Presentation is loading. Please wait.

Presentation is loading. Please wait.

In Support of Security Standards Randy Robertson.

Published byCarmella McKinney Modified over 9 years ago

Similar presentations

Presentation on theme: "In Support of Security Standards Randy Robertson."— Presentation transcript:

1 In Support of Security Standards Randy Robertson

2 Data Security Many companies use data for critical functions Many companies use data for critical functions Data often private or confidential Data often private or confidential Highest organizational priority is to keep data from corruption or unauthorized access Highest organizational priority is to keep data from corruption or unauthorized access Most use Database Management Systems to manage and secure data Most use Database Management Systems to manage and secure data

3 Problems Treatment of Data Treatment of Data Types of Data Types of Data Different Organizations Different Organizations Difficult to work with other companies Difficult to work with other companies HIPAA legislation – just the beginning? HIPAA legislation – just the beginning?

4 Problems Many organizations have several options when designing or updating their database system. Many organizations have several options when designing or updating their database system. Each has different options and configurations Each has different options and configurations Difficult to select the right system Difficult to select the right system

5 Research Iachello (2003) Iachello (2003) Argues for adding data protection standards Argues for adding data protection standards EU more strict regarding data then U.S. EU more strict regarding data then U.S. Points raised Points raised Regulations changing among different nations Regulations changing among different nations Confusion regarding 3 areas of data Confusion regarding 3 areas of data Legislation Legislation Technology Technology Process Design Process Design

6 Research Vieira (2005) Vieira (2005) Not all data is considered critical Not all data is considered critical DBMS classification DBMS classification Security Class Level Security Class Level Class 0 to Class 5 Class 0 to Class 5 Security Requirements Fulfillment Security Requirements Fulfillment Percentage rating from 0 to 100 Percentage rating from 0 to 100 Compares DBMS within the same class level Compares DBMS within the same class level

7 Solution Agree with both papers Agree with both papers Change in Vieira’s proposal Change in Vieira’s proposal Add measure for past history Add measure for past history Flaws and Vulnerabilities Flaws and Vulnerabilities

8 Solution Standards Body Standards Body Create a Security standard Create a Security standard Based on data levels Based on data levels Create a DBMS rating system Create a DBMS rating system Ability to merge with Security Standard Ability to merge with Security Standard Organization Organization Review Standards to classify data used Review Standards to classify data used Select DBMS to meet the needs Select DBMS to meet the needs

9 Solution Security Standards Benefits Security Standards Benefits Liability insurance could be easier and cheaper to purchase if standards are followed Liability insurance could be easier and cheaper to purchase if standards are followed Following standards may show due diligence of the organization if they have litigation due to a security breach Following standards may show due diligence of the organization if they have litigation due to a security breach

10 Solution DBMS Standards Benefits DBMS Standards Benefits Allow organizations the ability to identify and adapt security needs quickly. Allow organizations the ability to identify and adapt security needs quickly. Can help companies do business in other countries Can help companies do business in other countries Can also satisfy requirements when working with vendors or alliance partners. Can also satisfy requirements when working with vendors or alliance partners.

11 Solution Possible drawbacks Possible drawbacks Companies could be forced to update system and change DBMS Companies could be forced to update system and change DBMS Costs incurred from upgrade Costs incurred from upgrade Possible attacks if not secure Possible attacks if not secure DBMS would probably not support solution DBMS would probably not support solution Highlight flaws and vulnerabilities Highlight flaws and vulnerabilities

12 Questions?

Download ppt "In Support of Security Standards Randy Robertson."

Similar presentations

Bill Roettger Feature Updates for HCV-ID. Overview For Patients Collect: - Patient Information - Insurance Cards - Acceptance of Data Privacy Policy -

Bill Roettger Feature Updates for HCV-ID. Overview For Patients Collect: - Patient Information - Insurance Cards - Acceptance of Data Privacy Policy -
Confidentiality and HIPAA

Confidentiality and HIPAA
HIPAA Vendor Conference Greg Moody Executive Assistant for Health and Human Services Office of Ohio Governor Bob Taft.

HIPAA Vendor Conference Greg Moody Executive Assistant for Health and Human Services Office of Ohio Governor Bob Taft.
EHR Privacy & Security. Missouri’s Federally-designated Regional Extension Center  University of Missouri:  Department of Health Management and Informatics.

EHR Privacy & Security. Missouri’s Federally-designated Regional Extension Center  University of Missouri:  Department of Health Management and Informatics.
ATTENTION This presentation breaks down the purchasing process into 6 steps, which are then detailed in the subsequent slides. While responding from either.

ATTENTION This presentation breaks down the purchasing process into 6 steps, which are then detailed in the subsequent slides. While responding from either.
Changing Global Environment

Changing Global Environment
Information Systems Security Information Security & Risk Management.

Information Systems Security Information Security & Risk Management.
Security of Computerized Medical Information: Threats from Authorized Users James G. Anderson, Ph.D. Purdue University.

Security of Computerized Medical Information: Threats from Authorized Users James G. Anderson, Ph.D. Purdue University.
Database Administration

Database Administration
Copyright 2004 Prentice Hall

Copyright 2004 Prentice Hall
QinetiQ Proprietary www.QinetiQ.com AN ISO standard for high integrity software.

QinetiQ Proprietary AN ISO standard for high integrity software.
Chapter 19 OPERATIONS AND VALUE CHAIN MANAGEMENT © 2003 Pearson Education Canada Inc.19.1.

Chapter 19 OPERATIONS AND VALUE CHAIN MANAGEMENT © 2003 Pearson Education Canada Inc.19.1.
7 Questions You Must Ask When Buying an LMS Gavin Woods www.aurionlearning.com.

7 Questions You Must Ask When Buying an LMS Gavin Woods
Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.

Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.
Industry agreements for consumer’s benefit: the Spanish case 1 María Aránzazu del Valle Schaan General Secretary Spanish Private Insurers’ Association.

Industry agreements for consumer’s benefit: the Spanish case 1 María Aránzazu del Valle Schaan General Secretary Spanish Private Insurers’ Association.
OLDER WORKERS AND REGIONAL EMPLOYMENT POLICY Dr.Elizabeth Mestheneos 50+Hellas AGE Platform.

OLDER WORKERS AND REGIONAL EMPLOYMENT POLICY Dr.Elizabeth Mestheneos 50+Hellas AGE Platform.
A Comprehensive Solution Team Mag 5 Valerie B., Derek C., Jimmy C., Julia M., Mark Z.

A Comprehensive Solution Team Mag 5 Valerie B., Derek C., Jimmy C., Julia M., Mark Z.
The Ohio Health Insurance Exchange Exchange Presentation Audio/Visual.

The Ohio Health Insurance Exchange Exchange Presentation Audio/Visual.
Managing Procurement and Sourcing Getting What You Need.

Managing Procurement and Sourcing Getting What You Need.
NGAC Interagency Data Sharing and Collaboration Spotlight Session: Best Practices and Lessons Learned Robert F. Austin, PhD, GISP Washington, DC March.

NGAC Interagency Data Sharing and Collaboration Spotlight Session: Best Practices and Lessons Learned Robert F. Austin, PhD, GISP Washington, DC March.

Similar presentations

Ads by Google