BUILDING SECURE DIGITAL SERVICES Manchester, 22nd October Dave Beesley Technical Director NetDef
BUILDING SECURE DIGITAL SERVICES
Manchester, 22nd October
Dave BeesleyTechnical DirectorNetDef
Agenda
Evaluating IT infrastructure and processes to meet the needs of a rapidly changing sector.
Planning a robust infrastructure on which to build secure digital services.
Answering the security questions posed by regulatory compliance requirements.
What are digital services?
External Internal
• Digital inclusion solutions• Rent payments• Access to tenant facilities• Telemedicine
• CRM solutions for tenant management
• Agile working systems• Data sharing amongst
apps
× Access× Skills × Motivation× Trust
Over a third of these are in social housing
Why?
Digital Exclusion
~20% of population not using digital services
Security considerations
• Tenants feeling unsafe online/cyber-crime• Mitigated by training/help with getting online
• https://www.cyberstreetwise.com/• https://www.getsafeonline.org/
• Mitigated by technology• Gateway level security software• Access to security software
• Potential reputational damage• Tenants accessing illegal material
• AUP and monitoring/controls
• Cost of implementation of security• Assurance/testing/compliance/management
Current IT Infrastructure
What does the business require?
• SLAs• Capacity
How are projects developed with the
business?
Cyber risk on corporate risk
register?
Business continuity and disaster recovery
plans?
Evaluation & asset management
Planning for future developments
Agility & flexibility of infrastructure
Speed of execution for new projects
Cloud versus on-premise or hybrid
Security considerations
baked into projects Saves money Reduces risk
Compliance considerations
Testing/assurance Safe Harbour EU ruling – important for cloud
PCI/Data Protection/ISO27001
Ensuring reputational integrity
Which standards are relevant? Who to turn to for advice?
Our approach
Prevent
Detect
Respond
NetDef projects
Regenda Group • Disaster Recovery
and Business Continuity Strategy
Guinness Partnership • Security
infrastructure Auditing Services
NDA• Security Auditing for
Compliance
Recent examples of consultancy work in housing associations
Your to do list
Security risk assessment – risk register
Capacity planning and/or evaluation of future needs
Testing/security assessment for compliance
Business continuity and disaster recovery planning
Asset Management
Thank you
Dave Beesley, Managing Director, NetDef