.jpg?MOD=AJPERES&CACHEID=7f2841004c54b970b19cf5c5aa157cdc)
John David Hunt
Yo.
Olympic Sized Data Security
first some words....
ConvergeSE
Volunteer
web Design Conference
We'll discuss
Project Manager Leadership -
Project Manager’s Role and Influence
Project Manager’s Ethical Behavior
Impacts on Individuals -
Impacts on Organizations -
IT and Computer Industry-related Ethics -
International And Cultural Issues -
Other Topics
Article on PMI site
A Rick-Based Approach to Planning and Implementing an Information Security Program
by Michael Dean,PMP,CISA,CIA,CGAP,Director of Information Technology,GovSIG
The opening sentence reads:
The growth in the quantity of sensitive data collected and processed by public and private sector entities has moved information security to the forefront of public policy. Security breaches and system damage involving sensitive data can result in costs to recover data and ensure that it is not used for illegitimate purposes.
What are some Main concerns?
-
Identity Theft
-
Predisposed judgement due to otherwise confidential information
HOw to Protect Yourself and your company?
Laws
US
The USA makes laws that are reactive in nature.
Their laws make a sort of patchwork of 'bandaid' solutions.
Their laws make a sort of patchwork of 'bandaid' solutions.
(HIPPA)
Euro
The European Union enacts laws that are preventative in Nature
-
Eurpoean-GLBA : (financial data secure)
-
Sarbanes-Oxley SOX : How effective their plan is
US has lower standards and Euro only allowed on case by base basis to transfer data
As a project manager part of your job is to
Implement a System of Controls
In other words Have a Real Plan
What puts us at risk?
-Outside Risk
Social engineering
Malware
Viruses
Hack Attacks
-Inside Risk
Theft of Mobile Devices
Sabotage
Fraud
Negligence
Errors
"Failure to adhere to established policies"
Q
What are some other threats not listed here?
-Outside Risk
Social engineering
Malware
Viruses
Hack Attacks
-Inside Risk
Theft of Mobile Devices
Sabotage
Fraud
Negliegence
Errors
"Failure to adhere to established policies"
WHAT COULD BE CONSIDERED EITHER/BOTH AN INSIDE/EXTERNAL THREAT?
-Outside Risk Social engineering Malware Viruses Hack Attacks -Inside Risk Theft of Mobile Devices Sabotage Fraud Negliegence Errors "Failure to adhere to established policies"
Have you seen this happen?
What is risk?
-PMBOK says:
risk="an uncertain event or condition that, if it occurs, has a positive or negative effect on a project's objectives' "
Risk= (Probability of a loss) X (Consequence of a loss)
What would be a system with potential high risks?
What would be a system with potential high risks?
-
-bank account numbers
-
-social security numbers
-
-the secret moves of Chuck Norris
-
-medical records
-
-ok not really Chuck Norris
So what do I do?
Plan, Develop and Implement Technical Solutions
Have a Real Plan
Case Study:Failure
Sochi:
Privacy may be lacking, but network connectivity and digital surveillance are not.
"Forget its hotels, Sochi’s tech has been up for the Olympic challenge ...Privacy may be lacking, but network connectivity and digital surveillance are not."
--article by Nick Shchetko published on site of arstechnica
From TECHNOLOGY LAB / INFORMATION TECHNOLOGY
Sochi: Olympics & Info TeCh
What happened in Sochi?
GOT ANY STORIES?
The Tech side of things...
Wi-Fi at all the venues is free, but you have to log in with personal credentials.
Sorm:
RUSSIA'S 'PRISM' OR 'NSA'
Russia 'protected by': A nationwide system of lawful interception of electronic communications, so-called SORM (System for Operative and Investigative Activities)
“It is important that attendees understand communications while at the Games should not be considered private,”--United States Computer Emergency Readiness Team, part of the Department of Homeland Security.
cell carriers tracking
3,500 cameras
RFID Spectator Pass
Considering the presentation from Gerry Gepner and this info what could this mean for our future ?
what the VibraImage?
what the VibraImage?
" swiftly decides, based on the tiny micro-movements of humans’ bodies, who from the crowd at a checkpoint might be agitated or potentially dangerous."
what the?
a picture
thoughts?
Big Numbers Big DATA
So how many people were attending the Sochi Olympics
a few hundred thousand (more than live in Columbia)
How many watched from somewhere on earth?
Over 3 billion almost half worlds' population
Network Administrator: on steroids
Would you take the job?
11 total competition venues
3 olympic villages
2 media centers
Title
Title
Random Stats
Cell provider, a contract "there can be only 1" it's Megafon
Atos It solutions for Olympics last 30 years
Worth it?
considering:
- extra costs (roaming charges)
- monopoly type contracts
- -100% privacy (that's a negative number)
- experience,
- backup alternative solutions
- high speed throughput (phone/internet)
- free wifi
Was it better to have the extra technology there or not?
-
What is risk?
-
What would be a system with potential high risks?
-
What could be considered either/both an inside/external threat or risk to data information security?
-
What would be a system with potential high risks?
-
Considering the info from Gerry Gepner Spectator Passes info what could this mean for our future?
- Olympic Network Administrator would you take the job?
- considering: extra costs (roaming charges), monoply type contracts, -100% privacy,experience, backup alternative solutions, high speed throughput (phone/internet), free wifi Was it better to have the extra tehcnology there or not?
- Why do you think some systems and organizations are moving away from the US?
Ethics in iIT
By John David Hunt
Ethics in iIT
An overview of articles about Ethics in the world focusing on Information Technology. This is also a homework assignment for ITECH564 at USC
