basic data safety practices that can prevent malpractice claims & ethics violations
DESCRIPTION
Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations. Grant County Bar Association June 14, 2011 Kim J. Brand. President. Founder. 1. Threats vs Risks. 1. Threats vs Risks The ‘Bad’ things that can happen. vs. How much does it cost?. 1. Threats vs Risks - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/1.jpg)
Basic Data Safety PracticesThat Can PreventMalpractice Claims & Ethics Violations
Grant County Bar AssociationJune 14, 2011
Kim J. Brand
President Founder
![Page 2: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/2.jpg)
1. Threats vs Risks
![Page 3: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/3.jpg)
1. Threats vs Risks
The ‘Bad’ things that can happen.
vs.
How much does it cost?
![Page 4: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/4.jpg)
1. Threats vs Risks
2. Acts of God Acts of Violence Acts of Stupidity
![Page 5: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/5.jpg)
1. Threats vs Risks
2. Acts of God Acts of Violence Acts of Stupidity
3. Defenses:BackupsSystemsPoliciesTrainingAudits
![Page 6: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/6.jpg)
4. The ‘Backup’ Goals
Recovery Point Objective - RPORecovery Time Objective - RTOSaving the right stuffKeeping backups safe
![Page 7: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/7.jpg)
4. The ‘Backup’ Goals
Recovery Point Objective - RPORecovery Time Objective - RTOSaving the right stuffKeeping backups safe
Balance...Peace of mindResponsibilityEconomy
![Page 8: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/8.jpg)
![Page 9: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/9.jpg)
![Page 10: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/10.jpg)
![Page 11: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/11.jpg)
![Page 12: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/12.jpg)
![Page 13: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/13.jpg)
![Page 14: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/14.jpg)
Viruses, Trojans and Malware – Oh my!
![Page 15: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/15.jpg)
![Page 16: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/16.jpg)
![Page 17: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/17.jpg)
![Page 18: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/18.jpg)
5. Where is your data?
![Page 19: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/19.jpg)
5. Where is your data?
Office? PC Server Copier
Laptop?Mobile device?Cloud?
![Page 20: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/20.jpg)
6. Security vs Safety…
![Page 21: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/21.jpg)
6. Security vs Safety…
Intentional Acts
vs.
Unintentional Acts
![Page 22: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/22.jpg)
6. Security and Safety…
Passwords?
Encryption?At restIn transitWireless Access
Retention Policies?
Remote Access?
![Page 23: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/23.jpg)
6. Security and Safety…
Recommended password policies:
8+ characters Letters & Numbers Mixed case: A-Z, a-z Special characters: $@*&! Changed 4x year No repeats for 1+ year
![Page 24: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/24.jpg)
6. Security and Safety…
Recommended password policies:
8+ characters Letters & Numbers Mixed case: A-Z, a-z Special characters: $@*&! Changed 4x year No repeats for 1+ year
Security ‘tokens’
![Page 25: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/25.jpg)
Why is Backup hard?
Lots more stuff in more places Different threats – different defenses Backup software is complicated Backup media is a security risk Bad organization habits Restore is needed infrequently;
. . . practice is risky!
![Page 26: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/26.jpg)
Why is Backup hard?
Lots more stuff in more places Different threats – different defenses Backup software is complicated Backup media is a security risk Bad organization habits Restore is needed infrequently;
. . . practice is risky!
Remember:Backup is boring, Restore is EXCITING!
![Page 27: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/27.jpg)
A special case: Laptops
65% of PCs sold last year were laptops 1:10 Lost or stolen Confidential information on the loose Difficult to sync with office servers Portable = Abused (dropped, kicked) No user serviceable parts inside Security policies difficult to enforce
![Page 28: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/28.jpg)
Backup System Elements . . .
Automated Regular (daily, weekly, continuous?) Tested: Right Stuff, Valid, Monitored Accessible: Offsite vs Onsite, Credentials, Encryption Keys Granular: Ability to recovery a single file Portable: Software, Hardware, Skills
Someone MUST CARE!
![Page 29: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/29.jpg)
A “Simple System” . . . doesn't exist!
Consider data size, type & location: Docs, Databases, E-Mail, PCs, Laptops Servers, Smartphones, ‘Open Files’ Backup generations & retention issues Compliance & discovery issues Media life & custody Offsite: Cost & confidentiality issues Documentation & Support
Test, Train, Review, Repeat
![Page 30: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/30.jpg)
Disaster RecoveryMust be able to duplicate the
“Value Stack”
Hardware
OS & Updates (Licenses)
Configuration: Users, Groups, etc.
Software & Services (Licenses)
Data
Disaster Recovery is not Backup!
![Page 31: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/31.jpg)
Let's Review The Goals
RPORTO
![Page 32: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/32.jpg)
Let's Review The Goals
RPORTORight StuffSafe & SecureValue Stack
![Page 33: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/33.jpg)
Let's Review The Goals
RPORTORight StuffSafe & SecureValue Stack
BalanceEconomyResponsibilityPeace of Mind
![Page 34: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/34.jpg)
Kim recommends:
► Image hard drives: Symantec, Acronis, Comodo
► Offsite storage: Mozy, SugarSync, FileSafe!
► Written policies: P/W, retention, backup, Internet
► De-Crapify: Current, Archive, Media, E-Mail, etc.
► Encrypt laptop hard drives: Winmagic, TruCrypt
► Document: P/W, providers, licenses, network,
etc.
► Update versions: OS, AV, Browser, Software
► Malwarebytes, OpenDNS, LastPass, LoJack
Visit: ILTSO.ORG
![Page 35: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/35.jpg)
Pop Quiz!
5 – 4 – 3 – 2 – 1
![Page 36: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/36.jpg)
Quiz questions:
What are the five levels of the Value Stack?
![Page 37: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/37.jpg)
Quiz questions:
What are the five levels of the Value Stack?
Hardware OS & Updates (Licenses) Configuration: Users, Groups,
etc. Software & Services (Licenses) Data
![Page 38: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/38.jpg)
Quiz questions:
Four simple questions to ask to perform your own backup audit.
![Page 39: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/39.jpg)
Quiz questions:
Four simple questions to ask to perform your own backup audit.
1. What programs do you use?2. Where does that program store its data?3. When/Where does that data get backed up?4. If you discovered missing or corrupted data, what would you do?
![Page 40: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/40.jpg)
Quiz questions:
The 'Three Threats' data safety model
![Page 41: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/41.jpg)
Quiz questions:
The 'Three Threats' data safety model
1. Acts of God2. Acts of Violence3. Acts of Stupidity
![Page 42: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/42.jpg)
Quiz questions:
The difference between ‘Safety’ and ‘Security’?
![Page 43: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/43.jpg)
Quiz questions:
The difference between ‘Safety’ and ‘Security’?
Safety regards unintentional acts
Security regards intentional acts
![Page 44: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/44.jpg)
Quiz questions:
The one Most Important Thing you can do to keep your data safe:
![Page 45: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/45.jpg)
Quiz questions:
The one Most Important Thing you can do to keep your data safe:
Put Someone in charge of Data Safety & Security!
![Page 46: Basic Data Safety Practices That Can Prevent Malpractice Claims & Ethics Violations](https://reader035.vdocuments.us/reader035/viewer/2022062423/5681497e550346895db6c96c/html5/thumbnails/46.jpg)
These slides and other resources are available online at:
www.FileSafeServer.com
Thank You!