slide1 l.
Skip this Video
Loading SlideShow in 5 Seconds..
Welcome to Fife Council David James IT Lead Officer (Security/Risk/Continuity) PowerPoint Presentation
Download Presentation
Welcome to Fife Council David James IT Lead Officer (Security/Risk/Continuity)

Loading in 2 Seconds...

  share
play fullscreen
1 / 14
Download Presentation

Welcome to Fife Council David James IT Lead Officer (Security/Risk/Continuity) - PowerPoint PPT Presentation

albert
290 Views
Download Presentation

Welcome to Fife Council David James IT Lead Officer (Security/Risk/Continuity)

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Welcome to Fife Council David James IT Lead Officer (Security/Risk/Continuity)

  2. Fife Council Third largest Local Authority in Scotland 507 square miles 360,000 population 23,000 employees (270 IT Staff) Nearly 500 networked offices Unitary Authority Co-terminus with NHS, Police and Fire

  3. Business Change • Transformational Government – Enabled by Technology (Nov 2005) • 120 Mission Critical or High Risk IT enabled project • National IT Systems • Shared Services

  4. Fife Council Big 8 Objectives Energetic agenda to improve Fife Council (3 examples) • Improve Educational Attainment • Making Fife the Leading Green Council • Making Fife a top performing Council

  5. Data Security Right Data – Right Place – Right Time Hardware – Software – Wetware

  6. Mobile Devices Not - Any Data – Any Place – Any Time • Value of the laptop and pen drive

  7. Value – Business Issue • Value of the data • £1m fine for loss of 11m customer records • Information Commissioners Office

  8. www.ico.gov.uk September 08 Sep 09 - NHS Education for Scotland to improve security after details on medical training applicants are stolenNHS Education for Scotland (NES) has agreed to improve data security after it informed the Information Commissioner’s Office (ICO) of a data breach involving the theft of an unencrypted laptop containing the personal information of 6377 applicants for medical training positions. 04 Sep 09 - Sandwell MBC agrees to improve security after losing information on children in its careSandwell Metropolitan Borough Council has agreed to take action to comply with data protection principles and has signed an Undertaking to assure the Information Commissioner’s Office (ICO) that personal data will be kept securely in future. 03 Sep 09 - Wigan Council improves security after details on most school children are stolenWigan Council has agreed to take action to comply with the Data Protection Act after the theft of a laptop computer containing personal information relating to approximately 43,000 children and young people. The laptop included personal details on most children and young people in Wigan’s schools. The information had been downloaded on to the laptop in breach of council policy. Although the laptop was stored in a locked office, the data on the device was not protected as the laptop was not encrypted.

  9. Web sites www.ico.gov.uk www.itspublicknowledge.info

  10. Physical/Electronic Physical and electronic • Building Security • Printing – more buttons • Protective marking

  11. New Challenges New issues • Web interfaces/Web based applications • Virtualisation • Mobile Devices – phones/blackberry’s Building the right IT Infrastructure

  12. COBIT www.isaca.org

  13. Information Security Standard ISO 27001 – Information Security • Risk Assessment • ISO 27001 Gap analysis Security Testing • Penetration testing • PCI-DSS National Technical Authority for IA www.cesg.gov.uk

  14. Questions