1 / 18

Security Roles and Responsibilities

Security Roles and Responsibilities. Harvard Townsend Interim University IT Security Officer harv@k-state.edu 532-2985 College Court 114. E-Mail sent to IT help desk:

torn
Download Presentation

Security Roles and Responsibilities

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Roles and Responsibilities Harvard Townsend Interim University IT Security Officer harv@k-state.edu 532-2985 College Court 114 Dept Security Contacts Training

  2. E-Mail sent to IT help desk: “I have spent an unprecedented ammount of money attending K-State. Some of this money went to maintaing my e-mail. It is my account. I pay for it. I should get to make the decisions on when to change my password. This is a communist policy. I no longer support you in anything you do. If I want to let someone hack my account by leaving my password the same, so be it. That is the beauty of living in America, CHOICE. You have stolen my rights. I could not be more furious. This has gone too far. You people have violated my rights again and again. I won't stand for it!!! I want to have control of my own account. This is not nazi germany, this is not communist china. Dept Security Contacts Training

  3. I am a grown adult capable of making my own decisions. Take your mandatory password change and cram it directly up your communist a….!!! This America, LAND OF THE FREE AND HOME OF THE BRAVE!!! I should be free to make my owninformed decisions on when and how to manage my own account and I'm d… sure brave enough to tell you how obsurd your mandates are!!! Give the students the responcibility to make our own decisions that effect ONLY US!!! You should have no say in what I do, or what I choose not to do. College is the time to learn how to live effectivly. Who do you think you are? My mom? Are you gonna be there to hold my hand when things go wrong for me in the future? Give me a f….. break!!! Remove these policies, at least for me and anyone else who requests it. It's my account and I will manage it however I see fit.” Dept Security Contacts Training

  4. Who is responsible for IT security? “Security is not just the CIO’s problem; it is everyone’s problem. And everyone is responsible for the solution.” Diane Oblinger Brian Hawkins Dept Security Contacts Training

  5. E-Mail sent to IT help desk: “I have spent an unprecedented ammount of money attending K-State. Some of this money went to maintaing my e-mail. It is my account. I pay for it. I should get to make the decisions on when to change my password. This is a communist policy. I no longer support you in anything you do. If I want to let someone hack my account by leaving my password the same, so be it. That is the beauty of living in America, CHOICE. You have stolen my rights. I could not be more furious. This has gone too far. You people have violated my rights again and again. I won't stand for it!!! I want to have control of my own account. This is not nazi germany, this is not communist china. Dept Security Contacts Training

  6. I am a grown adult capable of making my own decisions. Take your mandatory password change and cram it directly up your communist a….!!! This America, LAND OF THE FREE AND HOME OF THE BRAVE!!! I should be free to make my owninformed decisions on when and how to manage my own account and I'm d… sure brave enough to tell you how obsurd your mandates are!!! Give the students the responcibility to make our own decisions that effect ONLY US!!! You should have no say in what I do, or what I choose not to do. College is the time to learn how to live effectivly. Who do you think you are? My mom? Are you gonna be there to hold my hand when things go wrong for me in the future? Give me a f….. break!!! Remove these policies, at least for me and anyone else who requests it. It's my account and I will manage it however I see fit.” Dept Security Contacts Training

  7. I am a grown adult capable of making my own decisions. Take your mandatory password change and cram it directly up your communist a….!!! This America, LAND OF THE FREE AND HOME OF THE BRAVE!!! I should be free to make my own informed decisions on when and how to manage my own account and I'm d… sure brave enough to tell you how obsurd your mandates are!!! Give the students the responcibility to make our own decisions that effect ONLY US!!! You should have no say in what I do, or what I choose not to do. College is the time to learn how to live effectivly. Who do you think you are? My mom? Are you gonna be there to hold my hand when things go wrong for me in the future? Give me a f….. break!!! Remove these policies, at least for me and anyone else who requests it. It's my account and I will manage it however I see fit.” Dept Security Contacts Training

  8. Cyber Security Awareness Month • Oct. 4 – departmental security contact training • IT Tuesday articles • Promoting the IT security awareness student video competition • “Ask a security geek” table in the Union Oct. 11/18 Dept Security Contacts Training

  9. IT Security Responsibilities • CIO • IT Security Officer • Network Security analyst • SIRT • Departmental security contact • IT support staff • iTAC • Users Dept Security Contacts Training

  10. IT Security Responsibilities • CIO • IT Security Officer • Network Security analyst • SIRT • Departmental security contact • IT support staff • iTAC • IRMC • Users Dept Security Contacts Training

  11. SIRT Responsibilities • Proactive, reactive, and advisory roles • Incident response • Coordinate/communicate with college/unit • Request restoration of network access for blocked computers • Develop policies, procedures, standards,etc. • Assist with training, awareness • And… Dept Security Contacts Training

  12. IT Security Responsibilities • CIO • IT Security Officer • Network Security analyst • SIRT • Departmental security contact • IT support staff • iTAC • IRMC • Users Dept Security Contacts Training

  13. Departmental Security Contacts • Liaison between department and SIRT • Facilitating: • Communication, user awareness • Preventative measures • Incident response • Watch block notifications, help remediate • Stay informed • Know your SIRT representative Dept Security Contacts Training

  14. IT Security Responsibilities • CIO • IT Security Officer • Network Security analyst • SIRT • Departmental security contact • IT support staff • iTAC • IRMC • Users Dept Security Contacts Training

  15. IT Support Staff • Departmental and central IT • Manage technologies • Support users • Implement preventative measures • Implement policies • Assist with incident response Dept Security Contacts Training

  16. iTAC • IT Help Desk • IT Tuesday newsletter • Campus communications • Training Dept Security Contacts Training

  17. IRMC • Information Resource Management Council • Recommend policy • Process available at www.k-state.edu/vpast/itpolicies • VPAST can designate interim policies Dept Security Contacts Training

  18. Users • Protect information • Personal information • University information • Protect eID password • Protect personal computer • Use good security practices – www.k-state.edu/infotech/security/basics.html • Know and follow policies and laws – www.k-state.edu/vpast/itpolicies Dept Security Contacts Training

More Related