1 / 6

GRC Ninja controls governance and compliance the same way an accounting package controls finances…

GRC Ninja controls governance and compliance the same way an accounting package controls finances…. Sector: financial services Focus: financial governance & compliance, data privacy – human resources. Allen O’Neill – Isolate Technologies www.grcninja.com.

adriel
Download Presentation

GRC Ninja controls governance and compliance the same way an accounting package controls finances…

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. GRCNinjacontrols governance and compliance the same way an accounting package controls finances… Sector: financial services Focus: financial governance & compliance, data privacy – human resources Allen O’Neill – Isolate Technologies www.grcninja.com Compliance in the cloud – lessons learned

  2. Eating our own dog food… Issues: Data protection Security Territorial concerns “we sell compliance, so we’d better be compliant ….”

  3. segment / risk / value Data types (sensitivity, value) Relevant regulation Customer Trust / acceptance Actual risk vs perceived Impact of breach on: Our business <-> Clients business Decision: Architect for catastrophe

  4. Decisions taken Platform = Virtual Machine Cluster  Portability (Cloud & LAN)  Host in clients territory and reduce remote legal reach  Scalable due to business model Balance cost & security  1 DB/File location per client  Mitigates damage WHEN breach occurs Multi-factor authentication  Data segmentation  User/Pass & SSL strong  Client certificates stronger  YubiKey device strongest What to tell him?

  5. www.grcninja.com @IsolateTech allen.oneill@isolate.ie Allen O’Neill – Isolate Technologies

More Related