presents
"Data Privacy - Information Security Seminar"
(New IT Audit Seminar)
SEMINAR OUTLINE
Overview
This seminar will provide current information on the increased concerns for Privacy and explore responsibilities, methods and technologies to ensure privacy as it relates to confidentiality and integrity of corporate and personal information. Securing corporate information assets will be discussed while focusing on the audit implications of security assurance within a networked environment. We will review all areas of the Information Technology environment and the associated security risks and audit techniques for each area.
This seminar will include multiple hands-on demonstrations of Privacy and Security related information gathering technologies and hacking techniques to gain privileged access to business information systems that may contain Personally Identifiable Information (PII).
Objectives
· Understand current Privacy Issues and regulations affecting corporate Privacy policy
· Review Privacy/Confidentiality as it affects today's connected networks
· Identify critical security devices and understand the audit processes to ensure proper security
· Understand the network architectures and devices as it relates to security and audit
· Identify five immediate steps to review for corporate privacy compliance and appropriate security assurance for corporate assets.
Data Privacy
Introduction
Privacy - the Hype and The Realities
· Current State of Privacy
· Data Aggregation
· Privacy Examples
Privacy Expectations - Employees/Customers
· Communications - Email, Voice, Chat
· Personal Information
· Third Party Access
Privacy Expectations - Business Management
· Communications - Email, Voice, Chat
· Personal Information
· Third Party Access
Privacy Law and Regulations
· Health Insurance Portability and Accountability Act (HIPPA)
· Gramm-Leach-Bliley Act (GLBA)
· Federal Trade Commission (FTC)
· Federal Regulation
· State Regulation
· International Issues
Privacy Policies
· What's Required
· Writing a Policy - The Good, The Bad, Examples
· Ensuring Compliance
Future of Privacy
· Certifications/Privacy Seals
· Technologies
· Legislation
Providing Confidentiality and Integrity in Today's Networks
Security Overview
· Legal Regulations and Requirements
· The Realities of Security
· Security in the News
Risk Assessment
Providing a Security Template - Security Policy
Security Architecture Definition
Security Testing & Validation
· Penetration Testing
· Third Party Validation
Securing the Perimeter
· Security by Obscurity
· Routers
· Gateways
· Firewalls
Securing Protocols
Securing Network Infrastructure
· Routers
· Switches
· Gateways
· WAN
Authentication & Authorization
· Banners
· Passwords
· Strong Authentication
· Biometrics
· PKI
Securing the Data - Encryption
Secure Distributed Access
· B2B
· Traveling Clients
· Broadband Clients (DSL and Cable Modem)
· Virtual Private Networks
Application Security
· Development
· WEB
· Database
· Email
· Application Data Flow
Content and Liability Management
· To Control or Not?
· Legal Issues
Security Management
· Intrusion Detection
· System Hardening
· Monitoring and Response
· Ensuring Policy Compliance
· Documentation
Business Continuity and Disaster Plan
Auditing Privacy and Security - Review
The Auditor and Security
· What to Audit
· How to Audit
· Techniques
· Tools
Audit Services is registered with the National Association of State Boards of Accountancy
(NASBA), as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be addressed to the National Registry of CPE Sponsors, 150 Fourth Avenue North,
Suite 700, Nashville, TN 37219-2417. Web site: www.nasba.org
(For our Seminar Administrative Policies, click here)
(NASBA related information):
Course Level: Basic; Prerequisite: None; CPE credit: 7 hours/day;
Instructional Method: Live
To Register, contact us via email, telephone, fax
or mail (information provided below)
Contact Us
/Home/
About Us/
Services
/Newsletter
/Links
IT Audit/
Training/
Construction/
Risk/
CIA
/Peer Review
Audit Services Tel:615-790-9858 Fax: 209-797-7983 PO Box 681387, Franklin, TN 37068