Embed Size (px)
Citation preview
We build strong children strong families strong communities
Presented By:
Brad Lawrence
Kent Starling
Treasa McLean
Why Secure the Y?
Outline
Introduction
Background
Security Policy
Recommendations
Conclusion
Introduction
What is the YMCA?
What do they do?
When were they founded?
Background
Lake Wales YMCA 1001 Burns AveExercise Facilities Children CareLaura Motis Executive Director
Security Policy
Limited to nonexistent network security policy
Included in Employee Handbook
No true computer network setup
Member scantron system
Critical areas of concern
Loss of DataData SecurityEmployee Standards
EmployeeHandbook
Delete or Alter Files
Shredder for important papers
Limited Security on specified folders
Backup not secure
No data deletion/alteration monitoring
No digital deletion policy/software
Current Situation
Delete or Alter Files
Software application for digital deletion
Security set at Network Level
Standards for off-site backup storage
Software application – data modification
Digital copies of important documents
Recommendations
Take Pictures of Important Documents
No digital copies of sensitive documents
Cell phones restricted
7 authorized employees have Email Accts
CD Burners/USB ports unsecured
Current Situation
Take Pictures of Important Documents Recommendations
Digital pictures of important documents
Enhance cell phones restricted
Email account monitoring/policy
Limited CD burners/USB ports
Unauthorized Wireless AccessCurrent Situation
Wireless Internet
Executive Director
Verizon
Encrypted NO “freeloaders”
Unauthorized Wireless AccessRecommendations
Risk Management
Encryption
New Network System
Copying or DownloadingCurrent Situation
Child Care
Financial Department
Offsite Location
Data on Secure Computers
Copying or DownloadingRecommendations
Secure Offsite Location
Secure Computers
Log out of computers
Storage Room Security
User AccountsCurrent Situation
Unauthorized access
No password characteristics requirements
Password security
User AccountsRecommendations
Require passwords to be a minimum length
Keep passwords strictly confidential
Log off when leaving their workstation
Passwords should not be common words or phrases
Viruses, Worms, Trojan Horses,Blended ThreatsCurrent Situation
All internet sites accessible
No personal email restrictions
No restrictions relating to CD’s or disks from home
Viruses, Worms, Trojan Horses,Blended ThreatsRecommendations
Set policy regarding internet and email usage
Website restrictions
Completely restrict personal email
Limited network security
Critical areas of concern Loss of Data Data Security
Employee Security
New Network Security System
Expanded-detailed Security Policy
Conclusion
NetworkSecurityPolicy
Presented By:
Brad Lawrence - Kent Starling - Treasa McLean
Why Secure the Y . . .
To protect our children employeesmembers
and community
Andress, M. (2001, November 19). Effective security starts with policies, InfoWorld. Retrieved August 24, 2006, from http://search.ebscohost.com.
Avolio, F. (2000, March 20). Best practices in network security, Network Computing. Retrieved August 24, 2006, from http://www.networkcomputing.com.
Connolly, P. (2000, July 10). Security starts from within, InfoWorld. Retrieved August 24, 2006, from http://search.ebscohost.com.
Ellis, C. (2003, February). '7 steps' for network security: being prepared and knowledgeable is the best defense against hackers and data thieves - local area networks, Communications News. Retrieved August 24, 2006, from http://findarticles.com.
References
File & disk wipers. (n.d.). Winapplslist.com. Retrieved September 25, 2006, from http://www.winappslist.com/security/file_wipers1.htm.
Forcht, K. and Ayers, W. (2000/2001, Winter). Developing a computer security policy for organizational use and implementation, Journal of Computer Information Systems. Retrieved August 28, 2006, from http://search.ebscohost.com.
Gartenberg, M. (2002, June 24). Being tough, gentle with data security, Computerworld. Retrieved August 28, 2006, from http://search.ebscohost.com.
Hulme, G. (2001, Sept 3). Management takes notice, Information Week. Retrieved August 28, 2006, from http://search.ebscohost.com.
References
Kachapeswaran, A. (2006, May 8). Find more like this Microsoft touts a regimen for small-biz network security, Fort Worth Business Press. Retrieved on September 28, 2006, from http://search.ebscohost.com.
Karygiannis, T. and Owens, L. (n.d.). Wireless network security 802.11 Bluetooth and handheld devices, National Institute of Standards and Technology. Retrieved October 15, 2006, from http://csrc.nist.gov/publications.
MacAfee unveils 2006 consumer security software product line. (2005, October). Productivity Software. Retrieved on September 30, 2006, from http://search.ebscohost.com.
Palmer, M. (2001, May/June). Information security policy framework: best practices for security policy in the e-commerce age, Information Systems Security. Retrieved August 28, 2006, from http://search.ebscohost.com.
References
Securing your wireless network. (n.d.). Practically Networked. Retrieved October 15, 2006, from http://www.practicallynetworked.com.
The 60 minute network security guide. (2002, July 12). National Security Agency, United States of America. Retrieved September 25, 2006, from http://www.nsa.gov.
Using the internet downloading files. (2006, January 19). Sofweb. Retrieved October 15, 2006, from http://www.sofweb.vic.edu.
Viollis, P. and Kane, D. (2005, August 22). Risk control strategies viruses: the new weapon of choice for workplace violence offenders, Computer World.com. http://www.computerworld.com.
References
Wikipedia. (n.d.) Retrieved September 19, 2006, from http://en.wikipedia.org.
Wireless security recommendations for Rutgers. (2006, March 23). 2006 Rutgers. Retrieved October 15, 2006, from http://techdir.rutgers.edu/wireless.
Yasin, R. (2001, January 8). Policy Management Hits the Web, InternetWeek. Retrieved August 28, 2006, from http://search.ebscohost.com.
YMCA.net. (n.d.). Retrieved October 20, 2006, from http://www.ymca.net.
References
