際際滷

際際滷Share a Scribd company logo
Security for Todays Businesses

By: John Ahearn:: A Technology and Security Professional:: john.james.ahearn@gmail.com



Security is Holistic

    1.   Training and Education.

    2.   Systems for Checking and Verifying.

    3.   Controlling All Communications.

    4.   Data Secured in Layers with Clock.

    5. Information needs to be Checked Out, Checked Back In and Use Verified.

    6.   Identity Systems Must Be Fail Safe.



What are the Threats?

    1. Bots & Bot Herders: Inside your computers ready to be controlled by another.

    2. Phishing: Staff and Confidential Vendors lured into a false sense of confidence.

    3. Malware: Viruses and Spies causing damage and leaks.

    4. Identity Theft: There are various ways to get the simple information used to identify a person in our current systems.

    5. Internal Weakness: Internal operations, staff and affiliates are the weakest links.

    6. Advanced Criminals: Attack sophistication and schemes are growing.

    7. Traditional Security Procedures: Basic methods from the Military and Government are being under rated and not
         used in private business.

    8. Total Compliance: All staff need to be participating and aware.



What Should We Be Doing?

    1.   Create programs sponsored by the organizations leaders based on risk reduction and business continuity.

    2.   Secure the inside of your operations through granular data and staff control.

    3.   Monitor, review, investigate, respond and evolve your security operations.

    4.   Check the checkers and verify all the systems and operations with other reliable entities.

    5.   Biometrics and Secure Identification systems are the future.

    6.   Build redundancy and fail safe entities into operations.

    7.   Create professional and controlled opportunities to catch thieves.
8.   Document and define all systems you operate.

   9.   Monitor and control all systems you must use.

   10. Start thinking in a new way.



What is the New Think?

   1.   Define what is normal and design your system from inclusion.

   2. Dont fight the battle from defining only what should not be done. Think about and define exactly what is normal.

   3.   Actively look for abnormalities and weak links in all staff and systems.

   4. Human Resources are vital in developing the people and policies for your company. Actively evolve behavior and
        systems acceptance.

   5.   Executives must be involved and drive the process.

   6.   No one should be able to get around your security programs in order to avoid personal risk or responsibility.

   7.   Define what your are protecting with classifications and time frames.

   8.   Encryption technology is currently sufficient but its use is not standardized and the ends points are exposed.



SUMMARY

       New virtualized environments and cloud computing will force the loss of legacy physical security methods.

       Security evolves and does not happen overnight.

       Security needs to be a layered set of checks & balances.

       Security involves everyone in the organization.

       Contractors and affiliates need to be an integral part of your program.

       Security will soon drive the success of a business and give you the advantage over your competition.

       Security systems will start to standardize and the government will have to take a more active role in standards.

More Related Content

Ahearn Security Presentation

  • 1. Security for Todays Businesses By: John Ahearn:: A Technology and Security Professional:: john.james.ahearn@gmail.com Security is Holistic 1. Training and Education. 2. Systems for Checking and Verifying. 3. Controlling All Communications. 4. Data Secured in Layers with Clock. 5. Information needs to be Checked Out, Checked Back In and Use Verified. 6. Identity Systems Must Be Fail Safe. What are the Threats? 1. Bots & Bot Herders: Inside your computers ready to be controlled by another. 2. Phishing: Staff and Confidential Vendors lured into a false sense of confidence. 3. Malware: Viruses and Spies causing damage and leaks. 4. Identity Theft: There are various ways to get the simple information used to identify a person in our current systems. 5. Internal Weakness: Internal operations, staff and affiliates are the weakest links. 6. Advanced Criminals: Attack sophistication and schemes are growing. 7. Traditional Security Procedures: Basic methods from the Military and Government are being under rated and not used in private business. 8. Total Compliance: All staff need to be participating and aware. What Should We Be Doing? 1. Create programs sponsored by the organizations leaders based on risk reduction and business continuity. 2. Secure the inside of your operations through granular data and staff control. 3. Monitor, review, investigate, respond and evolve your security operations. 4. Check the checkers and verify all the systems and operations with other reliable entities. 5. Biometrics and Secure Identification systems are the future. 6. Build redundancy and fail safe entities into operations. 7. Create professional and controlled opportunities to catch thieves.
  • 2. 8. Document and define all systems you operate. 9. Monitor and control all systems you must use. 10. Start thinking in a new way. What is the New Think? 1. Define what is normal and design your system from inclusion. 2. Dont fight the battle from defining only what should not be done. Think about and define exactly what is normal. 3. Actively look for abnormalities and weak links in all staff and systems. 4. Human Resources are vital in developing the people and policies for your company. Actively evolve behavior and systems acceptance. 5. Executives must be involved and drive the process. 6. No one should be able to get around your security programs in order to avoid personal risk or responsibility. 7. Define what your are protecting with classifications and time frames. 8. Encryption technology is currently sufficient but its use is not standardized and the ends points are exposed. SUMMARY New virtualized environments and cloud computing will force the loss of legacy physical security methods. Security evolves and does not happen overnight. Security needs to be a layered set of checks & balances. Security involves everyone in the organization. Contractors and affiliates need to be an integral part of your program. Security will soon drive the success of a business and give you the advantage over your competition. Security systems will start to standardize and the government will have to take a more active role in standards.