Professional Documents
Culture Documents
Bob Tarzey,
Service Director
Quocirca Ltd
1980s
Print and fax
FTP
Corporate IT Firewall
Email
Web
IM
Social networks/
virtual worlds
2009
Percentage saying external users are
provided access to internal systems
Finance
Utility
Telecomms and Media
Public Sector
Retail
Industrial
Healthcare
Contractors Partners Suppliers Customers
Overall
Utility
Telecomms and Media
Finance
Industrial
Public Sector
Healthcare
Retail
> 75% 51%-75% 25%-50% <25%
Agenda
Employee oversight
Manager approved
Malicious
Other
Desire to
trust
Need to
provide Weak
access policy
Deny
Avoid bad
press
Definitely
Probably
Possibly
No
Don't know
Direct Indirect
Fines Reputation
Disclosure Customer loss
Asset loss Share price
National government
Data privacy
National security
Industry specific
EU
International trading
Environmental
Securities trading
Axis: 5 = will
Credit card handling
increase a lot to 1 =
Financial transparency will decrease a lot
Health care
2 2.5 3 3.5
Policy should:
1. Define how data is used
2. Aim to prevent breaches
3. Detail how breaches are handled
4. Be reviewed date in light off
• New technology
• New legislation
• New business processes
Print Blogs
USB SMTP
Policy
FTP Web 2.0
Security
People
Content
Network
Time
© 2009 Quocirca Ltd 22
Managing end-points
USB SMTP
Data loss
prevention
Telecoms &
Media
Finance
Government
Manufacturing
Limited budget
2 3 4
From Quocirca report, “Privileged user
management”, Oct 2009
Change in relative IT security spend
Manufacturing
Finance
Government
Thank you
Bob Tarzey
Quocirca
www.quocirca.com