1 / 14

Welcome to Fife Council David James IT Lead Officer (Security/Risk/Continuity)

Welcome to Fife Council David James IT Lead Officer (Security/Risk/Continuity) Fife Council Third largest Local Authority in Scotland 507 square miles 360,000 population 23,000 employees (270 IT Staff) Nearly 500 networked offices Unitary Authority Co-terminus with NHS, Police and Fire

albert
Télécharger la présentation

Welcome to Fife Council David James IT Lead Officer (Security/Risk/Continuity)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Welcome to Fife Council David James IT Lead Officer (Security/Risk/Continuity)

  2. Fife Council Third largest Local Authority in Scotland 507 square miles 360,000 population 23,000 employees (270 IT Staff) Nearly 500 networked offices Unitary Authority Co-terminus with NHS, Police and Fire

  3. Business Change • Transformational Government – Enabled by Technology (Nov 2005) • 120 Mission Critical or High Risk IT enabled project • National IT Systems • Shared Services

  4. Fife Council Big 8 Objectives Energetic agenda to improve Fife Council (3 examples) • Improve Educational Attainment • Making Fife the Leading Green Council • Making Fife a top performing Council

  5. Data Security Right Data – Right Place – Right Time Hardware – Software – Wetware

  6. Mobile Devices Not - Any Data – Any Place – Any Time • Value of the laptop and pen drive

  7. Value – Business Issue • Value of the data • £1m fine for loss of 11m customer records • Information Commissioners Office

  8. www.ico.gov.uk September 08 Sep 09 - NHS Education for Scotland to improve security after details on medical training applicants are stolenNHS Education for Scotland (NES) has agreed to improve data security after it informed the Information Commissioner’s Office (ICO) of a data breach involving the theft of an unencrypted laptop containing the personal information of 6377 applicants for medical training positions. 04 Sep 09 - Sandwell MBC agrees to improve security after losing information on children in its careSandwell Metropolitan Borough Council has agreed to take action to comply with data protection principles and has signed an Undertaking to assure the Information Commissioner’s Office (ICO) that personal data will be kept securely in future. 03 Sep 09 - Wigan Council improves security after details on most school children are stolenWigan Council has agreed to take action to comply with the Data Protection Act after the theft of a laptop computer containing personal information relating to approximately 43,000 children and young people. The laptop included personal details on most children and young people in Wigan’s schools. The information had been downloaded on to the laptop in breach of council policy. Although the laptop was stored in a locked office, the data on the device was not protected as the laptop was not encrypted.

  9. Web sites www.ico.gov.uk www.itspublicknowledge.info

  10. Physical/Electronic Physical and electronic • Building Security • Printing – more buttons • Protective marking

  11. New Challenges New issues • Web interfaces/Web based applications • Virtualisation • Mobile Devices – phones/blackberry’s Building the right IT Infrastructure

  12. COBIT www.isaca.org

  13. Information Security Standard ISO 27001 – Information Security • Risk Assessment • ISO 27001 Gap analysis Security Testing • Penetration testing • PCI-DSS National Technical Authority for IA www.cesg.gov.uk

  14. Questions

More Related