Download presentation
Presentation is loading. Please wait.
1
Secure Data Transmission James Matheke Information Security Architect Ohio Department of Job and Family Services
2
IT Security Management Critical Success Factors Managing Confidentiality, Integrity, and Availability of IT Services and Data Providing Security Cost Effectively Proactively Addressing Security Improvements Where Needed Source: ITIL
3
How to Share Data Securely with Other Organizations Key Findings –If the IT organization does not proactively address the issue with policies and practical alternatives, then end users will obtain their own mechanisms for sharing sensitive information externally, resulting in unwanted and potentially harmful data leakage. –A growing variety of convenient and cost-effective technologies enable data owners to control the use of their data, even when it is accessed and modified on noncorporate PCs. –Despite availability of technical solutions, lack of appropriate care is the primary cause of unintended data leakage. The most significant control is to ensure that your staff and their external partners are aware of the problem, are willing to help prevent data leakage and know how to share information safely.
4
How to Share Data Securely with Other Organizations Recommendations –Implement a policy and educational campaign to ensure that employees perform a careful risk analysis before sharing sensitive data with external audiences. –Begin experimenting with mandatory forms of data protection technology. –Look for practical mechanisms to detect and reduce inappropriate use of information through access controls and activity monitoring, remembering that highly motivated persons will always find ways to circumvent controls. Source: Gartner
5
What are Your Four Greatest File Transfer Concerns? Source: Ziff Davis
6
FTP Use is Growing Despite the Risks FTP is not secure FTP is not free FTP is unreliable FTP is unmanaged FTP is susceptible to security breaches
7
Secure File Transfer Control End User –Manual –Automated System-to-System Centralized System
8
Secure File Transfer Mechanics File Encryption (e.g. WinZip) Network –Private Line with or without Encryption –Virtual Private Network (VPN) Site-to-Site State Wide Remote Access Source: Gartner
9
Secure File Transfer Mechanics Application/Protocol –SFTP (Secure FTP over SSH) Private/Public Keys –FTPS (Secure FTP over SSL) Certificate –HTTPS (HTTP over SSL) Password –Proprietary (e.g. Sterling Connect:Direct Secure+) Private/Public Keys
10
Secure File Transfer Best Practices Ensure Confidentiality and Integrity of data both at rest and in transit. Ensure authenticity of all users and processes involved in your transactions. Implement appropriate access control and authorization throughout the transaction lifecycle. Minimize performance and availability cost created by the security controls. Implement a centralized system to deploy, maintain, and monitor security components. Source: SSH
11
Secure File Transfer Checklist Contract/Agreement for data sharing Ensure perimeter security at the DMZ No storage of data in the DMZ Harden the System/Server Log and audit usage Eliminate anonymous users Leverage existing security infrastructure (e.g. LDAP) Use strong authentication No hard coding of credentials in scripts
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.