1 / 5

Ferst Center Incident Incident Identification – Border Intrusion Detection System

Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident Analysis – Patron Credit Card Information Disclosed Incident Communications Management – Publicize

oma
Download Presentation

Ferst Center Incident Incident Identification – Border Intrusion Detection System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident Analysis – Patron Credit Card Information Disclosed Incident Communications Management – Publicize Service Restoration – Change Business Practices Incident Impact – Significant Image, Regulatory and Financial Issues Remedial Actions – Campus-Level Policy, Process and Architectural Reviews

  2. “Federal and state laws relating to privacy and information • technology security have become increasingly complex in • nature, and the practical effect of these laws on colleges • and universities is just beginning to unfold.” • A Legal Perspective • Prepared for the EDUCAUSE/Internet2 Computer and Network Security Task Force 2003

  3. Family Educational Rights and Privacy Act (FERPA) 97 “FERPA generally imposes a cloak of confidentiality around student educational records, prohibiting institutions from disclosing “personally identifiable education information,” Health Insurance Portability and Accountability Act (HIPAA) 5 “HIPAA generally requires covered entities to (i) adopt written privacy procedures that describe, among other things, who has access to protected information, how such information will be used, and when the information may be disclosed; (ii) require their business associates to protect the privacy of health information; (iii) train their employees in their privacy policies and procedures; (iv) take steps to protect against unauthorized disclosure of personal health records; and (v) designate an individual to be responsible for ensuring the procedures are followed.” Gramm-Leach-Bliley Act (GLBA) 106 “The GLBA includes requirements to take steps to ensure the security of personally identifying information of financial institution customers, such as names, addresses, account and credit information, and Social Security numbers.” Cardholder Information Security Program (CISP)12 VISA compliance 220 sensitive data servers scattered across 39 Academic, Research and Administrative units -what steps should be taken to mitigate this risk-

  4. - FW - VPN - IDS - IDS - FW - VPN - IDS - FW - VPN - IDS Router Router Router Router • - Education- Policy • Host-based • Security • -Secured • Services • - Education- Policy • Host-based • Security • -Secured • Services • - Education- Policy • Host-based • Security • -Secured • Services • - Education- Policy • Host-based • Security • -Secured • Services Layered Security Approach for Securing GT’s IT Infrastructure Non-Technical Measures Education, Awareness & Training - Students - Faculty - Staff - CSR/CSS • Risk Management • Unit-level self assessment • Business process review for all sensitive servers • System acquisition reviews/ system connection • Operations monitoring IDS and firewalls 24x7 • Internal Audit & OIT IS joint review of audit findings • Centralized vulnerability assessment • Policy Development • Finish unit-level policies • Sensitive/unit server (create) • Wireless (create) • Data access (revise) • Data retention (create) • Backup and recovery (create) Technical Measures I1 I2 Campus border filters Router Router Campus Vulnerability Scanning IDS border Architectural Reviews Buzzcard System Building Access Controls Environmental Controls Digital Signage Other Sensitive Systems Education Domain Student Domain Admin Domain Private Services ResNet/EastNet As required Unit Level Measures FW = Firewall IDS = Intrusion Detection System VPN = Virtual Private Network

  5. Layered Security Issues Building CSR/CSS skill sets – commitment of training $ Tool Repositories – for Solaris, Linux &Windows Supported OS builds (Solaris/Linux/Windows) System administration guidance – in addition to GT’s Sans guides Current patch lists (Solaris/Linux/Windows) – can we maintain this? patch management Decision support guidelines – before you purchase or accept donation Spam – costing us in system processing and human time Intrusion Prevention (opt in?) – we know who to block – how can we Architectural options/decisions – separate admin/academic networks, firewall ResNet from other campus domains Campus information security advisory committee External information security advisory board

More Related