In this talk we will discuss how organizations can increase the security of their information and drastically reduce the risk of data breaches. These methods work in conjunction with encryption.
PII • Limit PII to a minimal amount of servers • Limit access to PII • Utilize unique IDs • No PII in transit • No PII as primary keys • Check those backups for PII
Payment Processing • Apple pay leads way • No servers with stored card numbers or banking info • No card numbers or banking info in transit • EMV is a joke
Know the LAW • What data requires breach disclosure in your HQ state • Are driver’s license numbers included • Educate leadership
Executive Support • Properly document an explain data manipulation • Security for 10 servers is cheaper than securing 100 • Don’t be a sitting duck
Michael Spurgeon, CISSP, CCNA, MCITP 11 years of experience in the following industries: Education Higher Ed Banking Manufacturing Industrial Restaurant Small Business Fortune 500 Dedicated to spreading awareness, helping organizations be more secure and changing the future of internet defense...