MAY 30

General Do’s and Don’ts Related to Information Security and Data Privacy


All other Events(no CPF)




  30 May 2018 through 30 May 2018


  Online Event

Website URL:

Sponsoring organization:

  Training Doyens


  Business > Information-Technology

Cloud tags:

Event description:

OVERVIEW This training program will prepare your organization to understand the need for information security and data privacy, steps that can be taken to institute or augment your data security policies/procedures, and the implementation of the needed controls. This webinar will introduce attendees to a set of known and respected best practice data security standards that can be employed by your organization to improve your security. Attendees will walk away with ideas to leverage the curriculum with their existing security infrastructure. WHY SHOULD YOU ATTEND Information security and data privacy have become an important area for all enterprises. All organizations have sensitive data that requires protection. This data may be proprietary or private company data, product data, employee data, customer data or any data considered sensitive by your organization. In the face of data loss or compromise, potential liability for all organizations is significant. Taking steps to protect data has become mandatory for all businesses and governmental entities. Federal, state and local jurisdictions have taken notice of the potential negative effect caused by the loss of data on individuals and companies. In some cases, legislation has passed requiring companies that have been compromised to notify all effected individuals and entities. This webinar targets recommended DO’s that your organization should consider when implementing or augmenting data security and privacy policies, procedures and controls. It will also discuss some definite DON’Ts of information security. Both electronic and physical issues will be addressed.Data security best practices will be discussed. The program will provide a list of data security standards that your organization can review and use as a guide when developing your organization’s data security program. AREAS COVERED • Policies, Procedures and Controls that govern Information Security and Data Privacy Implementing and maintaining a set of written policies and procedures results in a comprehensive approach to data privacy and information security. The importance of these controls is stressed. The need for the identification of all of your organization’s system components including network devices/appliances, servers, computing devices, storage devices, data bases and applications will be stressed. Identify your organization’s sensitive, critical data that must be protected. The level of protection is proportional to the relative importance and sensitivity of the data. • Safety and Security of Networks Identify and implement all necessary security controls. Ensure that security policies and operational procedures for protecting stored sensitive, critical data are documented, in use, and known to all affected parties. • Monitoring security controls continuously Track and monitor all accesses to network resources and sensitive, critical data on a daily basis. Implementation of audit trails and logs that are secure against alteration. • Authentication Implement controls that ensure that your organization’s critical data can only be accessed by authorizedpersonnel, systems and processes. Access to your critical data must be limited based on need to know and job responsibilities. • Controlling Use of Company Resources Implementation of controls for physical and electronic access to your organization’s physical plant and physical/electronic access to your organization’s network(s) • Software Development Life Cycle Develop internal and external software applications (including web-based administrative access to applications) securely in accordance with industry security standards and/or best practices adopted by your organization as policy and incorporating information security throughout the software-development life cycle • Incident Reporting as part of a BRP Your Incident Response Plan (IRP) should be an integral part of your Business Resumption Plan (BRP). It is a 4 step process: Observation, Orientation, Decision and Action • Potential Disciplinary Actions A discussion of the U.S. laws that affect your organization’s potential liability for data loss. Includes a set of federal, state and payment network regulations that could affect your organization should a compromise occur. • Data security standards that your organization may want to consult. A list of data security standards that will prove useful to your organization. LEARNING OBJECTIVES Become familiar with the Do’s and Don’ts of Data Security WHO WILL BENEFIT • Executive positions • Compliance Management • Risk Management • Vendor management • Data security • Network administration • Data base administration • Vendor management • Point of sale development • Software development • Retail business owners • All organizations, public or private, that need to protect sensitive data and networks • Merchants, both face-to-face and on-line • Third party payment processors • Any business accepting payment cards (e.g. credit cards, payment cards, loyalty cards, etc.) • Financial institutions such as credit unions and community banks • Municipalities and other governmental entities • Business ownership groups • Non Profit Organizations For more detail please click on this below link: Email: Toll Free: +1-888-300-8494 Tel: +1-720-996-1616 Fax: +1-888-909-1882

Posting date:

26 April 2018
views | 1 subscribers | Be the first to rate this event


Not-featured (How do I make my event featured?)