ICT as Tool of Compliance - Glue Up
Transcript of ICT as Tool of Compliance - Glue Up
![Page 1: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/1.jpg)
ICT as Tool of Compliance
![Page 2: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/2.jpg)
![Page 3: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/3.jpg)
Business Units
IT Networks • Hardware -‐ Enterprise network routers, switches, and WiFi APs • High Availability Networks • Security Infrastructure • IT Security Management • CCTV • Voice Over IP / IP-‐PBX Systems
![Page 4: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/4.jpg)
Business Units
IT Solu3ons • Enterprise Resource Planning (ERP) • Localized Human Resource InformaQon System (HRIS) • Custom Business ApplicaQons • Website and Web ApplicaQons • Mobile ApplicaQons
![Page 5: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/5.jpg)
Business Units
IT and Business Services • IT Process Outsourcing • MIS ConsulQng • Security SoluQons Special Projects • Data Privacy Act ConQnuing Compliance
![Page 6: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/6.jpg)
Data Privacy Act of the Philippines
AWB Objec3ve is to increase DPA Compliance • Awareness
• DPA Roadshow Events naQonwide • SimplificaQon
• One team with legal, process, and IT experts • Unified Knowledge Base
• Lowest Cost of ImplementaQon • Packaged Legal and IT Services, e.g. PIA, DPO Advisory • Lowest SoYware Cost
![Page 7: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/7.jpg)
DPA Technology Mapping
![Page 8: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/8.jpg)
Data Leakage and Loss Preven3on (DLP)
Data loss prevenQon soYware detects potenQal data breaches/data ex-‐filtraQon transmissions and prevents them by monitoring, detecQng and blocking sensiQve data while in-‐use (endpoint acQons), in-‐moQon (network traffic), and at-‐rest (data storage)
IT Services
![Page 9: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/9.jpg)
Encryp3on
EncrypQon is the process of encoding a message or informaQon in such a way that only authorized parQes can access it and those who are not authorized cannot
IT Services
![Page 10: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/10.jpg)
IT Services
Firewall
In compuQng, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted internal network and untrusted external network, such as the Internet
![Page 11: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/11.jpg)
IT Services
Intrusion Preven3on System
An Intrusion PrevenQon System (IPS) is a network security/threat prevenQon technology that examines network traffic flows to detect and prevent vulnerability exploits.
![Page 12: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/12.jpg)
IT Services
Mul3-‐Factor Authen3ca3on
MulQ-‐Factor AuthenQcaQon (MFA) is a security system that requires more than one method of authenQcaQon from independent categories of credenQals to verify the user's idenQty for a login or other transacQon
![Page 13: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/13.jpg)
IT Services
Applica3on-‐Whitelis3ng
The technologies used to enforce applicaQon whitelists—to control which applicaQons are permi_ed to be installed or executed on a host—are called whitelisQng programs, applicaQon control programs, or applicaQon whitelisQng technologies.
![Page 14: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/14.jpg)
IT Services
Mobile Device Management
Mobile device management (MDM) is an industry term for the administraQon of mobile devices, such as smartphones, tablet computers, laptops and desktop computers. MDM is usually implemented with the use of a third party product that has management features for parQcular vendors of mobile devices
![Page 15: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/15.jpg)
IT Services
Access Control
In the fields of physical security and informaQon security, access control (AC) is the selecQve restricQon of access to a place or other resource. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorizaQon.
![Page 16: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/16.jpg)
IT Services
Vulnerability Management
Vulnerability management is a pro-‐acQve approach to managing network security. It includes processes for IdenQfying vulnerabiliQes and patching/fixing vulnerabiliQes
![Page 17: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/17.jpg)
IT Services
Security Informa3on & Event Manager (SIEM)
Security incident and event management (SIEM) is the process of idenQfying, monitoring, recording and analyzing security events or incidents within a real-‐Qme IT environment. It provides a comprehensive and centralized view of the security scenario of an IT infrastructure. Security incident and event management is also known as security informaQon event management.
![Page 18: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/18.jpg)
IT Services
Data Center Security
Is a complete approach in securing the data center. Door Access, CCTV, Server hardening, firewalling, IPS etc.
![Page 19: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/19.jpg)
DPA Technology Mapping
![Page 20: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/20.jpg)
IT Services
§ Data Leakage and Loss Prevention (DLP) § Encryption (Endpoint/Email/URL) § Firewall / Web Filtering § Intrusion Prevention System § Multi-Factor Authentication § Server Hardening / Application White-listing
![Page 21: ICT as Tool of Compliance - Glue Up](https://reader034.fdocuments.in/reader034/viewer/2022042305/625b12c5a2f5185c641f2829/html5/thumbnails/21.jpg)
IT Services
§ Mobile Device Management § Access Control § Vulnerability Assessment § Patch Management § Security Information & Event Manager § Data Center Security