240 likes | 448 Views
IT Security Strategy: Protecting Your Key Corporate Assets. Tech Data. Non-Disclosure. This discussion is under our mutual nondisclosure agreement. Purpose of Our Discussion. Decide if we should expand our relationship Identify your questions and concerns about your IT security
E N D
IT Security Strategy: Protecting Your Key Corporate Assets Tech Data
Non-Disclosure • This discussion is under our mutual nondisclosure agreement.
Purpose of Our Discussion • Decide if we should expand our relationship • Identify your questions and concerns about your IT security • Identify whether your issues are within our expertise • Report our findings about security issues • Establish next-step recommendations based on your situation • Create an action plan for your consideration.
Introductions • Your team • Role, responsibility, experience • What would make this a valuable meeting for you? • Our team • Role, responsibility, experience
Why Security? • IT is the engine of your business: When it’s compromised, you’re at risk • Your assets have value that bad guys want.
Why Our Customers Choose Us • Local, responsive and concerned means we’ll be there when called • Experienced in delivering and securing IT in all varieties: traditional, cloud, blended systems, mobile • Deep network of resources to solve unique situations • We work until the the problem is resolved • We take a holistic view and focus on growing our customer’s business by judicious application of IT.
What Gets Secured…? • What do you want to protect? • How much do you want to protect it? • What’s vulnerable? • Human failure • Equipment failure • Malicious attack.
What Gets Secured…? • What’s valuable? • What can and can’t you live without? • What are you legally required to protect? • Defend this first or you could go to jail • What do you need to operate your business? • Defend that next or you could go out of business.
What Gets Secured? • What is impossible to replace and what can be covered by insurance? • What’s a trade secret and what’s common knowledge?
Your Key Assets: • People – employees, customers, key vendors and stakeholders • Property – physical, electronic and intellectual • Processes – the procedures used to successfully conduct business • Proprietary data – trade secrets, confidential information and personal data.
The Outcome of Security • Availability of corporate assets • Integrity of those assets • Confidentiality of assets that are private • Accountability, making those who access the data responsible for their behavior.
The Value of Security… • Increases staff efficiencies from not having to individually deal with security issues like spam, viruses and rogue email • Increases in systems efficiency created by the security system because of upgraded technology • Eliminates cost of security breaches from unpatched software.
Security is a Real Challenge • New IT threats every second • High-profile attacks • New attack points • Mobile devices • Data leakage • Social engineering.
Seven Security Layers • Access control • Deter intrusion • Detect intrusion • Determine attack nature • Delay further access • Defend • Recover.
The Value of Security • Reduces legal exposure from unsecured premises and computer systems • Increases sales based on improved security and stability • Reduces business interruptions caused by security breaches.
Your Security Concerns • What do you need to secure? • What would it be worth to secure that? • What would it cost if it wasn’t secured? • What is your security policy?
What Would You Like to Have Happen? • What would it be like if everything worked correctly? • How will you know who to choose?
Our Recommendations • Assessment • Security policy • Remediation plan • Policy audit and implementation • Bring compliance up-to-date • Adjust implementation of policies.
Assessment • Review your situation using the seven layer security model • Identify any issues • Recommend any specific actions with cost/risk analysis • If we find nothing, you’re just being cautious.
Security Policy • Review your security policy • Look for completeness • Look for areas that have changed • Mobile • New compliance mandates.
Remediation Plan • If required
Policy Audit and Implementation • Audit for compliance • Education where needed • Help your team with enforcement strategies.
Proposed Next Steps • Agree to an assessment • Our security team will perform this • Meet for a review of findings • Decide the next step, if any.
Schedule the Next Meetings • Assessment • Who and when • Report of findings • Executive team • Two weeks later.