Upload File

workstation security ted wallerstedt, cisa, cia principal information systems auditor university of...

  • Home
  • Documents
  • Workstation Security Ted Wallerstedt, CISA, CIA Principal Information Systems Auditor University of Minnesota
10
Workstation Security Ted Wallerstedt, CISA, CIA Principal Information Systems Auditor University of Minnesota

Upload: myles-davidson

Post on 02-Jan-2016

219 views

Category:

Documents


1 download

Report

TRANSCRIPT

Page 1: Workstation Security Ted Wallerstedt, CISA, CIA Principal Information Systems Auditor University of Minnesota

Workstation Security

Ted Wallerstedt, CISA, CIAPrincipal Information Systems

AuditorUniversity of Minnesota

Page 2: Workstation Security Ted Wallerstedt, CISA, CIA Principal Information Systems Auditor University of Minnesota

Workstation Basics

• Input

• Processing

• Output

• Storage

Page 3: Workstation Security Ted Wallerstedt, CISA, CIA Principal Information Systems Auditor University of Minnesota

SECURING INPUT• Don’t leave you PC unsecured

• Don’t accept non trusted disks

• Don’t let people shoulder surf

• Don’t leave a mic and camera attached

• Don’t leave you PC unsecured

Page 4: Workstation Security Ted Wallerstedt, CISA, CIA Principal Information Systems Auditor University of Minnesota

SECURING PROCESSING

• Physical Security

• Antivirus

• Don’t run as Admin

http://securityresponse.symantec.com/
Page 5: Workstation Security Ted Wallerstedt, CISA, CIA Principal Information Systems Auditor University of Minnesota

SECURING OUTPUT

Page 6: Workstation Security Ted Wallerstedt, CISA, CIA Principal Information Systems Auditor University of Minnesota

SECURING STORAGE• Secure passwords• Encryption• Don’t store sensitive data• Secure deletion• Secure removable storage

Page 7: Workstation Security Ted Wallerstedt, CISA, CIA Principal Information Systems Auditor University of Minnesota

What’s missing?

Page 8: Workstation Security Ted Wallerstedt, CISA, CIA Principal Information Systems Auditor University of Minnesota

NETWORK INTERFACE

Page 9: Workstation Security Ted Wallerstedt, CISA, CIA Principal Information Systems Auditor University of Minnesota

SECURING THE NETWORK INTERFACE

• University Policies

• Quick Start

• Group Policies

Page 10: Workstation Security Ted Wallerstedt, CISA, CIA Principal Information Systems Auditor University of Minnesota

SUMMARY• Maintain Physical Security

• Use Quickstart Basic and Level-2

• Use current Antivirus

• Run as a standard user

• Stop shoulder surfing

• Don’t open non trusted files/disks

• Secure your output

• Encrypt sensitive data


December 14, 2010 Detroit Chapter GTAG 13 Fraud Detection and Prevention in an Automated World Ken Askelson CIA, CPA, CITP John Vadalabene CIA, CISA, CLP,

Ed Tobias, CISA, CIA May 12, 2010. Expectations Background Why it works Real-world examples How do I use it? Questions

Application Auditing Scope, Approach, & Execution January 2009 Michael Kirk, CIA, CISA Risk-based

Application Controls - Intro Ted Wallerstedt, CISA, CIA Principal Information Systems Auditor University of Minnesota

1 Welcome to ACG6686 Fraud Examination Florida International University C. Delano Gray, CFE, CISA, CIA, CBA, CFSA

IT GENERAL CONTROLS & THE PREVENTION OF FRAUD Ed Tobias, CISA, CIA, CFE May 11, 2011

New Don’t be a Target! E-Auditing Pitfalls to Avoid 19... · 2019. 9. 30. · Presented by: JJ Edmunds CPA, CIA, CISA, Audit and Assurance Manager. Antonina McAvoy CISA, Cyber and

The Road to Continuous Assurance Jason A. Gross, CPA, CIA, CFE, CISA, ACDA Vice President, Controls Management Siemens Financial Services, Inc

2 IT Control Objectives for Sarbanes-Oxley, 2 Skolnik, CISA, CISM, CPA, BDO Seidman LLP, USA Tracy Stewart, CISA, CISSP, CCP, CIA, ... APPENDIX M—SEGREGATION OF DUTIES IN SIGNIFICANT

Auditing the Organizational Governance Processes Dick Dinan, CPA, CIA Amanda Jenami, CPA, CISA, CFE, CIA, MBA TACUA April 2010

COBIT V41 VF - bm.com.tn · Mark Adler, CISA, CISM, CIA, CISSP, Allstate Ins. Co., USA Peter Andrews, CISA, CITP, MCMI, PJA Consulting, UK Georges Ataya, CISA, CISM, CISSP, MSCS,

IFPC International Group, Inc. 1/18 Auditoría de servicios tercerizados en la actividad bancaria Guillermo H. Casal CIA, CFSA, CCSA, CISA, CFE

COBIT V41 VF - isaca.org G. Davis, CISA, Federal Home Loan Bank of San Francisco, ... CISA, CIA, Danske Bank, Denmark John Mitchell, CISA, CFE, CITP ... Michael Schirmbrand, Ph.D

ISACAPrivacy%Principles%and%Program% …O’Driscoll,"CISA,"CISM,"CIA,"ANZ"BankingGroup," Australia"! Fidel"San_ago,"European"DataProtec_on" Supervisor, Belgium"!

IS SECURITY PERSPECTIVES FROM THE BANKING INDUSTRY AGUMA MPAIRWE CISA,CIA,FCCA,B.A(HONS)

BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING · BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING Marci McCloskey, CISA, ABCP Toan Nguyen, CIA, ABCP

Kathleen Ann Mullin, CIA, CISA, CISSP, CISM, CRSIC, … · Kathleen Ann Mullin, CIA, CISA, CISSP, CISM, CRSIC, CGEIT September 13, 2011

Continuous Controls Monitoring · 2014. 3. 14. · Continuous Controls Monitoring Mady Cheng, CIA, CISA, CPA, MSBA ... Process Conceptual Design Project Implementation Deployment

Payment Card Industry- Data Security Standards Jessica Johnson, CIA, CISA, Audit Supervisor Dan Temmesfeld, CPA, Audit Supervisor

Best Practices for User Access Controls and Segregation of Duties Presented by: Jeffrey T. Hare, CPA CISA CIA ERP Seminars

FY 2014 Departmental Change in Management Audit Austin... · FY 2014 Departmental Change in Management Audit Department of Chemistry ... CIA, CRMA *Chris Taylor, CIA, CISA ... Responsible

COBIT 4.1 Executive Summary - ISACA Cheng, CISA, CISSP, SSCP, Deloitte & Touche LLP, USA Dharmesh Choksey, CISA, CPA, CISSP, PMP, KPMG LLP, USA Jeffrey D. Custer, CISA, CPA, CIA, Ernst

Effort Reporting: A Departmental Approach to Meeting Audit Requirements Dianne Valdez, MBA, CIA, CISA, CCSA Enrique Valdez Jr., MBA

Presented by Mark R. Kolman, CPA, CIA, CISA, CFE, … Kolman... · Presented by. Mark R. Kolman, CPA, CIA, CISA, CFE, CGAP. June 2, 2017

DATABYTE - isaca-det.comisaca-det.com/newsletters/DB0604.pdf · John W. McCormick, CISA, CIA Horn Murdock Cole (248) 471-3075 John L. Quaine II, CISA, CPA, CIA Blue Cross Blue Shield

CISA, CISA Training, CISA Certification Training

13th ANNUAL RUTGERS GOVERNMENTAL ACCOUNTING & AUDITING George Henein, CIA,CISA CFE,CFSA,CGAP Monday, 18 December, 2006

ISACA KAMPALA CHAPTER 30 TH MAY 2012 AGUMA MPAIRWE B.A(HONS),CISA,CIA,FCCA

NCAA Football Attendance Audit - Home | University of …€¦ ·  · 2014-08-26NCAA Football Attendance Audit Intercollegiate Athletics February 10, ... Chris Taylor, CIA, CISA

Ralph Villanueva CISA CIA CFE CRMA - Society of Corporate … · 2015. 9. 15. · 1 Ralph Villanueva CISA CIA CFE CRMA Objectives Attendees will learn the importance of a strong IT

FISCAL MONITORING Gary Payne, CPA, CIA, CISA Unit Manager, Fiscal Monitoring Contract Oversight & Support Section

Common Change Management Challenges for Companies Running Oracle Applications Presented by: Jeffrey T. Hare, CPA CISA CIA ERP Seminars

CISA Dumps Isaca CISA - vcecollection.net

UNESCO. Executive Board; 160th; Proposal by the …unesdoc.unesco.org/images/0012/001206/120644e.pdf · José Bouaniche, CIA, CISA DavidKanja,CIA,CPA,ACA Gerard Scalabre, CIA, CISA

Urs Fischer, CPA, CRISC, CISA, CIA Fischer IT GRC ...itgi.jp/conf201411/2014 11 13_Effctive IT related RM_Tokyo.pdf · Urs Fischer, CPA, CRISC, CISA, CIA Fischer IT GRC Consulting