1 / 24

MEASURE I CITIZEN’S OVERSIGHT COMMITTEE MEETING

MEASURE I CITIZEN’S OVERSIGHT COMMITTEE MEETING. Technology Projects July 1, 2015 – December 31, 2015. Technology and Instructional Equipment Modernization. Technology and Instructional Equipment Modernization. Technology Advisory Committee (TAC) Recommended: 127 projects

major
Download Presentation

MEASURE I CITIZEN’S OVERSIGHT COMMITTEE MEETING

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. MEASURE ICITIZEN’S OVERSIGHT COMMITTEEMEETING Technology Projects July 1, 2015 – December 31, 2015

  2. Technology and Instructional Equipment Modernization

  3. Technology and Instructional Equipment Modernization Technology Advisory Committee (TAC) Recommended: • 127 projects • One hundred classroom computers ($117K) • Podium upgrades ($31K) • Wireless upgrade ($40K) • One hundred thirty computers/printers/scanners for faculty/staff offices ($137K) • Seven digital signage systems ($12K) • Tree inventory system ($10K) • Latex wide-format printer ($23K)

  4. HP Latex 360 Printer

  5. Six Student Success Factors

  6. VOICE OVER INTERNET PROTOCAL (VOIP) TELEPHONE SYSTEM

  7. VOIP Telephone Project - Completed IP 485G phone 30 purchased IP 655 phone 8 purchased

  8. Security

  9. Why is Data Security Important? • To prevent data breaches • To protect Personal Identifiable Information (PII) • To maintain continuous operations • To avoid expenses associated with compromises • Maricopa County College District in Arizona computer hack tops $26M • Breach in 2011 never addressed lead to 2013 hacking incident

  10. AHC Data Security Measures Physical Security and Environmental Controls • Solid HVAC system • Redundant electrical system • Controlled access • Clean room • Redundant servers • Secured cabinets

  11. AHC Data Security Measures Cyber Security Controls • Redundant firewalls • Partitioned network • 802.1X port-based authentication • Business grade antivirus • Remote centers on secure connections • Business grade antivirus • Encrypted passwords • SPAM filters

  12. AHC Data Security Measures IT Services Practices • Servers patched once a month • Regular data backups • Minimize 3rd party database access • 3rd party contracts reviewed for data security provisions • Computer surplus service includes disk wipe • Network and servers monitored

  13. AHC Data Security Measures User Security Controls • Updated Board Policy 3720 Computer and Network Use • Password policy enforced • Separate system authorizations - Principle of least privilege (translates to giving people the lowest level of user rights that they can have and still do their jobs)

  14. AHC Data Security Measures Education in addition to tools • Malware and strategies to mitigate their affect • Adware • Ransomware • Trojans • Spyware • Phishing

  15. CCC information Security CenterThe CCC Information Security Center is funded by a grant from the California Community Colleges Chancellor's Office

  16. Why the State Funds the CCC Security Center • 75% of California Community Colleges have no dedicated IT Security Staff. • 60% have no Security Awareness Programs. • 60% of Colleges ranked their Information security program as just starting out.

  17. CCC Technology Center Vulnerability Scans of Web facing servers • Identify misconfigurations • Validate firewall rules • Identify out of date and vulnerable software.

  18. CCC Technology Center – Awareness Training Firewalls Logging Staff IDS SSL Antivirus Authentication

  19. CCC Technology Center Future Plans • Policy Reviews • Inside Vulnerability Scan • Architecture Review • Risk Analysis • Phishing Assessment

  20. Cuesta College Data Breach • Human Resources analyst out on medical leave • Remotely accessed private information (addresses, phone numbers and SSNs) and emailed to private account without authorization • Discovered two weeks later • Raided home and found drugs • Lacy Fowler arrested June 17, 2015

  21. AHC Response to Cuesta Data Breach • Updated VPN/Remote User Agreement • Reviewed list of all employees, contractors, and agents with remote access • Removed access for all except those with current business needs • Required a signed agreement to maintain access • Employee account disabled when: • An employee separates • ITS director notified by cabinet member for special circumstances

  22. Disaster Recovery Plan – Securing the data • All critical data is backed up • Disk to disk copies are made daily from the Santa Maria (SM) data center to the LVC server room. • Disk to tape backup is still used for a few of the older servers. • A full backup to tape is made twice a year with the tapes transported to LVC for offsite storage.

  23. Disaster Recovery Plan - Recovery • Rent or ‘borrow’ infrastructure • Cuesta College or Santa Barbara City College • Amazon Web Services (AWS) • Microsoft Azure • Rackspace • Recover services needed for business continuity

  24. Thank you

More Related