7th Stage (Security) of IS growth, Part II

/0 Comments/in , , , , /by

A little background:

Now that you’ve been in the CIO’s position for your first quarter, it is time to prepare for your first review with the board of directors.  The agenda for the IS presentation will cover key factors that you discovered in your operations, your accomplishments and your plans for the next year.  Since this is the quarter for your next year’s budget, it should contain the funding needed to accomplish the IS plan.

One of the key factors in the review of your operations was discovering the lack of security focus and non-compliance issues that made the operations vulnerable to unwanted intrusion in your network.  Listed in your accomplishments is the Security Assessment study and recommendations provided by PathMaker Group when you engaged them for a study of your IS environment.  One of their recommendations was to deploy IBM’s Security products for managing Identify and Application Access in your enterprise network.  This is an important undertaking as your company will replace the outdated security monitoring with IBM’s Showcase Solution to keep unwanted intruders out while making it easier for the authorized users to have easy access to their applications.  As a result of PathMaker Group’s findings and recommendations, you asked them to submit a proposal for the corrective solution using IBM Security Products and PMG Professional Services to deploy them in your IS Network.

This section of your review was very well received by the board of directors and they gave you the approval to get started.

Read more

TDI Null Entries

/0 Comments/in , , , /by

Tivoli Directory Integrator is a powerful tool that we often use as part of an ITIM migration or rollout. What makes it great is its unique ability to translate data from one source of almost any type into another. It really doesn’t matter if you’re using something as a primitive XLS maintained manually by HR or a complex set of relational databases. TDI can get the data, do any number of out of the box or even custom translations that are necessary to get your data into the form you want it.

Through this data “smoothing” process there will inevitably be some odd-ball data that you find. Whether it is a random string value when you expected a Boolean true/false or a legacy attribute that’s only assigned to 25% of the objects you’re migrating.

And then there’s the “null” entry, which will come up often as well. Null values are pesky because we don’t always know why they’re there, sometimes it’s important that the attribute is moved over whether there is a value assigned or not. Other times we want to clean up our data while we’re moving it, and pull out all any attributes assigned with no value. Luckily for us, TDI has a feature built in to assist with this. Read more

Dallas PCI Event – April 9th

/0 Comments/in , , /by

Best Practices for Protecting Payment Card Data (PCI) to help ensure compliance and reduce risk.
IBM
PMG

Event Overview

News headlines about the increasing frequency of stolen information and identity theft have focused awareness on data security and privacy breaches—and their consequences.

Payment card use is widespread today.  Along with growing global use, the industry has experienced a troubling increase in incidents of financial fraud. In response, the leading  payment card companies
worked together to develop a set of technical and operational requirements designed to protect cardholder data, commonly referred to as PCI DSS (Payment Card Industry Data Security Standard).

Recent high profile data thefts, along with industry statistics, indicate significant work remains to be done in most organizations to implement PCI DSS.

Topics to be covered:

•Current trends, issues and concerns around sensitive data security
• PCI and the changing Threatscape
• Looking beyond the compliance checkbox
• The future of the PCI-DSS
• What can be done to harden defenses against the exploitation of privileged users, unauthorized access and information-related vulnerabilities
•How to create a centralized data security platform 

Date: April 9th, 2013
IBM Technology Exploration Center (TEC)
1503 LBJ Freeway (Luna and 635), 5th Floor
Dallas, TX 75234-6059
8:30am – 11:00am

Agenda:
8:30 am         Breakfast and Registration

8:45 am          Welcome and Introduction

9:00 am          Keynote – Christian Nielsen, Pathmaker

10:00 am        Keynote – Michael Murphy, IBM

11:00 am        Closing Remarks

Christian Nielsen, Ph.D., PCI-QSACN

PathMaker Group

Christian has over 30 years of experience in security and networking technology. He has earned advanced degrees in Information Systems while staying active in the corporate world. In addition to his corporate career, Christian is training the next generation of master’s degree students in cyber security. Over the last several years, he has worked to assist business clients prevent and remediate the many security and compliance challenges they face.

MMMichael Murphy

Worldwide Solution Architect
Data Governance Center of Excellence
IBM

Mike Murphy is a Worldwide Solution Architect for the Data Governance Center of Excellence specializing in  real-time database protection solutions for reducing risk, simplifying compliance and lowering audit costs.
Over the last six years, Mike has worked with hundreds of customers conducting risk assessments and proposing technology solutions to protect against data breaches, and to ensure adherence to regulatory data protection standards such as HIPAA HITECH, PCI-DSS & SOX 404.

RSVP to rachel.armstrong@pathmaker-group.com or 817-704-3644