SlideShare a Scribd company logo

Octree securapro mauleverer case study

Tony Richardson CISSP
Tony Richardson CISSP
1 of 2
Download to read offline
Octree SecuraPro case study Client: Generic Financial Management plc Sector: Financial services Need: To comply with the Financial Services Authority (FSA) guidelines regarding the protection of confidential client data held on IT systems. Reducing the risk of confidential data loss Regulatory and governance requirements from the FSA are an increasingly important driver in the need to protect sensitive client data. Companies are being required to disclose breaches that place Personal Identifiable Information (PII) at risk, be it from a customer, employee, shareholder, partner, or other stakeholder prospective. Generic Financial Management is a FSA compliance The outcome of the audit firm of chartered financial planners that has been advising clients on Generic Financial Management plc’s As a result of the audit, it was decided wealth matters for over 20 years from managing director Paul Thomas to implement SecuraPro to improve offices in Codicote. explains, “In April 2008, the FSA data security in a number of areas: issued its Data Security in Financial Like many companies operating in Services report which highlighted Full disk encryption for GFM’s laptops, the financial services sector GFM has some well-publicised client data losses which protects against unauthorised become totally reliant on the use of involving the loss or theft of laptops access to data in the event that one technology, from office-based servers and memory sticks, and the resultant or more is lost or stolen. and PCs, to laptops, CDs and USB fines imposed by the regulator. memory sticks. Web filtering to control employee “The FSA makes it clear that a access to inappropriate or non-work The company’s employees have firm’s senior management team is related websites and to protect PCs access to the internet and email is responsible for making an appropriate from web-based malware. widely used to communicate with assessment of the financial crime risks clients and suppliers. associated with its customer data. We Email filtering to protect PCs against therefore decided that a full security phishing email, spam, email-borne audit and review of our processes and viruses and malware. It also ensures systems was required.” that inappropriate or defamatory material is blocked. Assessing the risks Endpoint security on desktops and Octree undertook an audit of GFM’s server with antivirus, anti-malware systems and IT infrastructure. Tony and proactive threat protection (IPS). Richardson, Octree’s managing director, explains, “We have developed Patch and vulnerability remediation a sound methodology based around a to keep software up to date. detailed questionnaire that assesses the level of compliance with the FSA’s A managed firewall and VPN offering data security guidelines, and accepted secure remote access for mobile users. industry best practice. I am confident that with SecuraPro Octree also provides a wide range of installed our IT systems satisfy the “This tool can be used by companies managed IT services, including the FSA’s regulatory requirements in within the financial services sector routine monitoring of critical server a cost-effective manner that does to assess their level of compliance services, server storage and backups, not expose our clients to potential and quickly identify fundamental proactive support for the IT systems, cybercrime or identity theft. weaknesses in their IT security and remote desktop support. systems and procedures. We will be Paul Thomas, managing director, making the questionnaire available For further information, visit us on the Generic Financial Management plc via our website.” web at www.securapro.co.uk.
About Octree Established in 1990, Octree is a specialised IT solutions company with a proven reputation in the deployment, securing and support of computer networking for small to medium-sized businesses. Octree offers complete computer network systems, from wired and wireless local area networks, complete communications solutions and data protection and management, through to proactive systems maintenance and managed business continuity services. We offer fully independent advice and we do not drown people in confusing technical language. All our computer network solutions are developed as ‘best fit’ propositions based on what we hear from our clients. We have developed cutting-edge knowledge and skills through vast experience and ongoing technical training, supported by our partnerships with companies like Microsoft®. Octree Limited, The Lloyds Building, Birds Hill, Letchworth, Herts SG6 1JE tel: 08456 171819 web: www.octree.co.uk Securapro is a registered trademark of Octree Limited

Recommended

10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security Risks10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security Risks
Heimdal Security
 
SME Cyber Insurance
SME Cyber Insurance SME Cyber Insurance
SME Cyber Insurance
Netpluz Asia Pte Ltd
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data Security
Imperva
 
Protection against cyber threats
Protection against cyber threatsProtection against cyber threats
Protection against cyber threats
TIKAJ
 
Online Security Breach Compromises 77 Million Client Accounts
Online Security Breach Compromises 77 Million Client AccountsOnline Security Breach Compromises 77 Million Client Accounts
Online Security Breach Compromises 77 Million Client Accounts
corelink11
 
Topic11
Topic11Topic11
Topic11
Anne Starr
 
Threat Modelling And Threat Response
Threat Modelling And Threat ResponseThreat Modelling And Threat Response
Threat Modelling And Threat Response
Vivek Jindaniya
 
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz Asia Pte Ltd
 

Recommended

10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security Risks10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security Risks
Heimdal Security
 
SME Cyber Insurance
SME Cyber Insurance SME Cyber Insurance
SME Cyber Insurance
Netpluz Asia Pte Ltd
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data Security
Imperva
 
Protection against cyber threats
Protection against cyber threatsProtection against cyber threats
Protection against cyber threats
TIKAJ
 
Online Security Breach Compromises 77 Million Client Accounts
Online Security Breach Compromises 77 Million Client AccountsOnline Security Breach Compromises 77 Million Client Accounts
Online Security Breach Compromises 77 Million Client Accounts
corelink11
 
Topic11
Topic11Topic11
Topic11
Anne Starr
 
Threat Modelling And Threat Response
Threat Modelling And Threat ResponseThreat Modelling And Threat Response
Threat Modelling And Threat Response
Vivek Jindaniya
 
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz Asia Pte Ltd
 
It risk assessment in uae
It risk assessment in uaeIt risk assessment in uae
It risk assessment in uae
RishalHalid1
 
Third-party Remote Support Threats Inforgraphic
Third-party Remote Support Threats InforgraphicThird-party Remote Support Threats Inforgraphic
Third-party Remote Support Threats Inforgraphic
SecureLink, Inc.
 
Network Security Risks and Challenges for Enterprises
Network Security Risks and Challenges for EnterprisesNetwork Security Risks and Challenges for Enterprises
Network Security Risks and Challenges for Enterprises
Sandeep Yadav
 
What you need to know about cyber security
What you need to know about cyber securityWhat you need to know about cyber security
What you need to know about cyber security
Carol Meng-Shih Wang
 
Application Security
Application SecurityApplication Security
Application Security
onenolesguy
 
Webinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity RiskWebinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity Risk
WPICPE
 
Information Security vs IT - Key Roles & Responsibilities
Information Security vs IT - Key Roles & ResponsibilitiesInformation Security vs IT - Key Roles & Responsibilities
Information Security vs IT - Key Roles & Responsibilities
Kroll
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
Edureka!
 
Information security policy
Information security policyInformation security policy
Information security policy
BalachanderThilakar1
 
Simple Safe Steps to Cyber Security
Simple Safe Steps to Cyber SecuritySimple Safe Steps to Cyber Security
Simple Safe Steps to Cyber Security
Hudson Valley Public Relations
 
The Cyber Security Landscape: An OurCrowd Briefing for Investors
The Cyber Security Landscape: An OurCrowd Briefing for InvestorsThe Cyber Security Landscape: An OurCrowd Briefing for Investors
The Cyber Security Landscape: An OurCrowd Briefing for Investors
OurCrowd
 
Employee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - KloudlearnEmployee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - Kloudlearn
KloudLearn
 
IT security
IT securityIT security
IT security
Aman Jain
 
The Seven Kinds of Security
The Seven Kinds of SecurityThe Seven Kinds of Security
The Seven Kinds of Security
Veracode
 
Active Directory: Modern Threats, Medieval Protection
Active Directory: Modern Threats, Medieval ProtectionActive Directory: Modern Threats, Medieval Protection
Active Directory: Modern Threats, Medieval Protection
Skyport Systems
 
Information security for dummies
Information security for dummiesInformation security for dummies
Information security for dummies
Ivo Depoorter
 
IT Security
IT SecurityIT Security
IT Security
Raden Tjokro Partono
 
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
Symantec
 
A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...
Judith Beckhard Cardoso
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Security
chauhankapil
 
Policy for PDO
Policy for PDOPolicy for PDO
Policy for PDO
Hajer alriyami
 
Clearswift f5 integration
Clearswift f5 integrationClearswift f5 integration
Clearswift f5 integration
Marco Essomba
 

More Related Content

What's hot

Application Security
Application SecurityApplication Security
Application Security
onenolesguy
 
The Cyber Security Landscape: An OurCrowd Briefing for Investors
The Cyber Security Landscape: An OurCrowd Briefing for InvestorsThe Cyber Security Landscape: An OurCrowd Briefing for Investors
The Cyber Security Landscape: An OurCrowd Briefing for Investors
OurCrowd
 
The Seven Kinds of Security
The Seven Kinds of SecurityThe Seven Kinds of Security
The Seven Kinds of Security
Veracode
 

What's hot (20)

It risk assessment in uae
It risk assessment in uaeIt risk assessment in uae
It risk assessment in uae
 
Third-party Remote Support Threats Inforgraphic
Third-party Remote Support Threats InforgraphicThird-party Remote Support Threats Inforgraphic
Third-party Remote Support Threats Inforgraphic
 
Network Security Risks and Challenges for Enterprises
Network Security Risks and Challenges for EnterprisesNetwork Security Risks and Challenges for Enterprises
Network Security Risks and Challenges for Enterprises
 
What you need to know about cyber security
What you need to know about cyber securityWhat you need to know about cyber security
What you need to know about cyber security
 
Application Security
Application SecurityApplication Security
Application Security
 
Webinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity RiskWebinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity Risk
 
Information Security vs IT - Key Roles & Responsibilities
Information Security vs IT - Key Roles & ResponsibilitiesInformation Security vs IT - Key Roles & Responsibilities
Information Security vs IT - Key Roles & Responsibilities
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
 
Information security policy
Information security policyInformation security policy
Information security policy
 
Simple Safe Steps to Cyber Security
Simple Safe Steps to Cyber SecuritySimple Safe Steps to Cyber Security
Simple Safe Steps to Cyber Security
 
The Cyber Security Landscape: An OurCrowd Briefing for Investors
The Cyber Security Landscape: An OurCrowd Briefing for InvestorsThe Cyber Security Landscape: An OurCrowd Briefing for Investors
The Cyber Security Landscape: An OurCrowd Briefing for Investors
 
Employee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - KloudlearnEmployee Awareness in Cyber Security - Kloudlearn
Employee Awareness in Cyber Security - Kloudlearn
 
IT security
IT securityIT security
IT security
 
The Seven Kinds of Security
The Seven Kinds of SecurityThe Seven Kinds of Security
The Seven Kinds of Security
 
Active Directory: Modern Threats, Medieval Protection
Active Directory: Modern Threats, Medieval ProtectionActive Directory: Modern Threats, Medieval Protection
Active Directory: Modern Threats, Medieval Protection
 
Information security for dummies
Information security for dummiesInformation security for dummies
Information security for dummies
 
IT Security
IT SecurityIT Security
IT Security
 
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
 
A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Security
 

Similar to Octree securapro mauleverer case study

Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
EY
 
CIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurityCIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurity
Bob Guimarin
 
Smart security solutions for SMBs
Smart security solutions for SMBsSmart security solutions for SMBs
Smart security solutions for SMBs
Jyothi Satyanathan
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
jeanettehully
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
todd521
 
4192 sslvpn sb_0412
4192 sslvpn sb_04124192 sslvpn sb_0412
4192 sslvpn sb_0412
Hai Nguyen
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
Norm Barber
 

Similar to Octree securapro mauleverer case study (20)

Policy for PDO
Policy for PDOPolicy for PDO
Policy for PDO
 
Clearswift f5 integration
Clearswift f5 integrationClearswift f5 integration
Clearswift f5 integration
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
 
CIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurityCIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurity
 
Laser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Conference 2017 - Sid Yenamandra, EntredaLaser App Conference 2017 - Sid Yenamandra, Entreda
Laser App Conference 2017 - Sid Yenamandra, Entreda
 
“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security
 
Apani Ov V9
Apani Ov V9Apani Ov V9
Apani Ov V9
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP Leaks
 
Case study
Case studyCase study
Case study
 
Smart security solutions for SMBs
Smart security solutions for SMBsSmart security solutions for SMBs
Smart security solutions for SMBs
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
 
Implementing Cyber Security for Digital Finance - Bahaa Abdul Hussein .pdf
Implementing Cyber Security for Digital Finance - Bahaa Abdul Hussein .pdfImplementing Cyber Security for Digital Finance - Bahaa Abdul Hussein .pdf
Implementing Cyber Security for Digital Finance - Bahaa Abdul Hussein .pdf
 
Measures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacksMeasures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacks
 
Measure To Avoid Cyber Attacks
Measure To Avoid Cyber AttacksMeasure To Avoid Cyber Attacks
Measure To Avoid Cyber Attacks
 
IBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References GuideIBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References Guide
 
4192 sslvpn sb_0412
4192 sslvpn sb_04124192 sslvpn sb_0412
4192 sslvpn sb_0412
 
MBM Security Products Matrix
MBM Security Products MatrixMBM Security Products Matrix
MBM Security Products Matrix
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
 
Mitigate attacks with IBM BigFix and Q-Radar
Mitigate attacks with IBM BigFix and Q-RadarMitigate attacks with IBM BigFix and Q-Radar
Mitigate attacks with IBM BigFix and Q-Radar
 

Octree securapro mauleverer case study

  • 1. Octree SecuraPro case study Client: Generic Financial Management plc Sector: Financial services Need: To comply with the Financial Services Authority (FSA) guidelines regarding the protection of confidential client data held on IT systems. Reducing the risk of confidential data loss Regulatory and governance requirements from the FSA are an increasingly important driver in the need to protect sensitive client data. Companies are being required to disclose breaches that place Personal Identifiable Information (PII) at risk, be it from a customer, employee, shareholder, partner, or other stakeholder prospective. Generic Financial Management is a FSA compliance The outcome of the audit firm of chartered financial planners that has been advising clients on Generic Financial Management plc’s As a result of the audit, it was decided wealth matters for over 20 years from managing director Paul Thomas to implement SecuraPro to improve offices in Codicote. explains, “In April 2008, the FSA data security in a number of areas: issued its Data Security in Financial Like many companies operating in Services report which highlighted Full disk encryption for GFM’s laptops, the financial services sector GFM has some well-publicised client data losses which protects against unauthorised become totally reliant on the use of involving the loss or theft of laptops access to data in the event that one technology, from office-based servers and memory sticks, and the resultant or more is lost or stolen. and PCs, to laptops, CDs and USB fines imposed by the regulator. memory sticks. Web filtering to control employee “The FSA makes it clear that a access to inappropriate or non-work The company’s employees have firm’s senior management team is related websites and to protect PCs access to the internet and email is responsible for making an appropriate from web-based malware. widely used to communicate with assessment of the financial crime risks clients and suppliers. associated with its customer data. We Email filtering to protect PCs against therefore decided that a full security phishing email, spam, email-borne audit and review of our processes and viruses and malware. It also ensures systems was required.” that inappropriate or defamatory material is blocked. Assessing the risks Endpoint security on desktops and Octree undertook an audit of GFM’s server with antivirus, anti-malware systems and IT infrastructure. Tony and proactive threat protection (IPS). Richardson, Octree’s managing director, explains, “We have developed Patch and vulnerability remediation a sound methodology based around a to keep software up to date. detailed questionnaire that assesses the level of compliance with the FSA’s A managed firewall and VPN offering data security guidelines, and accepted secure remote access for mobile users. industry best practice. I am confident that with SecuraPro Octree also provides a wide range of installed our IT systems satisfy the “This tool can be used by companies managed IT services, including the FSA’s regulatory requirements in within the financial services sector routine monitoring of critical server a cost-effective manner that does to assess their level of compliance services, server storage and backups, not expose our clients to potential and quickly identify fundamental proactive support for the IT systems, cybercrime or identity theft. weaknesses in their IT security and remote desktop support. systems and procedures. We will be Paul Thomas, managing director, making the questionnaire available For further information, visit us on the Generic Financial Management plc via our website.” web at www.securapro.co.uk.
  • 2. About Octree Established in 1990, Octree is a specialised IT solutions company with a proven reputation in the deployment, securing and support of computer networking for small to medium-sized businesses. Octree offers complete computer network systems, from wired and wireless local area networks, complete communications solutions and data protection and management, through to proactive systems maintenance and managed business continuity services. We offer fully independent advice and we do not drown people in confusing technical language. All our computer network solutions are developed as ‘best fit’ propositions based on what we hear from our clients. We have developed cutting-edge knowledge and skills through vast experience and ongoing technical training, supported by our partnerships with companies like Microsoft®. Octree Limited, The Lloyds Building, Birds Hill, Letchworth, Herts SG6 1JE tel: 08456 171819 web: www.octree.co.uk Securapro is a registered trademark of Octree Limited