1 / 10

Trends and Issues in IT Security

Trends and Issues in IT Security. A Scan of what’s happening on our campuses With attention to: Trends Primary issues and challenges Any opportunities for information sharing or common solutions? Common Solutions Group, May 13, 1999 Philip Long, Yale University. This Morning.

linda-cochran
Download Presentation

Trends and Issues in IT Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Trends and Issues in IT Security A Scan of what’s happening on our campuses With attention to: Trends Primary issues and challenges Any opportunities for information sharing or common solutions? Common Solutions Group, May 13, 1999 Philip Long, Yale University

  2. This Morning • Bob Mahoney, MIT • Sandra Senti, Stanford • Barbara Fraser, CMU/CERT

  3. Yale Trends Same Slope for other trends • Number of incidents • Actual damage • Campus alarm

  4. Practice • Using Internet Security Scanner (ISS) • But our policy prohibited full use without seeking the permission of owners • An increasing number of reported incidents • Any law enforcement activity is incredibly time consuming

  5. Most Frequent Security Problems • Viruses • CIH damaged approximately 60 student machines • Password sniffing after standard crack • Still have lots of hubs in departments with grad student sysadmins

  6. Presentations

  7. End of Session Summary • Rapid rise in incidents • Based on easy-to-use cracker tools • And parallel to Internet growth • Rapid rise in effort • New staff and • Permeating connections throughout existing organizations • Tend to report only well documented incidents to law enforcement • Clear interest in proactive work • Publicity, documentation on prevention • Scanning automatically or on demand • Policy issues?

  8. Most Frequent Problems • Linux • Sniffed Passwords • “The occasional ‘Interesting Thing’” • Firewalls? • Configuring • Getting around

  9. Funny Things are Important • Administrative ease of use of password management turns out to be critical to good password hygiene

  10. Possible Common Solutions • Information/tool sharing • standard Kerberos support for common platforms • Kerberized or SSH tunneled FTP • Policy Sharing • auto-update, e.g., for Linux • Can those of us who have security pages link to them from the CSG Web site?

More Related