SlideShare a Scribd company logo

Security what it means to your business - circa 1999

C
Chaim Yudkowsky
Technology
1 of 14
Download to read offline
Security: What does it mean to your business? presented bypresented by Chaim Yudkowsky, CPAChaim Yudkowsky, CPA Grabush, Newman & Co., P.A.Grabush, Newman & Co., P.A. 410-296-6300 www.gnco.com www.byteofadvice.com
Questionnaire • How many have car alarms? • How many have business alarms? • How many have human security? • How many have ID badges and the like? • How many have other? • Do you leave your house door unlocked at night?
Surveys • 64% of responding companies experienced breach • 79% of execs security is number one business challenge in the next century • 60-80% of risk comes from your own people
The risks to your business data • physical access • electronic / virtual access – intentional – unintentional • misappropriated access – hacking – no policies – employee sensitivity (This is Serious!)
Virtual access • network security – local – wide – Internet – extranet specific • application security • policies
Policies • passwords • security and policy administration • testing
MAS90 and Security • Overall • Specific modules • Third-party enhancements • Remote Access
Overall • users • groups • supervisor rights in a user • ODBC access and 3.3 • cascading rights (starting at about 3.1)
Module security - Part 1 • Payroll – department users • Sales Order – Override price – Profit margin % • Purchase Order – Cost increase – To allow over receive / invoice qty on order
Module security - Part 1 • Payroll – department users • Sales Order – Override price – Profit margin % • Purchase Order – Cost increase – To allow over receive / invoice qty on order
Module security - Part 2 • Accounts Receivable – Commission / credit line override – Batch entry override • Accounts Payable – Batch entry override
Third-party enhancements • Macabe Divisional enhancement – General Ledger – SO / AR – PO / AP – Inventory Management • security for inventory inquiry • security for warehouse
Remote Access • PcAnywhere nightmare • Citrix - only cs • RAS - only cs • other • firewall considerations
In closing . . . “The biggest mistake people make is that they underestimate the risk.” Jeff Moss Founder of Def Con

Recommended

Grc tao.4
Grc tao.4Grc tao.4
Grc tao.4Flaskdata.io
 
Bot audit
Bot auditBot audit
Bot auditAnika Mittal
 
Principles for Secure Design and Software Security
Principles for Secure Design and Software Security Principles for Secure Design and Software Security
Principles for Secure Design and Software Security Mona Rajput
 
2015 Cyber Security
2015 Cyber Security2015 Cyber Security
2015 Cyber SecurityAllen Zhang
 
Mitigating the clicker
Mitigating the clickerMitigating the clicker
Mitigating the clickerClaus Cramon Houmann
 
Ccnsp
CcnspCcnsp
CcnspRudi Permana Yudha
 
Hem infotech company profile
Hem infotech company profileHem infotech company profile
Hem infotech company profileHem Infotech
 
2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers GuideLumension
 

Recommended

Grc tao.4
Grc tao.4Grc tao.4
Grc tao.4Flaskdata.io
 
Bot audit
Bot auditBot audit
Bot auditAnika Mittal
 
Principles for Secure Design and Software Security
Principles for Secure Design and Software Security Principles for Secure Design and Software Security
Principles for Secure Design and Software Security Mona Rajput
 
2015 Cyber Security
2015 Cyber Security2015 Cyber Security
2015 Cyber SecurityAllen Zhang
 
Mitigating the clicker
Mitigating the clickerMitigating the clicker
Mitigating the clickerClaus Cramon Houmann
 
Ccnsp
CcnspCcnsp
CcnspRudi Permana Yudha
 
Hem infotech company profile
Hem infotech company profileHem infotech company profile
Hem infotech company profileHem Infotech
 
2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers GuideLumension
 
Jump Start Your Application Security Knowledge
Jump Start Your Application Security KnowledgeJump Start Your Application Security Knowledge
Jump Start Your Application Security KnowledgeDenim Group
 
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365 Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365SecureAuth
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationLumension
 
GDPR & Capacity Management
GDPR & Capacity ManagementGDPR & Capacity Management
GDPR & Capacity ManagementPrecisely
 
Common Sense Security Framework
Common Sense Security FrameworkCommon Sense Security Framework
Common Sense Security FrameworkJerod Brennen
 
Building secure mobile apps
Building secure mobile appsBuilding secure mobile apps
Building secure mobile appsMartin Vigo
 
Limitations E - Commerce Security measures
Limitations E - Commerce Security measuresLimitations E - Commerce Security measures
Limitations E - Commerce Security measuresJeril Peter
 
Fortify technology
Fortify technologyFortify technology
Fortify technologyImad Nom de famille
 
Con8813 securing privileged accounts with an integrated idm solution - final
Con8813 securing privileged accounts with an integrated idm solution - finalCon8813 securing privileged accounts with an integrated idm solution - final
Con8813 securing privileged accounts with an integrated idm solution - finalOracleIDM
 
Tips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile AppsTips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile AppsTechWell
 
Cyberoam layer8
Cyberoam layer8Cyberoam layer8
Cyberoam layer8Aniruddha Mazumder
 
What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?IBM Security
 
Architecting for Security Resilience
Architecting for Security ResilienceArchitecting for Security Resilience
Architecting for Security ResilienceJoel Aleburu
 
Web Application Security For Small and Medium Businesses
Web Application Security For Small and Medium BusinessesWeb Application Security For Small and Medium Businesses
Web Application Security For Small and Medium BusinessesSasha Nunke
 
Chapter 1 Introduction to Security
Chapter 1 Introduction to SecurityChapter 1 Introduction to Security
Chapter 1 Introduction to SecurityDr. Ahmed Al Zaidy
 
Multifactor Authentication
Multifactor AuthenticationMultifactor Authentication
Multifactor AuthenticationRonnie Isherwood
 
Commercial And Government Cyberwarfare
Commercial And Government CyberwarfareCommercial And Government Cyberwarfare
Commercial And Government CyberwarfareNicholas Davis
 
2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security Solutions2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security SolutionsLumension
 
Salesforce New Jersey User Group - Security Awareness
Salesforce New Jersey User Group - Security Awareness Salesforce New Jersey User Group - Security Awareness
Salesforce New Jersey User Group - Security Awareness InternetCreations
 
Intro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor AuthenticationIntro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor Authenticationhon1nbo
 
Faith Healing
Faith HealingFaith Healing
Faith HealingMasa Nakata
 
Writing proposal
Writing proposalWriting proposal
Writing proposalsornadaisy
 

More Related Content

What's hot

Jump Start Your Application Security Knowledge
Jump Start Your Application Security KnowledgeJump Start Your Application Security Knowledge
Jump Start Your Application Security KnowledgeDenim Group
 
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365 Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365SecureAuth
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationLumension
 
GDPR & Capacity Management
GDPR & Capacity ManagementGDPR & Capacity Management
GDPR & Capacity ManagementPrecisely
 
Common Sense Security Framework
Common Sense Security FrameworkCommon Sense Security Framework
Common Sense Security FrameworkJerod Brennen
 
Building secure mobile apps
Building secure mobile appsBuilding secure mobile apps
Building secure mobile appsMartin Vigo
 
Limitations E - Commerce Security measures
Limitations E - Commerce Security measuresLimitations E - Commerce Security measures
Limitations E - Commerce Security measuresJeril Peter
 
Con8813 securing privileged accounts with an integrated idm solution - final
Con8813 securing privileged accounts with an integrated idm solution - finalCon8813 securing privileged accounts with an integrated idm solution - final
Con8813 securing privileged accounts with an integrated idm solution - finalOracleIDM
 
Tips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile AppsTips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile AppsTechWell
 
What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?IBM Security
 
Architecting for Security Resilience
Architecting for Security ResilienceArchitecting for Security Resilience
Architecting for Security ResilienceJoel Aleburu
 
Web Application Security For Small and Medium Businesses
Web Application Security For Small and Medium BusinessesWeb Application Security For Small and Medium Businesses
Web Application Security For Small and Medium BusinessesSasha Nunke
 
Chapter 1 Introduction to Security
Chapter 1 Introduction to SecurityChapter 1 Introduction to Security
Chapter 1 Introduction to SecurityDr. Ahmed Al Zaidy
 
Multifactor Authentication
Multifactor AuthenticationMultifactor Authentication
Multifactor AuthenticationRonnie Isherwood
 
Commercial And Government Cyberwarfare
Commercial And Government CyberwarfareCommercial And Government Cyberwarfare
Commercial And Government CyberwarfareNicholas Davis
 
2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security Solutions2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security SolutionsLumension
 
Salesforce New Jersey User Group - Security Awareness
Salesforce New Jersey User Group - Security Awareness Salesforce New Jersey User Group - Security Awareness
Salesforce New Jersey User Group - Security Awareness InternetCreations
 
Intro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor AuthenticationIntro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor Authenticationhon1nbo
 

What's hot (20)

Jump Start Your Application Security Knowledge
Jump Start Your Application Security KnowledgeJump Start Your Application Security Knowledge
Jump Start Your Application Security Knowledge
 
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365 Webinar: Beyond Two-Factor: Secure Access Control for Office 365
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
 
GDPR & Capacity Management
GDPR & Capacity ManagementGDPR & Capacity Management
GDPR & Capacity Management
 
Common Sense Security Framework
Common Sense Security FrameworkCommon Sense Security Framework
Common Sense Security Framework
 
Building secure mobile apps
Building secure mobile appsBuilding secure mobile apps
Building secure mobile apps
 
Limitations E - Commerce Security measures
Limitations E - Commerce Security measuresLimitations E - Commerce Security measures
Limitations E - Commerce Security measures
 
Fortify technology
Fortify technologyFortify technology
Fortify technology
 
Con8813 securing privileged accounts with an integrated idm solution - final
Con8813 securing privileged accounts with an integrated idm solution - finalCon8813 securing privileged accounts with an integrated idm solution - final
Con8813 securing privileged accounts with an integrated idm solution - final
 
Tips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile AppsTips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile Apps
 
Cyberoam layer8
Cyberoam layer8Cyberoam layer8
Cyberoam layer8
 
What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?
 
Architecting for Security Resilience
Architecting for Security ResilienceArchitecting for Security Resilience
Architecting for Security Resilience
 
Web Application Security For Small and Medium Businesses
Web Application Security For Small and Medium BusinessesWeb Application Security For Small and Medium Businesses
Web Application Security For Small and Medium Businesses
 
Chapter 1 Introduction to Security
Chapter 1 Introduction to SecurityChapter 1 Introduction to Security
Chapter 1 Introduction to Security
 
Multifactor Authentication
Multifactor AuthenticationMultifactor Authentication
Multifactor Authentication
 
Commercial And Government Cyberwarfare
Commercial And Government CyberwarfareCommercial And Government Cyberwarfare
Commercial And Government Cyberwarfare
 
2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security Solutions2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security Solutions
 
Salesforce New Jersey User Group - Security Awareness
Salesforce New Jersey User Group - Security Awareness Salesforce New Jersey User Group - Security Awareness
Salesforce New Jersey User Group - Security Awareness
 
Intro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor AuthenticationIntro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor Authentication
 

Viewers also liked

Writing proposal
Writing proposalWriting proposal
Writing proposalsornadaisy
 
Esencias florales bach americanas
Esencias florales bach americanasEsencias florales bach americanas
Esencias florales bach americanasOmar Gimenez Palma
 
Visual social media, social photography and video by Dirk Singer @ ICEEfest 2013
Visual social media, social photography and video by Dirk Singer @ ICEEfest 2013Visual social media, social photography and video by Dirk Singer @ ICEEfest 2013
Visual social media, social photography and video by Dirk Singer @ ICEEfest 2013ICEEFEST2013
 
L'uso del web nei portatli dedicati al turismo18-gennaio-2011
L'uso del web nei portatli dedicati al turismo18-gennaio-2011L'uso del web nei portatli dedicati al turismo18-gennaio-2011
L'uso del web nei portatli dedicati al turismo18-gennaio-2011Cristina Fabi
 
Behind the scenes of creating mds for the transformation of prepaid markets
Behind the scenes of creating mds for the transformation of prepaid marketsBehind the scenes of creating mds for the transformation of prepaid markets
Behind the scenes of creating mds for the transformation of prepaid marketsMovotek Innovations Limited.
 
Seminários G2 - Periféricos
Seminários G2 - PeriféricosSeminários G2 - Periféricos
Seminários G2 - PeriféricosAnderson Andrade
 
SRF Salgssymposiet2014 bergen
SRF Salgssymposiet2014 bergenSRF Salgssymposiet2014 bergen
SRF Salgssymposiet2014 bergenAlain Fassotte
 
Ep 1 day 172
Ep 1 day 172Ep 1 day 172
Ep 1 day 172Deoxor
 

Viewers also liked (10)

Faith Healing
Faith HealingFaith Healing
Faith Healing
 
Writing proposal
Writing proposalWriting proposal
Writing proposal
 
Esencias florales bach americanas
Esencias florales bach americanasEsencias florales bach americanas
Esencias florales bach americanas
 
Visual social media, social photography and video by Dirk Singer @ ICEEfest 2013
Visual social media, social photography and video by Dirk Singer @ ICEEfest 2013Visual social media, social photography and video by Dirk Singer @ ICEEfest 2013
Visual social media, social photography and video by Dirk Singer @ ICEEfest 2013
 
L'uso del web nei portatli dedicati al turismo18-gennaio-2011
L'uso del web nei portatli dedicati al turismo18-gennaio-2011L'uso del web nei portatli dedicati al turismo18-gennaio-2011
L'uso del web nei portatli dedicati al turismo18-gennaio-2011
 
FORTIFIED Agent Training
FORTIFIED Agent TrainingFORTIFIED Agent Training
FORTIFIED Agent Training
 
Behind the scenes of creating mds for the transformation of prepaid markets
Behind the scenes of creating mds for the transformation of prepaid marketsBehind the scenes of creating mds for the transformation of prepaid markets
Behind the scenes of creating mds for the transformation of prepaid markets
 
Seminários G2 - Periféricos
Seminários G2 - PeriféricosSeminários G2 - Periféricos
Seminários G2 - Periféricos
 
SRF Salgssymposiet2014 bergen
SRF Salgssymposiet2014 bergenSRF Salgssymposiet2014 bergen
SRF Salgssymposiet2014 bergen
 
Ep 1 day 172
Ep 1 day 172Ep 1 day 172
Ep 1 day 172
 

Similar to Security what it means to your business - circa 1999

3433 IBM messaging security why securing your environment is important-feb2...
3433 IBM messaging security why securing your environment is important-feb2...3433 IBM messaging security why securing your environment is important-feb2...
3433 IBM messaging security why securing your environment is important-feb2...Robert Parker
 
IBM Messaging Security - Why securing your environment is important : IBM Int...
IBM Messaging Security - Why securing your environment is important : IBM Int...IBM Messaging Security - Why securing your environment is important : IBM Int...
IBM Messaging Security - Why securing your environment is important : IBM Int...Leif Davidsen
 
Controlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataControlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataPrecisely
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iPrecisely
 
Corona| COVID IT Tactical Security Preparedness: Threat Management
Corona| COVID IT Tactical Security Preparedness: Threat ManagementCorona| COVID IT Tactical Security Preparedness: Threat Management
Corona| COVID IT Tactical Security Preparedness: Threat ManagementRedZone Technologies
 
Expand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataExpand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataPrecisely
 
13 real ways to destroy business by breaking company’s SAP applications
13 real ways to destroy business by breaking company’s SAP applications13 real ways to destroy business by breaking company’s SAP applications
13 real ways to destroy business by breaking company’s SAP applicationsERPScan
 
John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015
John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015
John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015Paul F. Roberts
 
IT Security Essentials
IT Security EssentialsIT Security Essentials
IT Security EssentialsSkoda Minotti
 
The latest changes to SAP cybersecurity landscape
The latest changes to SAP cybersecurity landscapeThe latest changes to SAP cybersecurity landscape
The latest changes to SAP cybersecurity landscapeERPScan
 
Security in an Interconnected and Complex World of Software
Security in an Interconnected and Complex World of SoftwareSecurity in an Interconnected and Complex World of Software
Security in an Interconnected and Complex World of SoftwareMichael Coates
 
Ciso executive forum 2013
Ciso executive forum 2013Ciso executive forum 2013
Ciso executive forum 2013Bill Burns
 
Gus Hunt's Work-Bench Enterprise Security Summit Keynote
Gus Hunt's Work-Bench Enterprise Security Summit KeynoteGus Hunt's Work-Bench Enterprise Security Summit Keynote
Gus Hunt's Work-Bench Enterprise Security Summit KeynoteWork-Bench
 
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsManaging Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsDinesh O Bareja
 
CIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldCIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldiMIS
 
CIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldCIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldiMIS
 
How To Handle Breach Disclosures? Bug Bounty, Coordinated Vulnerability Discl...
How To Handle Breach Disclosures? Bug Bounty, Coordinated Vulnerability Discl...How To Handle Breach Disclosures? Bug Bounty, Coordinated Vulnerability Discl...
How To Handle Breach Disclosures? Bug Bounty, Coordinated Vulnerability Discl...Priyanka Aash
 

Similar to Security what it means to your business - circa 1999 (20)

3433 IBM messaging security why securing your environment is important-feb2...
3433 IBM messaging security why securing your environment is important-feb2...3433 IBM messaging security why securing your environment is important-feb2...
3433 IBM messaging security why securing your environment is important-feb2...
 
IBM Messaging Security - Why securing your environment is important : IBM Int...
IBM Messaging Security - Why securing your environment is important : IBM Int...IBM Messaging Security - Why securing your environment is important : IBM Int...
IBM Messaging Security - Why securing your environment is important : IBM Int...
 
Controlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataControlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and Data
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM i
 
Corona| COVID IT Tactical Security Preparedness: Threat Management
Corona| COVID IT Tactical Security Preparedness: Threat ManagementCorona| COVID IT Tactical Security Preparedness: Threat Management
Corona| COVID IT Tactical Security Preparedness: Threat Management
 
Expand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataExpand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and Data
 
13 real ways to destroy business by breaking company’s SAP applications
13 real ways to destroy business by breaking company’s SAP applications13 real ways to destroy business by breaking company’s SAP applications
13 real ways to destroy business by breaking company’s SAP applications
 
John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015
John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015
John Walsh, Sypris on Cyber Physical Systems - Boston SECoT MeetUp 2015
 
IT Security Essentials
IT Security EssentialsIT Security Essentials
IT Security Essentials
 
Secure Iowa Oct 2016
Secure Iowa Oct 2016Secure Iowa Oct 2016
Secure Iowa Oct 2016
 
Institute of Internal Auditors Presentation 2014
Institute of Internal Auditors Presentation 2014Institute of Internal Auditors Presentation 2014
Institute of Internal Auditors Presentation 2014
 
The latest changes to SAP cybersecurity landscape
The latest changes to SAP cybersecurity landscapeThe latest changes to SAP cybersecurity landscape
The latest changes to SAP cybersecurity landscape
 
Security in an Interconnected and Complex World of Software
Security in an Interconnected and Complex World of SoftwareSecurity in an Interconnected and Complex World of Software
Security in an Interconnected and Complex World of Software
 
Ciso executive forum 2013
Ciso executive forum 2013Ciso executive forum 2013
Ciso executive forum 2013
 
Gus Hunt's Work-Bench Enterprise Security Summit Keynote
Gus Hunt's Work-Bench Enterprise Security Summit KeynoteGus Hunt's Work-Bench Enterprise Security Summit Keynote
Gus Hunt's Work-Bench Enterprise Security Summit Keynote
 
Security of information asset
Security of information assetSecurity of information asset
Security of information asset
 
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsManaging Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
 
CIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldCIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile World
 
CIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldCIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile World
 
How To Handle Breach Disclosures? Bug Bounty, Coordinated Vulnerability Discl...
How To Handle Breach Disclosures? Bug Bounty, Coordinated Vulnerability Discl...How To Handle Breach Disclosures? Bug Bounty, Coordinated Vulnerability Discl...
How To Handle Breach Disclosures? Bug Bounty, Coordinated Vulnerability Discl...
 

More from Chaim Yudkowsky

10 Commandments of Technology
10 Commandments of Technology10 Commandments of Technology
10 Commandments of TechnologyChaim Yudkowsky
 
Is My Graph Effective - checklist
Is My Graph Effective - checklistIs My Graph Effective - checklist
Is My Graph Effective - checklistChaim Yudkowsky
 
Starting a small business
Starting a small businessStarting a small business
Starting a small businessChaim Yudkowsky
 
Stretching your tech dollars lawyers circa 1994
Stretching your tech dollars lawyers circa 1994Stretching your tech dollars lawyers circa 1994
Stretching your tech dollars lawyers circa 1994Chaim Yudkowsky
 
Marketing plan circa 1996
Marketing plan circa 1996Marketing plan circa 1996
Marketing plan circa 1996Chaim Yudkowsky
 
How to make more money - Part 2 -circa 1997
How to make more money - Part 2 -circa 1997How to make more money - Part 2 -circa 1997
How to make more money - Part 2 -circa 1997Chaim Yudkowsky
 
How to make more money - part 3 - circa 1997
How to make more money - part 3 - circa 1997How to make more money - part 3 - circa 1997
How to make more money - part 3 - circa 1997Chaim Yudkowsky
 
Telcommunications and remote circa 1998
Telcommunications and remote circa 1998Telcommunications and remote circa 1998
Telcommunications and remote circa 1998Chaim Yudkowsky
 
Y2 k training circa 1998
Y2 k training circa 1998Y2 k training circa 1998
Y2 k training circa 1998Chaim Yudkowsky
 
Y2k presented at Towson University December 1998
Y2k presented at Towson University December 1998Y2k presented at Towson University December 1998
Y2k presented at Towson University December 1998Chaim Yudkowsky
 
Trends in technology 1997
Trends in technology 1997Trends in technology 1997
Trends in technology 1997Chaim Yudkowsky
 
20 Minute Cash Flow Planning Session from 1996
20 Minute Cash Flow Planning Session from 199620 Minute Cash Flow Planning Session from 1996
20 Minute Cash Flow Planning Session from 1996Chaim Yudkowsky
 

More from Chaim Yudkowsky (14)

Cost Optimization
Cost OptimizationCost Optimization
Cost Optimization
 
10 Commandments of Technology
10 Commandments of Technology10 Commandments of Technology
10 Commandments of Technology
 
Is My Graph Effective - checklist
Is My Graph Effective - checklistIs My Graph Effective - checklist
Is My Graph Effective - checklist
 
Starting a small business
Starting a small businessStarting a small business
Starting a small business
 
Stretching your tech dollars lawyers circa 1994
Stretching your tech dollars lawyers circa 1994Stretching your tech dollars lawyers circa 1994
Stretching your tech dollars lawyers circa 1994
 
Marketing plan circa 1996
Marketing plan circa 1996Marketing plan circa 1996
Marketing plan circa 1996
 
How to make more money - Part 2 -circa 1997
How to make more money - Part 2 -circa 1997How to make more money - Part 2 -circa 1997
How to make more money - Part 2 -circa 1997
 
How to make more money - part 3 - circa 1997
How to make more money - part 3 - circa 1997How to make more money - part 3 - circa 1997
How to make more money - part 3 - circa 1997
 
Telcommunications and remote circa 1998
Telcommunications and remote circa 1998Telcommunications and remote circa 1998
Telcommunications and remote circa 1998
 
Y2 k training circa 1998
Y2 k training circa 1998Y2 k training circa 1998
Y2 k training circa 1998
 
Y2k presented at Towson University December 1998
Y2k presented at Towson University December 1998Y2k presented at Towson University December 1998
Y2k presented at Towson University December 1998
 
Trends in technology 1997
Trends in technology 1997Trends in technology 1997
Trends in technology 1997
 
20 Minute Cash Flow Planning Session from 1996
20 Minute Cash Flow Planning Session from 199620 Minute Cash Flow Planning Session from 1996
20 Minute Cash Flow Planning Session from 1996
 
Death of a salesman
Death of a salesmanDeath of a salesman
Death of a salesman
 

Recently uploaded

Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsYoss Cohen
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Karmanjay Verma
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 

Recently uploaded (20)

Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 

Security what it means to your business - circa 1999

  • 1. Security: What does it mean to your business? presented bypresented by Chaim Yudkowsky, CPAChaim Yudkowsky, CPA Grabush, Newman & Co., P.A.Grabush, Newman & Co., P.A. 410-296-6300 www.gnco.com www.byteofadvice.com
  • 2. Questionnaire • How many have car alarms? • How many have business alarms? • How many have human security? • How many have ID badges and the like? • How many have other? • Do you leave your house door unlocked at night?
  • 3. Surveys • 64% of responding companies experienced breach • 79% of execs security is number one business challenge in the next century • 60-80% of risk comes from your own people
  • 4. The risks to your business data • physical access • electronic / virtual access – intentional – unintentional • misappropriated access – hacking – no policies – employee sensitivity (This is Serious!)
  • 5. Virtual access • network security – local – wide – Internet – extranet specific • application security • policies
  • 6. Policies • passwords • security and policy administration • testing
  • 7. MAS90 and Security • Overall • Specific modules • Third-party enhancements • Remote Access
  • 8. Overall • users • groups • supervisor rights in a user • ODBC access and 3.3 • cascading rights (starting at about 3.1)
  • 9. Module security - Part 1 • Payroll – department users • Sales Order – Override price – Profit margin % • Purchase Order – Cost increase – To allow over receive / invoice qty on order
  • 10. Module security - Part 1 • Payroll – department users • Sales Order – Override price – Profit margin % • Purchase Order – Cost increase – To allow over receive / invoice qty on order
  • 11. Module security - Part 2 • Accounts Receivable – Commission / credit line override – Batch entry override • Accounts Payable – Batch entry override
  • 12. Third-party enhancements • Macabe Divisional enhancement – General Ledger – SO / AR – PO / AP – Inventory Management • security for inventory inquiry • security for warehouse
  • 13. Remote Access • PcAnywhere nightmare • Citrix - only cs • RAS - only cs • other • firewall considerations
  • 14. In closing . . . “The biggest mistake people make is that they underestimate the risk.” Jeff Moss Founder of Def Con