Global ISO 27001 Certification
Executive Sponsor: Tony Spinelli, Chief Security Officer, Equifax
Project Team: Scott Barronton, Paul Farley and Laura Louthan
Location: Atlanta, GA
In 2012, Equifax certified its Information Security Management System against ISO/IEC27001:2005 in all Equifax owned properties and Business Units worldwide. This certification provides clarity, assurance, and clear achievement of security best practices that customers, regulators, and business partners rely upon when evaluating the breadth and depth of our security practices.
Security Infrastructure Consolidation
Executive Sponsor: Michael Rodriguez, Director of IT, FedEx Services
Project Team: Bill Mertel, Javelin Momon, Ross Reed, Adam Forch, Jason Mock, Whit Janes, Mark Ketcham, Tammy Smith and Kevin Gautreaux
Location: Collierville, TN
By consolidating security infrastructure solutions with a single strategic partner, the Information Security Protection and Assurance (ISPA) organization achieved a means of managing FedEx’s enterprise-class security while limiting strain on the existing IT resources and budget. In the face of vendor solution fragmentation, increasing maintenance costs and rising annual spend to combat emerging security threats and compliance requirements, implementation of the McAfee network security and data protection technology consolidated much of the security infrastructure, provided year-over-year cost savings on maintenance and expense and allowed for expansion of key components necessary to secure the fast-paced FedEx environment.
KSU Identity and Access Management Initiative
Executive Sponsor: Lectra Lawhorne, Executive Director of Information Technology Services, Kennesaw State University
Project Team: McCree Lake and Stephen Gay
Location: Kennesaw, GA
An implementation of IBM Security Identity Manager and other systems that creates and manages a centralized repository with key data elements about every person in the organization merged together from multiple sources that in turn fully automates the management and creation of accounts and services on multiple systems in the enterprise. The project substantially automated existing business processes which were previously not easily enforceable through workflows managed by defined and business-drivenworkflows. Additionally, the system creates a single sign-on environment across the entire enterprise by synchronizing passwords and users across all systems and enforcing password standards for regulatory compliance.
Network Segmentation and InfoSec Vault project
Executive Sponsor: Mark Gelhardt, CISO, TravelClick
Project Team: Adam Hall, David Marshal, Scott Adams, Noel Agilar, Derek Felska, Eric Tian, Paolo Adajar and Talal Ahmed
Location: Atlanta, GA
TravelClick Completely reconfigured its network topology to incorporate a new Information Security Vault area. This project looked at the configuration of the TravelClick network and how to change that network to be ready for the future global risks and specifically how to protect the valuable data that TravelClick maintained (i.e., Intellectual Property, Credit Card, etc.). A separate network segment was set up (Information Security Vault) with increase security within the vault by encrypting and tokenizing specific data to make that data even more secure. All of this was done without any disruption to our clients and our business.
Network Segmentation and InfoSec Vault project
Executive Sponsor: Mark Gelhardt, CISO, TravelClick
Project Team: Adam Hall, David Marshal, Scott Adams, Noel Agilar, Derek Felska, Eric Tian, Paolo Adajar and Talal Ahmed
Location: Atlanta, GA
TravelClick Completely reconfigured its network topology to incorporate a new Information Security Vault area. This project looked at the configuration of the TravelClick network and how to change that network to be ready for the future global risks and specifically how to protect the valuable data that TravelClick maintained (i.e., Intellectual Property, Credit Card, etc.). A separate network segment was set up (Information Security Vault) with increase security within the vault by encrypting and tokenizing specific data to make that data even more secure. All of this was done without any disruption to our clients and our business.