1 / 22

You’re the IT Heroes

You’re the IT Heroes. John Craddock johncra@xtseminars.co.uk. When All Fails. The Heroes. Who Do We Blame?. Microsoft !. But is that fair Today?. NO. We can build systems that are truly reliable. What Does It Take?. Governance Knowing what we have

aderyn
Download Presentation

You’re the IT Heroes

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. You’re the IT Heroes John Craddock johncra@xtseminars.co.uk

  2. When All Fails The Heroes

  3. Who Do We Blame? Microsoft !

  4. But is that fair Today? NO We can build systems that are truly reliable

  5. What Does It Take? • Governance • Knowing what we have • Well practised policies and procedures • Security, management and deployment • Monitoring • Closing the loop • Budget

  6. Governance Teeth required! Interest required! CXOs Business Requirements IT ArchitecturalBoard Security ReviewBoard Defines how we operate Ultimate decision on infrastructure changes Rules for delegated administration

  7. Knowing What you’ve Got If you don’t know what you’ve got you can’t protect it

  8. If It All Fails • Make sure you can recover it • You must have well documented and tested disaster recovery plans • Test them regularly • Make sure enough staff are trained • Know when to invoke the plan

  9. Change Control • Document all changes • Automate as many processes as you can • Test testtest • You need a test and reference environment • Reference should “mirror” production and be under change control

  10. Updates Updates are essential

  11. Monitoring Good monitoring and planned response Stop an event turning into a Disaster

  12. Closing the Loop

  13. Security RiskManagementProcess Document Processes andProcedures Operations Statement of what you must do tosecure the environment What you say you do and how you do it What you really do Identifies threats,risks and mitigations All Process Loops Must Close Security Policy

  14. How do you get the budget?

  15. You Need to Sell the Process • Talk to an asset owner: • “How much would it cost the company if the sales agents could not work for a day” • $200,000 per day • How long would it take your team to clean malware off all the sales computers? • 3 days • Loss: 3 x $200,000 = $600,000 • How much would it cost to instigate a security process that mitigated the risk? • Estimated 6 weeks for team, cost $50,000

  16. Gooddocumentation Money Please…. What’s she after? Her smile’s too big Currently we don’t have an effective security process. The chances of sales computers being compromised is high. While we recover the systems the company will loose $600,000 $600,000 vs $50,000 and of course it could happen more than once! If we had a good security management in process in place, the risks of being compromised are low. Initial project costs estimated at $50,000 Oh, and if we lost the confidentiality of customer’s personal identity information, YOU could end up in PRISON!

  17. Some Great Tools Change Management Configuration Management Joining up the story Orchestration Automation Workflow Operations Management Incident Management

  18. How Cool Is That?

  19. Don’t be the fire-fighting Hero

  20. Form the perfect orchestra Be a Super Hero

More Related