Top Banner
22

You’re the IT Heroes

Feb 23, 2016

Download

Documents

aderyn

You’re the IT Heroes. John Craddock [email protected]. When All Fails. The Heroes. Who Do We Blame?. Microsoft !. But is that fair Today?. NO. We can build systems that are truly reliable. What Does It Take?. Governance Knowing what we have - PowerPoint PPT Presentation
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: You’re the IT Heroes
Page 2: You’re the IT Heroes

You’re the IT HeroesJohn Craddock [email protected]

Page 3: You’re the IT Heroes

When All Fails

The Heroes

Page 4: You’re the IT Heroes

Who Do We Blame?

Microsoft !

Page 5: You’re the IT Heroes

We can build systems that are truly reliable

NO

But is that fair Today?

Page 6: You’re the IT Heroes

What Does It Take?• Governance• Knowing what we have• Well practised policies and procedures– Security, management and deployment

• Monitoring• Closing the loop• Budget

Page 7: You’re the IT Heroes

Governance

CXOs

IT ArchitecturalBoard

Security ReviewBoard

Defines how we operate

Ultimate decision on infrastructure changes

Rules for delegated administration

Teeth required! Interest required!

Business Requirements

Page 8: You’re the IT Heroes

Knowing What you’ve Got

If you don’t know what you’ve got you can’t protect it

Page 9: You’re the IT Heroes

If It All Fails• Make sure you can recover it– You must have well documented and tested

disaster recovery plans• Test them regularly• Make sure enough staff are trained

• Know when to invoke the plan

Page 10: You’re the IT Heroes

Change Control• Document all changes• Automate as many processes as you can• Test test test• You need a test and reference environment– Reference should “mirror” production and be

under change control

Page 11: You’re the IT Heroes

Updates

Updates are essential

Page 12: You’re the IT Heroes

Monitoring

Good monitoring and planned response

Stop an event turning into aDisaster

Page 13: You’re the IT Heroes

Closing the Loop

Page 14: You’re the IT Heroes

All Process Loops Must Close

Security PolicySecurity RiskManagement

Process

Identifies threats,risks and mitigations

Document Processes and

Procedures

What you say you do and

how you do it

Operations

What you really do

Statement of what you must do to

secure the environment

Page 15: You’re the IT Heroes

How do you get the budget?

Page 16: You’re the IT Heroes

You Need to Sell the Process• Talk to an asset owner: – “How much would it cost the company if the

sales agents could not work for a day”• $200,000 per day

• How long would it take your team to clean malware off all the sales computers?– 3 days– Loss: 3 x $200,000 = $600,000

• How much would it cost to instigate a security process that mitigated the risk?– Estimated 6 weeks for team, cost $50,000

Page 17: You’re the IT Heroes

What’s she after? Her smile’s too

big

Gooddocumentation

Money Please….

Currently we don’t have an effective security process. The chances of sales computers being compromised is high.

While we recover the systems the company will loose $600,000

If we had a good security management in process in place, the risks of being

compromised are low.Initial project costs estimated at $50,000

$600,000 vs $50,000 and of course it

could happen more than

once!

Oh, and if we lost the confidentiality of customer’s personal identity

information, YOU could end up in PRISON!

Page 18: You’re the IT Heroes

Some Great Tools

Incident Management

Operations Management

ConfigurationManagement

Change Management

Joining up the storyOrchestrationAutomationWorkflow

Page 19: You’re the IT Heroes

How Cool Is That?

Page 20: You’re the IT Heroes

Don’t be the fire-fighting Hero

Page 21: You’re the IT Heroes

Form the perfect orchestra

Be a Super Hero

Page 22: You’re the IT Heroes