1 / 21

Michael Blackin Sales Consulting Director

Michael Blackin Sales Consulting Director. Ohio Digital Government Summit. Security Critical To Business Continuity. 2007 Organized crime Sensitive data Identity theft Constant threat. 1997 Amateur hackers Web site defacement Viruses Infrequent attacks.

breanna-blevins
Download Presentation

Michael Blackin Sales Consulting Director

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Michael Blackin Sales Consulting Director Ohio Digital Government Summit

  2. Security Critical To Business Continuity • 2007 • Organized crime • Sensitive data • Identity theft • Constant threat • 1997 • Amateur hackers • Web site defacement • Viruses • Infrequent attacks

  3. Security Breaches Front Page News

  4. Security: A Preventive Control • Examine information lifecycle and secure every point throughout • Do not limit yourself to structured data • Automate your controls whenever possible to lower costs

  5. Secure Data Lifecycle Management Lockdown Information Secure Origination Control Access Points Data Destruction Manage Exceptions

  6. Secure Data Lifecycle Management Lockdown Information Secure Origination Control Access Points Data Destruction Manage Exceptions

  7. Secure Origination Authentication Application access controls Segregation of duties Unstructured data Request and approval process Classification of asset Admin

  8. Secure Data Lifecycle Management Lockdown Information Secure Origination Control Access Points Data Destruction Manage Exceptions

  9. KING 18031 sfING Org 10 SCOTT 14220 SCOjd PIERMAR 17170 ByAgE Network KNOX 12029 SMITH Org 20 uthenticate KYTE 17045 gAMES CAREY 12032 fONES Org 30 HOECHST 18029 MIER Admin Access Control Comprehensive Auditing Encrypted Data In Motion Authenticate Authorize Audit Lockdown InformationStructured Data Users Data Segregation of Duties (What about Privileged Users?) Encrypted Data at Rest

  10. But… Structured Information Unstructured Information 10% 90% • Most sensitive data is unstructured… • Printed reports not shredded • Documents on thumb drives • Sensitive email • Lack of control Source Gartner: 2005

  11. Lockdown InformationUnstructured Data Information Rights Management • Sealing documents and emails protects them wherever they go • Central server manages rules - even for copies of documents that leave your network • Central server audits usage – even for copies of documents that leave your network

  12. Secure Data Lifecycle Management Lockdown Information Secure Origination Control Access Points Data Destruction Manage Exceptions

  13. Business Intelligence Executives Analysts • WS-Security • Web Services Mgmt • Audit Control Access Points • Authentication • Authorization • Audit Service Oriented Architecture Service Providers Structured Data Unstructured Data Users and Administrators Other Agencies • Authentication • Authorization • Audit • Policy • Encryption • Audit Applications Federation

  14. Secure Data Lifecycle Management Lockdown Information Secure Origination Control Access Points Data Destruction Manage Exceptions

  15. Collect and Consolidate Audit Data Automate Compliance Reporting Detect and Prevent Insider Threats Monitor, Test, Adjust Lower IT Costs With Audit Policies Manage ExceptionsConsolidate and Tamper-Proof your Audit Repository Monitor Policies Security Reports Service Datastore Application Directory

  16. Secure Data Lifecycle Management Lockdown Information Secure Origination Control Access Points Data Destruction Manage Exceptions

  17. Data Destruction Authentication Application access controls Segregation of duties Unstructured data Request and approval process Classification of asset Admin

  18. Key Takeaways • Focus on both Structured and Unstructured data • Secure information at rest and in motion • Take a long look at privileged users • Examine business process touch points • Enforce Non-repudiation • Eliminate sensitive information anywhere not required

  19. For more information… Kevin Wallace Account Manager 614.343.3794 kevin.wallace@oracle.com Ed Pinkin FMW Account Manager 617.645.8943 edward.pinkin@oracle.com

More Related