1 / 7

IT Security Best Practices

Jerry Crow. IT Security Best Practices. Maricopa Association of Governments Telecommunications Advisory Group October 23, 2003. Trends. General IT security, always important, is becoming ever more visible in the media.

benjy
Download Presentation

IT Security Best Practices

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Jerry Crow IT Security Best Practices Maricopa Association of Governments Telecommunications Advisory Group October 23, 2003

  2. Trends General • IT security, always important, is becoming ever more visible in the media. • Active defensive reactions to this threat are becoming ever more sophisticated (read: complex). • 9/11 accelerated defensive response evolution considerably • Alphabet soup of organizations formed to respond: DHS, ISACs, PCIPB, etc.

  3. Trends Microsoft Direction • MS has created and fostered an astonishing situation: customers line up to test software products • Two years ago: month-long "nothing but security"; largely image, but an improvement • Recent remarks by Steve Ballmer bode well for end users of MS software and those that manage the platforms they use. • Reminiscent of 1994 and the web

  4. Trends Current "Big" Thing Wireless networking security • Products tend to be "wide open" out of the box; end user convenience issue • Original security "standard" (WEP) was inadequate; can be rather easily circumvented by contemporary technology • Security improving rapidly; state-of-the-art is reasonable • Cost and convenience ensure wireless networking is here to stay • External threat: war driving • Internal threat: rogue access points

  5. Information Sources Sources on the Web • www.sans.org Lots of practical security related info • www.researchedge.com/atic/cybersec/ ATIC website – Cyber Security Committee • gita.state.az.us Excellent source for policies, standards • www.nist.gov Excellent source for reference material, "how to" documents • www.dhs.gov Large website – significant amount of info

  6. Information Sources Sources on the Web • www.security.state.az.us AZ DoA site • www.infragard.net InfraGard site; national • www.infragard.net/phoenix InfraGard site; Phoenix chapter

  7. Bottom Line • Constantly strive to increase staff awareness of IT security issues • Monitor policies, references, procedures, etc. on a regular basis • Watch MS monthly security updates • IT security is a process, not a product. • Word of the moment: agility

More Related