Overview

This seminar will provide current information on the increased concerns for Privacy and explore responsibilities, methods and technologies to ensure privacy as it relates to confidentiality and integrity of corporate and personal information. Securing corporate information assets will be discussed while focusing on the audit implications of security assurance within a networked environment. We will review all areas of the Information Technology environment and the associated security risks and audit techniques for each area.

This seminar will include multiple hands-on demonstrations of Privacy and Security related information gathering technologies and hacking techniques to gain privileged access to business information systems that may contain Personally Identifiable Information (PII).

Objectives

· Understand current Privacy Issues and regulations affecting corporate Privacy policy
· Review Privacy/Confidentiality as it affects today's connected networks
· Identify critical security devices and understand the audit processes to ensure proper security
· Understand the network architectures and devices as it relates to security and audit
· Identify five immediate steps to review for corporate privacy compliance and appropriate security assurance for corporate assets.

Data Privacy

Introduction

Privacy - the Hype and The Realities
· Current State of Privacy
· Data Aggregation
· Privacy Examples

Privacy Expectations - Employees/Customers
· Communications - Email, Voice, Chat
· Personal Information
· Third Party Access

Privacy Expectations - Business Management
· Communications - Email, Voice, Chat
· Personal Information
· Third Party Access

Privacy Law and Regulations
· Health Insurance Portability and Accountability Act (HIPPA)
· Gramm-Leach-Bliley Act (GLBA)
· Federal Trade Commission (FTC)
· Federal Regulation
· State Regulation
· International Issues

Privacy Policies
· What's Required
· Writing a Policy - The Good, The Bad, Examples
· Ensuring Compliance

Future of Privacy
· Certifications/Privacy Seals
· Technologies
· Legislation

Providing Confidentiality and Integrity in Today's Networks

Security Overview
· Legal Regulations and Requirements
· The Realities of Security
· Security in the News

Risk Assessment

Providing a Security Template - Security Policy

Security Architecture Definition

Security Testing & Validation
· Penetration Testing
· Third Party Validation

Securing the Perimeter
· Security by Obscurity
· Routers
· Gateways
· Firewalls

Securing Protocols

Securing Network Infrastructure
· Routers
· Switches
· Gateways
· WAN

Authentication & Authorization
· Banners
· Passwords
· Strong Authentication
· Biometrics
· PKI

Securing the Data - Encryption

Secure Distributed Access
· B2B
· Traveling Clients
· Broadband Clients (DSL and Cable Modem)
· Virtual Private Networks

Application Security
· Development
· WEB
· Database
· Email
· Application Data Flow

Content and Liability Management
· To Control or Not?
· Legal Issues

Security Management
· Intrusion Detection
· System Hardening
· Monitoring and Response
· Ensuring Policy Compliance
· Documentation

Business Continuity and Disaster Plan

Auditing Privacy and Security - Review

The Auditor and Security
· What to Audit
· How to Audit
· Techniques
· Tools

Audit Services is registered with the National Association of State Boards of Accountancy (NASBA), as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be addressed to the National Registry of CPE Sponsors, 150 Fourth Avenue North, Suite 700, Nashville, TN 37219-2417. Web site: www.nasba.org (For our Seminar Administrative Policies, click here)

(NASBA related information):
Course Level: Basic; Prerequisite: None; CPE credit: 7 hours/day; Instructional Method: Live

To Register, contact us via email, telephone, fax
or mail (information provided below)




Contact Us /Home/ About Us/ Services /Newsletter /Links
IT Audit/ Training/ Construction/ Risk/ CIA /Peer Review

Audit Services ^Tel:615-790-9858 ^Fax: 209-797-7983 ^{PO Box} 681387, Franklin, TN 37068