Description: Article from CIO.com for further discussion surrounding the topic of MDM. Organizations must understand that improving their data—and building the foundation for MDM—requires them to address internal disagreements and broken processes.
Staff must agree on exactly what constitutes a “customer” or a “partner,” and how to resolve any disagreements across business units. Departments and divisions need to agree on hierarchies of customers and products and how to resolve duplicate records across sources. Rather than a technology-focused effort, the project becomes one of political strategy and consensus building.
Source: Tony Fisher, CIO Magazine
- What are some of the universally applicable techniques for resolving disagreements within business units?
Description: Link to IT Security article. Hot links to articles on this slide that will extend/further explain concepts presented in the text.
What are some reason why employees fail to follow internal security policies & procedures? How might they be more motivated? Use incentives. Recognition of employees/business units for following policies, without security violations, secure ideas brought forward, etc.
Employees may believe they are too busy for the additional steps that may be required such as passwords, door entry, data authentication procedures, etc. It is important that employees be fully aware of risks & penalties; penalties should be enforced consistently.
Source: Cindy Waxer, IT Security
1. Do you recommend employee incentives?
2. Most big company security breaches originate from:
c. missing security patches
d. internal sources such as employees
3. Method to identify a person based on a biological feature:
b. access control
a. spread with human intervention
b. spread using networks to propagate
c. cannot spread via instant or text messages
d. none of the above
Description: In this article authors focus on 25 of the most common and easy to fix mistakes that people make when it comes to email security. The article is designed with the new internet user in mind, so if someone is an email expert, they may want to pass this along to their more novice friends
This article provides good support for discussion of guarding against external threats and the dissemination through internal sources.
Source: Info Security
- Brainstorm guarding against email threats to develop some best practice tips.
Description: Positive security, in which it whitelists everything from entire applications down to specific functions before allowing access, sounds extreme. Unfortunately, the desktop environments we know and love prioritize ease of use over security, and we’re all feeling the pain: More than half of respondents to our 2008 InformationWeek Analytics Strategic Security poll have been hit by a virus this year, and nearly 30% have been attacked through OS vulnerabilities.
Source: Jordan Wienes, InfoWeek
Description: From ordering to manufacturing to inventory control, Mary Kay enjoys new visibility
Source: Richard Gincel, InforWorld
Description: Foundational information about how firewalls work.
Source: Jeff Tyson, How Stuff Works
- How effective are firewalls?
Description: The U.S. Army enlists new virtual world video game to teach soldiers interpersonal skills and cultural awareness for combat environments like Iraq and Afghanistan.
Source: Chris Gonsalves, Baseline
Description: In 2008, the average number of security breaches increased slightly from previous years. Although the number of security breaches remained moderate over the last few years, the data indicates the severity levels have increased. This suggests many organizations have made significant progress in dealing with security issues, but the number and types of threats have increased in step. The most significant costs of security breaches remains the overall impact on employee productivity. About one-third of U.S. respondents cite lost productivity as the top consequence of a breach, followed by a disruption of revenue-generating activities. The primary cause for the most severe security breaches remains unintentional in nature and typically caused by human error. This demonstrates a need for more employee trainings and deeper knowledge of technology functions.
- Forced compliance is always more costly than willing. Why then do so many companies take a reactive rather than proactive stance?
Description: Graphical display of top IT issues for CIOs and IT Directors.
Source: Peter Thomas
1. CIOs who have a more strategic role are more successful in what core strategic activities? Why are these critical success factors?
2. Oversees the IT division typically:
d. It depends
3. To whom the CIO reports within the organization structure is critical because it determines decision making authority & autonomy:
a. C-suite shares highest level of strategy setting importance
b. Seen as strategic weapon if reporting to CEO
c. Cost cutting center will likely report to CFO
d. All of the above are correct
e. None of the above are correct
4. IT governance is a critical success factor:
a. To achieving overall strategic goals of the organization
b. For few organizations of small to mid-size
c. Within IT only
d. None of the above
Description: Article with definitions of a hacker’s language important to internal security.
Source: Andrew Brandt, PC World
- Do you believe that known hackers should be employed within organizations as security “officers” or gurus of security?