Hello! MEET YOUR PRESENTERS Erin Farrelly Tracy Kingsley Supervisor, Tier Two Support Manager, IT Services 2
Today’s Session WHAT WE’LL COVER ITIL - People, Process, Technology 1 First Line of Defense 2 What is Incident Management? 3 Cyber Attacks 4 3
ITIL – People, Technology and Process ITIL is a set of detailed practices for IT service management (ITSM) M) that focuses on aligning IT services with the needs of business. 4
Traditional IT vs ITSM Process Trad aditional tional I/T becomes mes ITSM Process ss Technology focus Process focus "Fire-fighting" Preventative Reactive Proactive Users Customers Centralized, done in-house Distributed, sourced Isolated, silos Integrated, enterprise-wide "One off", adhoc Repeatable, accountable Informal processes Formal best practices IT internal perspective Business perspective Operational specific Service orientation 5
Tiered Support Tier 1 Applicant Support Tier 2 Partner Support and Tier 1 Escalation Tier 3 Escalation 6
First Line of Defense 7
AppDynamics 8
Ghost Inspector Alert 9
10
Pagerduty Digital Operations Management Platform Gain full-stack visibility into service health • Automate on-call management • How? By centralizing and triggering advanced workflows for • data from any source, the platform arms OCAS teams with insights to orchestrate the ideal real-time, business-wide response every time. 11
12
Incident Management Process 1 2 3 Reported Analyzed Resolved Create ticket Analyze ticket Implement solution • • • Triage and prioritize Find Solution Close incident • • • incident 13
Remember to D.I.S.C.O.! Discover Investigate Scope Communicate Organize Report and log Assess incident Determine Alert internal Assume Response incident. using ITIL criteria. impact. (What? stakeholders of Lead role. Assemble Confirm existence Who? How many?) Sev 1 incident. response team and set up War Room. of issue. 14
15
What do we Already do? • Intrusion detection and monitoring at our hosting facility and our network. • Spam filter on our email servers and MS ATP (Advance Threat Protection) which is a feature in O365. • Require staff to have complex passwords that have letters, numbers and symbols so they are harder for cyber criminals to steal. Also require changes to passwords every 90 days. • Anti-virus, malware programs are installed on all PC. • Keep up-to-date on software patches for OS as well as business software. • Block access to websites flagged as malicious. • Block emails flagged as malicious. • Two-part authentication from external sources – VPN clients when working from home. 16
Real Mail vs. Spam 17
What can you do? • Keeping a clean machine — checking with your IT Services team to know what is allowed to be installed on your work devices and what you are plugging into your USB ports. • Avoiding suspicious links — avoid sketchy downloads. If a link looks odd, even if it comes from a familiar source, DO not to click on it. • Using strong passwords — Stolen credentials are a common way for criminals to gain access to your network. Don’t use the same password for work and personal accounts. • Saving important information on the network — so that it can be backed up and restored. Don’t store the only copy of that important document on your local computer! • If you are working from home, do not allow your children or other family members to use your work computer. • Don’t keep any sensitive materials on your local computer. i.e. credit card numbers, employee information, reports containing applicant information, excel files which contain student information. • Don’t write passwords down on pieces of paper - EVER. Don’t share them with anyone. 18
Phishing Trip 19
Recommend
More recommend