BCS Elite Mark Evans

42
23 July, 2012 Dealing With My Insecurities About Security Our Global State of Mind Mark Evans, IT Manager Dealing With My Insecurities About Security

TAGS:

description

Presentation given to BCS ELITE in Manchester by Mark Evans, IT Manager on 23rd July 2012

Transcript of BCS Elite Mark Evans

Page 1: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Our Global

State of Mind

Mark Evans, IT Manager

Dealing With My

Insecurities About

Security

Page 2: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

The Challenge

• Physical security

• Data security

• Access security: systems

Page 3: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Physical Security

Page 4: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Physical Access

Issues

Page 5: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

We could use this for…

Page 6: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

… a film set!

Page 7: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

We could use this space for…

Page 8: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

… a concert by JLS!

…who?!

Page 9: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Environmental

Issues

Page 10: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Millennium Point

Page 11: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

London – MI5

Page 12: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Birmingham - MI Foive

Page 13: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Terrorist target?

Page 14: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Public Access

Page 15: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Very open-plan…

Page 16: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Infrastructure

Issues

Page 17: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Openreach service and repair

Page 18: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Leaking roof!

Page 19: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Sprinkler system…

Page 20: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Physical security challenges

• Access issues

– Filming

– Concerts

• Environmental issues

– Terrorist target

– Neighbours (ThinkTank museum, various universities, colleges)

• Infrastructure issues

– Openreach

– Leaking roof

– Sprinkler system

Page 21: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Data Security

Page 22: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Access to servers

Page 23: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Next step?

?

Page 24: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Access to backup

media

Page 25: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Data Security • Access to servers

– Far too easy

– Insecure

– Expensive to remedy within the building

• Access to backup media

– How near is “far enough away”?

– Rapid response?

– How secure is the repository?

Page 26: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Access security:

systems

Page 27: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Vendor security

Page 28: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

VPN

Page 29: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Access security:

systems • Not considered a major issue except:

– More access via the internet

– Seek to deprecate VPN for non-IT staff

Page 30: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Concept and

Realisation

Page 31: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Wish list

• Physical Security

– Secure physical location

– Infrastructure issues eradicated

• Data Security

– Access to servers secured

– Access to backup services and media improved

• Access security - systems

– Meet current standard / improve where

practicable

Page 32: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

XaaS..?

• SaaS

– No real “fit” in terms of software provision

– Data location?

• PaaS

– Off-the-shelf software

– Very little in-house development

• IaaS

– What we have, but somewhere else!!!

Page 33: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

An aside…

• Overturning the London-centric

orthodoxy…

• “We can proudly boast that we have a

data centre in Canary Wharf…”

Page 34: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Why Canary Wharf for data centres?

Terrorist threats..? IRA, 1996

'No guaranteed security' for Olympics says head

of MI5, Jonathan Evans –

The Independent, 26th June, 2012

Olympic missile testing ‘achieved its objectives’ –

Metro, 12th June, 2012

Page 35: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Why Canary Wharf for data centres?

Page 36: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Wish list

• Physical Security

– Secure physical location

– Infrastructure issues eradicated

• Data Security

– Access to servers secured

– Access to backup services and media improved

• Access security - systems

– Meet current standard / improve where

practicable

Page 37: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Requirement

• Purpose-built, third-party data centre

hosting for IaaS private cloud

services – Physical security

– Data security

– Systems access security

Page 38: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Physical Security

• Secure physical location?

– Third-party datacentre with biometrics, swipe

cards, 24-hour security

• N+1

• Datacentre is not a known terrorist

target(?!)

• Tier 3 design

• Multi-meshed MPLS network

• VESDA fire detection

Page 39: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Data Security

• Access to servers – Via appointment, requiring photo id

– UK-based - Yorkshire(!)

• Self-contained backup solution – Managed backup solution as service add-on

Page 40: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Access Security:

Systems

• Managed firewall

• RLB application of Microsoft Unified Access

Gateway

• SSL connections to internet-facing sites

• Active Directory

Page 41: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

Rider Levett Bucknall

• IaaS Private Cloud

• Hosted Exchange 2010

• MPLS Network (UK)

• Central services (Document Management

System, Finance system)

• SaaS HR system, mail branding

• Serving global colleagues

Page 42: BCS Elite Mark Evans

23 July, 2012 Dealing With My Insecurities About Security

And… relax..!


JOINING BCS

JOINING BCS

SUPERCONDUCTIVIDAD BCS

SUPERCONDUCTIVIDAD BCS

BCS Foundation Certificate in Business Analysis Syllabusbusinessanalystsolutions.com/PDFs/syllabus-BCS-Business-Analysis... · BCS Foundation Certificate in Business Analysis ...

BCS Foundation Certificate in Business Analysis Syllabusbusinessanalystsolutions.com/PDFs/syllabus-BCS-Business-Analysis... · BCS Foundation Certificate in Business Analysis ...

BCS Written

BCS Written

Bcs elite leeds kowledge worker presentation 3 nov 2011

Bcs elite leeds kowledge worker presentation 3 nov 2011

BCS Prime Brokerage Ltd (“BCS UK”) Pillar 3 Disclosures ...

BCS Prime Brokerage Ltd (“BCS UK”) Pillar 3 Disclosures ...

Bcs newsletter2013

Bcs newsletter2013

Protecting the CNI BCS ELITE 9 June 2005 Mick Morgan Head of Response.

Protecting the CNI BCS ELITE 9 June 2005 Mick Morgan Head of Response.

3811_ReducingCostsUsingPersonalizedAutoRepair_ BCS

3811_ReducingCostsUsingPersonalizedAutoRepair_ BCS

BCS Softech.docx

BCS Softech.docx

Projektron BCS 18 · 2019. 12. 18. · Projektron BCS 18.4 - Functions 5 Functions Functions BCS stands for Business Coordination Software. The web-based Projektron BCS project management

Projektron BCS 18 · 2019. 12. 18. · Projektron BCS 18.4 - Functions 5 Functions Functions BCS stands for Business Coordination Software. The web-based Projektron BCS project management

David Evans evans@cs.virginia cs.virginia/evans

David Evans [email protected] cs.virginia/evans

Bcs centerary

Bcs centerary

Business Connectivity Services (BCS) Primer Creating BCS Applications Creating.NET Assembly Connectors in Visual Studio 2010 support BCS Security.

Business Connectivity Services (BCS) Primer Creating BCS Applications Creating.NET Assembly Connectors in Visual Studio 2010 support BCS Security.

BCS written exam preparation and BCS Preliminary exam preparation

BCS written exam preparation and BCS Preliminary exam preparation

Protecting the CNI BCS ELITE 9 June 2005

Protecting the CNI BCS ELITE 9 June 2005

Green Praxis A Sceptics Take BCS Elite and Green ICT SGs Joint event with North London Branch 26 th March 2014 – BCS HQ London.

Green Praxis A Sceptics Take BCS Elite and Green ICT SGs Joint event with North London Branch 26 th March 2014 – BCS HQ London.

BCS RANKINGS

BCS RANKINGS

Green, Lean & Mean? Green IT in the real world of 2014 BCS Elite and Green ICT SGs Joint event with North London Branch 26 th March 2014 – BCS HQ London.

Green, Lean & Mean? Green IT in the real world of 2014 BCS Elite and Green ICT SGs Joint event with North London Branch 26 th March 2014 – BCS HQ London.

BCS Syllabus

BCS Syllabus