1 / 114

Commonwealth Information Security Officers Advisory Group (ISOAG) Meeting

Commonwealth Information Security Officers Advisory Group (ISOAG) Meeting. JULY 11, 2007. www.vita.virginia. 1. WELCOME. Peggy Ward, VITA. www.vita.virginia. 2. ISOAG July 2007 Agenda. I. Welcome Peggy Ward, VITA II. E-Discovery Julie Whitlock, OAG

shae
Download Presentation

Commonwealth Information Security Officers Advisory Group (ISOAG) Meeting

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Commonwealth Information Security Officers Advisory Group (ISOAG) Meeting JULY 11, 2007 www.vita.virginia 1

  2. WELCOME Peggy Ward, VITA www.vita.virginia 2

  3. ISOAG July 2007 Agenda I. Welcome Peggy Ward, VITA II. E-Discovery Julie Whitlock, OAG III. Identity Management Roadmap Tony Shoot, NG IV. CESC - Security Operations Linda Smith, NG V. Commonwealth Information Security Council Update! Encryption Committee Steve Werby Making Security an Executive Management Priority John Karabaic Small Agency Outreach Robert Jenkins Identity and Access Management Patricia Paquette VI. Keylogging Malware Tripp Sims, VITA VII. COV IT Security Policies, Standards and Guidelines Update Cathie Brown, VITA IX. MS-ISAC Peggy Ward, VITA X. Upcoming Events Peggy Ward, VITA XI. Other Business Peggy Ward, VITA

  4. An Overview ofE-Discovery July 11, 2007 Julie Whitlock, Assistant Attorney General Technology and Procurement Law Section

  5. What is discovery? • Discovery is the process by which parties to a lawsuit exchange information, or request it from third parties • Requests for production of documents • Subpoenas • Depositions • Etc.

  6. What is e-discovery? • Process by which parties request “electronically stored information” = ESI • Includes: Emails Metadata Voice mails Spreadsheets Word files Text messages Calendars Videos Information on jump drives, PDAs, and Blackberries Information stored on home or personal computers and devices, and in personal e-mail accounts

  7. What has changed? • Statewide document retention schedules have not changed • Duty to preserve evidence has not changed • Federal Rules of Civil Procedure • Amendments became effective December 2006 • Specifically address e-discovery • Specifically allow for sanctions • Require early conference to discuss availability, cost, and timing of producing data

  8. What is individual agency’s responsibility? • Compliance with document retention schedules, including documentation of destruction • Preservation of all evidence in its original electronic form, so that all information contained within it, whether visible or not, is also available for inspection (e.g. metadata) • Notification to VITA early on, to enable efficient responses and coordinate any necessary litigation holds • Notification to your agency counsel at the AG’s Office when you anticipate litigation, in order to receive advice specific to the situation

  9. Effective Records Management • Ensures compliance with document retention schedules • Provides the foundation for compliance with discovery rules • Enables efficient review of ESI • Reduces cost of storage, cost of searching, cost of retrieval • Library of Virginia retention schedules address both physical records and virtual records

  10. Virginia Code § 42.1-86.1. Disposition of public records. — *** C. Each agency shall ensure that records created after July 1, 2006 and authorized to be destroyed or discarded in accordance with subsection A, are destroyed or discarded in a timely mannerin accordance with the provisions of this chapter; provided, however, such records that contain identifying information as defined in clauses (iii) through (ix), or clause (xii) of subsection C of § 18.2-186.3, shall be destroyed within six months of the expiration of the records retention period. *** (iii) social security number (iv) driver's license number (v) bank account numbers (vi) credit or debit card numbers (vii) PIN numbers (viii) electronic identification codes (ix) automated or electronic signatures (xii) passwords

  11. What can my agency do now? • Review current document retention schedules and practices • Watch for formal advice from the OAG • Become familiar with what you have electronically, where it is stored, in what formats, and who is responsible for it (don’t forget personal devices) • Become familiar with your automatic backup and archiving functions • Begin to understand what would be necessary to perform a search or to retrieve archived documents

  12. What can my agency do now? (con’t) • Begin to identify positions within your agency that are involved in data retention – this includes your document retention/records management officer • Encourage the segregation of personal or proprietary information before data is archived – to reduce the time spent segregating when responding to a request

  13. Things to consider when preparing for e-discovery • Individual privacy of user • Prevention of data loss, whether inadvertent or intentional • Minimizing individual disruptions while searching and responding to discovery requests • Operational efficiencies to ensure timely preservation and processing of data • Consistency of process

  14. Conclusion

  15. Identity Management Support June 11, 2007

  16. Identity Management • Definition: • Management of the identity life cycle of entities (subjects or objects) during which: • the identity is established • the identity is described • the identity is destroyed • Transformation Objectives: • User consolidation across multiple directories and e-mail system • Single domain Active Directory (COV.VIRGINIA.GOV) • Role-Based Access Control • Provisioning and de-provisioning • Self Service Password Management • Auditing and Reporting

  17. Components Confidential

  18. Active Directory • Primary Identity Repository • Authentication and Access Control • Single domain Active Directory – COV.VIRGINIA.GOV • User consolidation from Agency directories and e-mail system

  19. ADAM (Active Directory Application Mode) Confidential

  20. MIIS (Microsoft Identity Integration Server) Confidential

  21. Quest Management Tools Confidential

  22. P-Synch Confidential

  23. Pegasus / Dogwood Confidential

  24. Identity Management Transformation Roadmap Confidential

  25. Enabling Identity Management • Central Identity Repository • Identity Synchronization • Self-Service • Authorization • Access • Passwords • Profile • Workflow • Centralized User Management • Delegated Administration • Automated Provisioning and De-Provisioning • Single Sign On • Consolidated Auditing

  26. Enabling Identity Management • Central Identity Repository • Consolidation of user identities into one centralized repository • Integrate other systems authorization and authentication of users • External and internal web apps leverage primary identity store • Internal enterprise apps leverage primary identity store

  27. Enabling Identity Management • Identity Synchronization • Automatic propagation of changes to other managed systems (Synchronization) • Collects identity data from other systems • Enables provisioning across wide range of systems and applications

  28. Enabling Identity Management • Self Service • Password Resets • Profile Updates • Account and Access request

  29. Enabling Identity Management • Centralized User Management • Role-Based Access Control • Rule-Based Access Control • Centralized provisioning and de-provisioning • Password Management • Uniform Password Policy • Password Initialization • Spans multiple systems

  30. Enabling Identity Management • Delegated Administration • Non-technical users perform granular administration

  31. Enabling Identity Management • Resource Provisioning • Automated provisioning and de-provisioning • Workflow automates approval process

  32. Enabling Identity Management • Single Sign-On (SSO) • Reduced Sign On • Authenticate once to gain access to many systems • A single identity source is used for authentication • Reduced Credentials • User credentials gain access to multiple systems (each requiring sign on) • Password is synchronized between multiple systems

  33. Enabling Identity Management • Identity Auditing and Reporting • Automatic ticket generation for follow-up and reporting • Automatic E-Mail for interaction with users, administrators, and authorizers • Real-time auditing of all AD changes

  34. Questions ?

  35. Security Operations Center tools Linda Smith Manager Transformation Security Services July 11, 2007

  36. Table of Contents Confidential

  37. Blue Coat Confidential

  38. Blue Coat default deny policy Confidential Confidential

  39. Blue Coat configuration Confidential

  40. Blue Coat Reporter Confidential

  41. Internet Security Systems Confidential

  42. ID Management Confidential

  43. Antivirus Management Confidential

  44. Firewall / VPN Confidential

  45. Firewall / VPN Confidential

  46. Questions?

  47. Commonwealth Information Security Council Peggy Ward, VITA 47

  48. Encryption Committee Jesse Crim (VCU) John Palese (DSS) Michael McDaniel (VRS) Tripp Simms (VITA/NG) Steve Werby (DOC) Craig Goeller (DMAS) NEW MEMBER!

  49. Making Security an Executive Management Priority Committee Members Shirley Payne, Chair, University of Virginia Joe Hubbard, Virginia Lottery Beth Nelson, State Board of Elections Judy Napier, Office of the Governor John Karabaic, CISSP, Dept. Medical Assistance Services

  50. Deliverables • Plan and develop Executive Security Awareness events, either stand-alone or as riders on other planned executive-level events. • Present effective Executive Security Awareness practices from agencies as models other agencies might follow.

More Related