Hello! MEET YOUR PRESENTERS Erin Farrelly Tracy Kingsley - - PowerPoint PPT Presentation

Erin Farrelly Tracy Kingsley

Hello!

MEET YOUR PRESENTERS

Supervisor, Tier Two Support Manager, IT Services

2

Today’s Session

WHAT WE’LL COVER

ITIL - People, Process, Technology

1

First Line of Defense

2

What is Incident Management?

3

Cyber Attacks

4

3

ITIL – People, Technology and Process

ITIL is a set of detailed practices for IT service management (ITSM) M) that focuses on aligning IT services with the needs of business.

4

Traditional IT vs ITSM Process

Trad aditional tional I/T becomes mes ITSM Process ss Technology focus



Process focus "Fire-fighting"



Preventative Reactive



Proactive Users



Customers Centralized, done in-house



Distributed, sourced Isolated, silos



Integrated, enterprise-wide "One off", adhoc



Repeatable, accountable Informal processes



Formal best practices IT internal perspective



Business perspective Operational specific



Service orientation

5

Tiered Support

Tier 1

Applicant Support

Tier 2

Partner Support and Tier 1 Escalation

Tier 3

Escalation

6

First Line of Defense

7

AppDynamics

8

Ghost Inspector Alert

9

10

Pagerduty

Digital Operations Management Platform

• Gain full-stack visibility into service health
• Automate on-call management

How?

• By centralizing and triggering advanced workflows for

data from any source, the platform arms OCAS teams with insights to orchestrate the ideal real-time, business-wide response every time.

11

12

Incident Management Process

1 Reported

• Create ticket
• Triage and prioritize

incident

Analyzed

• Analyze ticket
• Find Solution

Resolved

• Implement solution
• Close incident

2 3

13

Discover Investigate Scope Communicate

Remember to D.I.S.C.O.!

Report and log incident. Assess incident using ITIL criteria. Confirm existence

• f issue.

Determine

• impact. (What?

Who? How many?) Alert internal stakeholders of Sev 1 incident.

Organize

Assume Response Lead role. Assemble response team and set up War Room.

14

15

What do we Already do?

• Intrusion detection and monitoring at our hosting facility and our network.
• Spam filter on our email servers and MS ATP (Advance Threat Protection) which is a feature

in O365.

• Require staff to have complex passwords that have letters, numbers and symbols so they

are harder for cyber criminals to steal. Also require changes to passwords every 90 days.

• Anti-virus, malware programs are installed on all PC.
• Keep up-to-date on software patches for OS as well as business software.
• Block access to websites flagged as malicious.
• Block emails flagged as malicious.
• Two-part authentication from external sources – VPN clients when working from home.

16

Real Mail vs. Spam

17

What can you do?

• Keeping a clean machine—checking with your IT Services team to know what is allowed to

be installed on your work devices and what you are plugging into your USB ports.

• Avoiding suspicious links— avoid sketchy downloads. If a link looks odd, even if it comes

from a familiar source, DO not to click on it.

• Using strong passwords—Stolen credentials are a common way for criminals to gain access

to your network. Don’t use the same password for work and personal accounts.

• Saving important information on the network — so that it can be backed up and restored.

Don’t store the only copy of that important document on your local computer!

• If you are working from home, do not allow your children or other family members to use

your work computer.

• Don’t keep any sensitive materials on your local computer. i.e. credit card numbers,

employee information, reports containing applicant information, excel files which contain student information.

• Don’t write passwords down on pieces of paper- EVER. Don’t share them with anyone.

18

Phishing Trip

19