1 / 41

Incoming Call: Dad

Incoming Call: Dad. Incoming Call: Justin. Incoming Mail: The Boss. Salford IT Internal Audit Services. A..B..C..D..E.......G YOD. Presentation to Housing Technology conference 27th Feb 2014 . Introductions. Gary (MAX) Marland Principal IT Auditor. Steve (PADDY) Clare

sue
Download Presentation

Incoming Call: Dad

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Incoming Call: Dad

  2. Incoming Call: Justin

  3. Incoming Mail: The Boss

  4. Salford IT Internal Audit Services A..B..C..D..E.......G YOD Presentation to Housing Technology conference 27th Feb 2014

  5. Introductions • Gary (MAX) Marland • Principal IT Auditor • Steve (PADDY) Clare • Principal IT Auditor WE ARE THE AUDITORS FROM SALFORD

  6. IT Audit Skills • Network and application security • Vulnerability Assessments/ethical hacking • Penetration testing • Windows Operating Systems/ UNIX • SAP/ ORACLE • Website application and development • Information Security Management • ITIL – IT Service Management • Prince2 - project management • IDEA - data analysis

  7. Salford IT Internal Audit Services A..B..C..D..E.......G YOD Presentation to Housing Technology conference 27th Feb 2014

  8. BYOD BUY YOUR OWN DRINK? Alphabet acronym What Why How

  9. 10 key risks area • Strategy/Policy/Etc • Ownership • Security • Anti-Virus • Standards • Data Loss • Social Media et al • Vulnerabilities • Licensing • Portable Media Devices

  10. 1. Bureaucratic claptrap • Strategy • Policy • Procedures • Risk appetite • Objectives • Responsibilities • Do’s and dont’s • Consequences • Techy understanding • Know your audience

  11. 2. Enthusiastic Amateur • Ownership • Device control • System Administrator • Root access

  12. 3. Max and Paddy Inc • Data security • Responsibilities • Access permissions • Monitoring • Current patch • Up to date Anti Virus • Network Access • Mobile device management software • Lost, stolen, remote wipe • Back up plan

  13. 4. MacAfee v Norton...fight, fight, fight • Anti – Virus software conflicts • Lazy staffing updates • Costs

  14. 5. My way or the highway • Standards • Device differences • Processing speeds • Private v Business use • Breach of standards • Costs • Legal issues • Monitoring, control....Policing

  15. 6. Piggy in the Middle • Man in the middle attacks • Data loss • Consequences • Unsecure connections

  16. 7. It’s sick this innit • Facebook - http://www.telegraph.co.uk/technology/facebook/10369934/Facebook-hacked-how-criminals-can-exploit-your-data.html • Twitter • Instagram - https://viaforensics.com/mobile-security/hacked-your-instagram-account.html • You Tube • Dropbox - http://www.computerweekly.com/news/2240204366/Dropbox-can-be-hacked-say-security-researchers • Hotmail • Linked policy

  17. 8. C3PO goes mental • Android vulnerabilities • Windows • Apple

  18. 9. FAST and Furious • Licensing • Ownership • Costs • Types of license • License monitoring and control • Breach • Consequences – illegal downloads

  19. 10. U Stupid Boy... • USB • Storage devices • Data Loss Prevention • SD card • CD’s

  20. Conclusion • Get the strategy right • Know the take up • Manage the security • Agree ownership • Agree monitoring and control

  21. Contact Details Steve Clare, Principal IT Auditor Telephone 0161 607 6976 steve.clare@salford.gvo.uk Gary Marland, Principal IT Auditor Telephone 0161 607 6974 Gary.marland@salford.gov.uk • Salford Internal Audit Services Salford City Council Unity House Swinton Manchester M27 5AW • www.salford.gov.uk/acs-audit

  22. Any Questions Thoughts Observations Or Confessions

More Related