2 3 4 5 6 Incoming Call: Dad 7 8 9 10 Incoming Call: Justin.
41
-
Upload
robert-wood -
Category
Documents
-
view
223 -
download
1
Transcript of 2 3 4 5 6 Incoming Call: Dad 7 8 9 10 Incoming Call: Justin.
- Slide 1
- Slide 2
- Slide 3
- 2
- Slide 4
- 3
- Slide 5
- 4
- Slide 6
- 5
- Slide 7
- 6 Incoming Call: Dad
- Slide 8
- 7
- Slide 9
- 8
- Slide 10
- 9
- Slide 11
- 10 Incoming Call: Justin
- Slide 12
- 11
- Slide 13
- 12
- Slide 14
- 13
- Slide 15
- 14 Incoming Mail: The Boss
- Slide 16
- 15
- Slide 17
- 16
- Slide 18
- 17
- Slide 19
- 18
- Slide 20
- 19
- Slide 21
- 20
- Slide 22
- 21
- Slide 23
- Salford IT Internal Audit Services A..B..C..D..E.......GYOD Presentation to Housing Technology conference 27th Feb 2014
- Slide 24
- 23 Introductions Steve (PADDY) Clare Principal IT Auditor Gary (MAX) Marland Principal IT Auditor WE ARE THE AUDITORS FROM SALFORD
- Slide 25
- 24 IT Audit Skills Network and application security Vulnerability Assessments/ethical hacking Penetration testing Windows Operating Systems/ UNIX SAP/ ORACLE Website application and development Information Security Management ITIL IT Service Management Prince2 - project management IDEA - data analysis
- Slide 26
- Salford IT Internal Audit Services A..B..C..D..E.......GYOD Presentation to Housing Technology conference 27th Feb 2014
- Slide 27
- 26 BYOD BUY YOUR OWN DRINK? Alphabet acronym What Why How
- Slide 28
- 27 10 key risks area 1.Strategy/Policy/Etc 2.Ownership 3.Security 4.Anti-Virus 5.Standards 6.Data Loss 7.Social Media et al 8.Vulnerabilities 9.Licensing 10.Portable Media Devices
- Slide 29
- 28 1. Bureaucratic claptrap 1.Strategy 2.Policy 3.Procedures 4.Risk appetite 5.Objectives 6.Responsibilities 7.Dos and donts 8.Consequences 9.Techy understanding 10.Know your audience
- Slide 30
- 29 2. Enthusiastic Amateur 1.Ownership 2.Device control 3.System Administrator 4.Root access
- Slide 31
- 30 3. Max and Paddy Inc 1.Data security 2.Responsibilities 3.Access permissions 4.Monitoring 5.Current patch 6.Up to date Anti Virus 7.Network Access 8.Mobile device management software 9.Lost, stolen, remote wipe 10.Back up plan
- Slide 32
- 31 4. MacAfee v Norton...fight, fight, fight 1.Anti Virus software conflicts 2.Lazy staffing updates 3.Costs
- Slide 33
- 32 5. My way or the highway 1.Standards 2.Device differences 3.Processing speeds 4.Private v Business use 5.Breach of standards 6.Costs 7.Legal issues 8.Monitoring, control....Policing
- Slide 34
- 33 6. Piggy in the Middle 1.Man in the middle attacks 2.Data loss 3.Consequences 4.Unsecure connections
- Slide 35
- 34 7. Its sick this innit 1.Facebook - http://www.telegraph.co.uk/technology/facebook/1 0369934/Facebook-hacked-how-criminals-can- exploit-your-data.html 2.Twitter 3.Instagram - https://viaforensics.com/mobile- security/hacked-your-instagram-account.html 4.You Tube 5.Dropbox - http://www.computerweekly.com/news/224020436 6/Dropbox-can-be-hacked-say-security- researchers 6.Hotmail 7.Linked policy
- Slide 36
- 35 8. C3PO goes mental 1.Android vulnerabilities 2.Windows 3.Apple
- Slide 37
- 36 9. FAST and Furious 1.Licensing 2.Ownership 3.Costs 4.Types of license 5.License monitoring and control 6.Breach 7.Consequences illegal downloads
- Slide 38
- 37 10. U Stupid Boy... USB Storage devices Data Loss Prevention SD card CDs
- Slide 39
- 38 Conclusion Get the strategy right Know the take up Manage the security Agree ownership Agree monitoring and control
- Slide 40
- 39 Contact Details Gary Marland, Principal IT Auditor Telephone 0161 607 6974 [email protected] Steve Clare, Principal IT Auditor Telephone 0161 607 6976 [email protected] Salford Internal Audit Services Salford City Council Unity House Swinton Manchester M27 5AW www.salford.gov.uk/acs-audit
- Slide 41
- 40 Any Questions Thoughts Observations Or Confessions
- Slide 42
- 41