User –Manual –Automated System-to-System Centralized System

8 Secure File Transfer Mechanics File Encryption (e.g. WinZip) Network –Private Line with or without Encryption –Virtual Private Network (VPN) Site-to-Site State Wide Remote Access Source: Gartner

9 Secure File Transfer Mechanics Application/Protocol –SFTP (Secure FTP over SSH) Private/Public Keys –FTPS (Secure FTP over SSL) Certificate –HTTPS (HTTP over SSL) Password –Proprietary (e.g. Sterling Connect:Direct Secure+) Private/Public Keys

10 Secure File Transfer Best Practices Ensure Confidentiality and Integrity of data both at rest and in transit. Ensure authenticity of all users and processes involved in your transactions. Implement appropriate access control and authorization throughout the transaction lifecycle. Minimize performance and availability cost created by the security controls. Implement a centralized system to deploy, maintain, and monitor security components. Source: SSH

11 Secure File Transfer Checklist Contract/Agreement for data sharing Ensure perimeter security at the DMZ No storage of data in the DMZ Harden the System/Server Log and audit usage Eliminate anonymous users Leverage existing security infrastructure (e.g. LDAP) Use strong authentication No hard coding of credentials in scripts

Download ppt "Secure Data Transmission James Matheke Information Security Architect Ohio Department of Job and Family Services."

Similar presentations

Driving Factors Security Risk Mgt Controls Compliance.

Driving Factors Security Risk Mgt Controls Compliance.
CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Security Vulnerabilities and Conflicts of Interest in the Provider-Clearinghouse*-Payer Model Andy Podgurski and Bret Kiraly EECS Department & Sharona.

Security Vulnerabilities and Conflicts of Interest in the Provider-Clearinghouse*-Payer Model Andy Podgurski and Bret Kiraly EECS Department & Sharona.
 Group: GTR ver M  Grace Chen  Taru Singhal  Robert Szymanek  Michael Parker.

 Group: GTR ver M  Grace Chen  Taru Singhal  Robert Szymanek  Michael Parker.
Public Key Infrastructure (PKI) Hosting Services.

Public Key Infrastructure (PKI) Hosting Services.
Science Gateway Security Recommendations Jim Basney Von Welch This material is based upon work supported by the.

Science Gateway Security Recommendations Jim Basney Von Welch This material is based upon work supported by the.
Information Systems Audit Program (cont.). PHYSICAL SECURITY CONTROLS.

Information Systems Audit Program (cont.). PHYSICAL SECURITY CONTROLS.
Www.tectia.com COPYRIGHT © 2010 TECTIA CORPORATION. ALL RIGHTS RESERVED. Proactive Measures to Prevent Data Theft Securing, Auditing and Controlling remote.

COPYRIGHT © 2010 TECTIA CORPORATION. ALL RIGHTS RESERVED. Proactive Measures to Prevent Data Theft Securing, Auditing and Controlling remote.
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Security Controls – What Works

Security Controls – What Works
Chapter 17 Controls and Security Measures

Chapter 17 Controls and Security Measures
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –

Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.
THE DICOM 2014 Chengdu Workshop August 25, 2014 Chengdu, China Keeping It Safe Brad Genereaux, Agfa HealthCare Product Manager Industry Co-Chair, DICOM.

THE DICOM 2014 Chengdu Workshop August 25, 2014 Chengdu, China Keeping It Safe Brad Genereaux, Agfa HealthCare Product Manager Industry Co-Chair, DICOM.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Similar presentations

Ads by Google