Building secure digital services

12
BUILDING SECURE DIGITAL SERVICES Manchester, 22nd October Dave Beesley Technical Director NetDef

Transcript of Building secure digital services

Page 1: Building secure digital services

BUILDING SECURE DIGITAL SERVICES

Manchester, 22nd October

Dave BeesleyTechnical DirectorNetDef

Page 2: Building secure digital services

Agenda

Evaluating IT infrastructure and processes to meet the needs of a rapidly changing sector.

Planning a robust infrastructure on which to build secure digital services.

Answering the security questions posed by regulatory compliance requirements.

Page 3: Building secure digital services

What are digital services?

External Internal

• Digital inclusion solutions• Rent payments• Access to tenant facilities• Telemedicine

• CRM solutions for tenant management

• Agile working systems• Data sharing amongst

apps

Page 4: Building secure digital services

× Access× Skills × Motivation× Trust

Over a third of these are in social housing

Why?

Digital Exclusion

~20% of population not using digital services

Page 5: Building secure digital services

Security considerations

• Tenants feeling unsafe online/cyber-crime• Mitigated by training/help with getting online

• https://www.cyberstreetwise.com/• https://www.getsafeonline.org/

• Mitigated by technology• Gateway level security software• Access to security software

• Potential reputational damage• Tenants accessing illegal material

• AUP and monitoring/controls

• Cost of implementation of security• Assurance/testing/compliance/management

https://www.cyberstreetwise.com/
https://www.getsafeonline.org/
Page 6: Building secure digital services

Current IT Infrastructure

What does the business require?

• SLAs• Capacity

How are projects developed with the

business?

Cyber risk on corporate risk

register?

Business continuity and disaster recovery

plans?

Evaluation & asset management

Page 7: Building secure digital services

Planning for future developments

Agility & flexibility of infrastructure

Speed of execution for new projects

Cloud versus on-premise or hybrid

Security considerations

baked into projects Saves money Reduces risk

Page 8: Building secure digital services

Compliance considerations

Testing/assurance Safe Harbour EU ruling – important for cloud

PCI/Data Protection/ISO27001

Ensuring reputational integrity

Which standards are relevant? Who to turn to for advice?

Page 9: Building secure digital services

Our approach

Prevent

Detect

Respond

Page 10: Building secure digital services

NetDef projects

Regenda Group • Disaster Recovery

and Business Continuity Strategy

Guinness Partnership • Security

infrastructure Auditing Services

NDA• Security Auditing for

Compliance

Recent examples of consultancy work in housing associations

Page 11: Building secure digital services

Your to do list

Security risk assessment – risk register

Capacity planning and/or evaluation of future needs

Testing/security assessment for compliance

Business continuity and disaster recovery planning

Asset Management

Page 12: Building secure digital services

Thank you

Dave Beesley, Managing Director, NetDef


Building Secure Software - Universitetet i Bergenkhalid/INF329-H05/INF329-kursmaterial/inf...Slide 1 of 23 Building Secure Software Building Secure Software How to Avoid Security Problems

Building Secure Software - Universitetet i Bergenkhalid/INF329-H05/INF329-kursmaterial/inf...Slide 1 of 23 Building Secure Software Building Secure Software How to Avoid Security Problems

Secure Digital Ltd Catalog

Secure Digital Ltd Catalog

Building Extensible and Secure Networks

Building Extensible and Secure Networks

Building Secure Web Applications

Building Secure Web Applications

Secure Digital Card Specification

Secure Digital Card Specification

SanDisk Secure Digital Card

SanDisk Secure Digital Card

TOWARDS SECURE BUILDINGS TODAYAND BUILDING A SECURE …

TOWARDS SECURE BUILDINGS TODAYAND BUILDING A SECURE …

Building secure NoSQL applications nosqlnow_conf_2014

Building secure NoSQL applications nosqlnow_conf_2014

Towards Building Secure Web Mashups

Towards Building Secure Web Mashups

Building Secure Server

Building Secure Server

Building a Secure and Inclusive Global Financial … 2017 BROOKINGS FINANCIAL AND DIGITAL INCLUSION PROJECT REPORT Building a Secure and Inclusive Global Financial Ecosystem BY ROBIN

Building a Secure and Inclusive Global Financial … 2017 BROOKINGS FINANCIAL AND DIGITAL INCLUSION PROJECT REPORT Building a Secure and Inclusive Global Financial Ecosystem BY ROBIN

Building secure and_reliable_network_applications

Building secure and_reliable_network_applications

Building Secure OSGi Applications

Building Secure OSGi Applications

Building Secure Wireless LAN

Building Secure Wireless LAN

Building Secure Wireless LAN - Aerohive

Building Secure Wireless LAN - Aerohive

Secure Digital Payments - CEGA

Secure Digital Payments - CEGA

Building Canada’s digital identity Future - DIACC · future absolutely depends on developing a reliable, secure, scalable, privacy enhancing and convenient solution for digital

Building Canada’s digital identity Future - DIACC · future absolutely depends on developing a reliable, secure, scalable, privacy enhancing and convenient solution for digital

h8082 Building Secure Sans Tb

h8082 Building Secure Sans Tb

Building a Secure Energy Future

Building a Secure Energy Future

Building secure android apps

Building secure android apps