240 likes | 253 Views
This discussion focuses on protecting your key corporate assets and developing an effective IT security strategy. We will assess your current security measures, address any vulnerabilities, and provide recommendations for improving your security posture.
E N D
IT Security Strategy: Protecting Your Key Corporate Assets Tech Data
Non-Disclosure • This discussion is under our mutual nondisclosure agreement.
Purpose of Our Discussion • Decide if we should expand our relationship • Identify your questions and concerns about your IT security • Identify whether your issues are within our expertise • Report our findings about security issues • Establish next-step recommendations based on your situation • Create an action plan for your consideration.
Introductions • Your team • Role, responsibility, experience • What would make this a valuable meeting for you? • Our team • Role, responsibility, experience
Why Security? • IT is the engine of your business: When it’s compromised, you’re at risk • Your assets have value that bad guys want.
Why Our Customers Choose Us • Local, responsive and concerned means we’ll be there when called • Experienced in delivering and securing IT in all varieties: traditional, cloud, blended systems, mobile • Deep network of resources to solve unique situations • We work until the the problem is resolved • We take a holistic view and focus on growing our customer’s business by judicious application of IT.
What Gets Secured…? • What do you want to protect? • How much do you want to protect it? • What’s vulnerable? • Human failure • Equipment failure • Malicious attack.
What Gets Secured…? • What’s valuable? • What can and can’t you live without? • What are you legally required to protect? • Defend this first or you could go to jail • What do you need to operate your business? • Defend that next or you could go out of business.
What Gets Secured? • What is impossible to replace and what can be covered by insurance? • What’s a trade secret and what’s common knowledge?
Your Key Assets: • People – employees, customers, key vendors and stakeholders • Property – physical, electronic and intellectual • Processes – the procedures used to successfully conduct business • Proprietary data – trade secrets, confidential information and personal data.
The Outcome of Security • Availability of corporate assets • Integrity of those assets • Confidentiality of assets that are private • Accountability, making those who access the data responsible for their behavior.
The Value of Security… • Increases staff efficiencies from not having to individually deal with security issues like spam, viruses and rogue email • Increases in systems efficiency created by the security system because of upgraded technology • Eliminates cost of security breaches from unpatched software.
Security is a Real Challenge • New IT threats every second • High-profile attacks • New attack points • Mobile devices • Data leakage • Social engineering.
Seven Security Layers • Access control • Deter intrusion • Detect intrusion • Determine attack nature • Delay further access • Defend • Recover.
The Value of Security • Reduces legal exposure from unsecured premises and computer systems • Increases sales based on improved security and stability • Reduces business interruptions caused by security breaches.
Your Security Concerns • What do you need to secure? • What would it be worth to secure that? • What would it cost if it wasn’t secured? • What is your security policy?
What Would You Like to Have Happen? • What would it be like if everything worked correctly? • How will you know who to choose?
Our Recommendations • Assessment • Security policy • Remediation plan • Policy audit and implementation • Bring compliance up-to-date • Adjust implementation of policies.
Assessment • Review your situation using the seven layer security model • Identify any issues • Recommend any specific actions with cost/risk analysis • If we find nothing, you’re just being cautious.
Security Policy • Review your security policy • Look for completeness • Look for areas that have changed • Mobile • New compliance mandates.
Remediation Plan • If required
Policy Audit and Implementation • Audit for compliance • Education where needed • Help your team with enforcement strategies.
Proposed Next Steps • Agree to an assessment • Our security team will perform this • Meet for a review of findings • Decide the next step, if any.
Schedule the Next Meetings • Assessment • Who and when • Report of findings • Executive team • Two weeks later.