Building secure digital services
-
Upload
netdef -
Category
Technology
-
view
254 -
download
7
Transcript of Building secure digital services
BUILDING SECURE DIGITAL SERVICES
Manchester, 22nd October
Dave BeesleyTechnical DirectorNetDef
Agenda
Evaluating IT infrastructure and processes to meet the needs of a rapidly changing sector.
Planning a robust infrastructure on which to build secure digital services.
Answering the security questions posed by regulatory compliance requirements.
What are digital services?
External Internal
• Digital inclusion solutions• Rent payments• Access to tenant facilities• Telemedicine
• CRM solutions for tenant management
• Agile working systems• Data sharing amongst
apps
× Access× Skills × Motivation× Trust
Over a third of these are in social housing
Why?
Digital Exclusion
~20% of population not using digital services
Security considerations
• Tenants feeling unsafe online/cyber-crime• Mitigated by training/help with getting online
• https://www.cyberstreetwise.com/• https://www.getsafeonline.org/
• Mitigated by technology• Gateway level security software• Access to security software
• Potential reputational damage• Tenants accessing illegal material
• AUP and monitoring/controls
• Cost of implementation of security• Assurance/testing/compliance/management
Current IT Infrastructure
What does the business require?
• SLAs• Capacity
How are projects developed with the
business?
Cyber risk on corporate risk
register?
Business continuity and disaster recovery
plans?
Evaluation & asset management
Planning for future developments
Agility & flexibility of infrastructure
Speed of execution for new projects
Cloud versus on-premise or hybrid
Security considerations
baked into projects Saves money Reduces risk
Compliance considerations
Testing/assurance Safe Harbour EU ruling – important for cloud
PCI/Data Protection/ISO27001
Ensuring reputational integrity
Which standards are relevant? Who to turn to for advice?
Our approach
Prevent
Detect
Respond
NetDef projects
Regenda Group • Disaster Recovery
and Business Continuity Strategy
Guinness Partnership • Security
infrastructure Auditing Services
NDA• Security Auditing for
Compliance
Recent examples of consultancy work in housing associations
Your to do list
Security risk assessment – risk register
Capacity planning and/or evaluation of future needs
Testing/security assessment for compliance
Business continuity and disaster recovery planning
Asset Management
Thank you
Dave Beesley, Managing Director, NetDef