Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the...
-
Upload
adam-haynes -
Category
Documents
-
view
212 -
download
0
Transcript of Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the...
![Page 1: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/1.jpg)
ISC Information Security Educause Security 2007
Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-
commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by
permission of the author. To disseminate otherwise or to republish requires written permission from the author.
![Page 2: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/2.jpg)
ISC Information Security Educause Security 2007
Security ReportingUniversity of Pennsylvania
Joshua Beeman
![Page 3: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/3.jpg)
ISC Information Security Educause Security 2007
Overview
• Penn’s environment
• Version 1 (duct tape, chewing gum…)
• Version 2 (less gum, more tape…)
• Results
![Page 4: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/4.jpg)
ISC Information Security Educause Security 2007
Environment
• A private university in Philadelphia, PA founded in 1740
• 22,000 students/4,000 faculty/13,000 staff• 7500 students live on campus• 9000+ students, staff and faculty live in the
surrounding community• Health System has separate management
– IT division outsourced/15,000 users
![Page 5: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/5.jpg)
ISC Information Security Educause Security 2007
Environment
• Computing mostly decentralized over 40 cost centers
• Some services are managed or coordinated centrally by Information Systems and Computing (ISC)
• Administrative Systems
• Support & Security
• Networking & Telecommunications
![Page 6: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/6.jpg)
ISC Information Security Educause Security 2007
Environment
• Open network
• Decentralized computing
• Information security concerns continually growing
• Limited funding
Does this sound familiar to anyone?
![Page 7: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/7.jpg)
ISC Information Security Educause Security 2007
Environment
Why a Security Report?
• Awareness
• Identify larger trends
• Develop security “hawks”
• Improve customer service
![Page 8: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/8.jpg)
ISC Information Security Educause Security 2007
Report – v.1
Incident Tracking via Excel Spreadsheet:
• Date• IP address• Center name• Incident source• Incident type• Handler comments (optional)
![Page 9: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/9.jpg)
ISC Information Security Educause Security 2007
Report – v.1
Key Elements – Compromises:
• Total number of compromises
• Total number of IP addresses
• Ratio of Compromises/IP’s
• Ranking (based on ratio)
• Average (based on ratio)
![Page 10: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/10.jpg)
ISC Information Security Educause Security 2007
Report – v.1
Key Elements – Critical Hosts:
• Total number of Critical Hosts registered
• Total number of IP addresses
• Ratio of Critical Hosts/IP’s
• Ranking (based on ratio)
• Average (based on ratio)
![Page 11: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/11.jpg)
ISC Information Security Educause Security 2007
Report – v.1
Key Elements – Management Reports:
• Summary tables – Compromise ranking– Critical Host ranking
• Summary graphs– Incident source – Overall distribution
![Page 12: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/12.jpg)
ISC Information Security Educause Security 2007
![Page 13: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/13.jpg)
ISC Information Security Educause Security 2007
![Page 14: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/14.jpg)
ISC Information Security Educause Security 2007
![Page 15: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/15.jpg)
ISC Information Security Educause Security 2007
![Page 16: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/16.jpg)
ISC Information Security Educause Security 2007
![Page 17: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/17.jpg)
ISC Information Security Educause Security 2007
![Page 18: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/18.jpg)
ISC Information Security Educause Security 2007
![Page 19: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/19.jpg)
ISC Information Security Educause Security 2007
![Page 20: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/20.jpg)
ISC Information Security Educause Security 2007
Report – v.2
GRADI (web-based incident tracking system)
Captures previous fields plus…
• Case Status (Pending, closed, etc.)• MAC Address• Wallplate• Port List• User PennKey• …and more for certain case types
![Page 21: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/21.jpg)
ISC Information Security Educause Security 2007
Report – v.2
GRADI (continued)
In addition provides automated processes for:
• DNS & host contact lookup• Custom handling based on incident type• Emailing/routing• Searching, export, etc.
![Page 22: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/22.jpg)
ISC Information Security Educause Security 2007
Report – v.2
Previous Key Elements:
• Compromises
• Critical Hosts
• Critical Events
• Management reports
![Page 23: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/23.jpg)
ISC Information Security Educause Security 2007
Report – v.2
Plus New Elements:
• Wireless, Wired
• DMCA, non-DMCA
• Critical Vulnerabilities
• New management reports
• Comparative studies
![Page 24: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/24.jpg)
ISC Information Security Educause Security 2007
![Page 25: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/25.jpg)
ISC Information Security Educause Security 2007
![Page 26: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/26.jpg)
ISC Information Security Educause Security 2007
![Page 27: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/27.jpg)
ISC Information Security Educause Security 2007
Results
• Provided senior management with tools and data
• Increased information security awareness
• Identified larger trends, problem areas
• Improved Universities overall security posture
• Created security “hawks”
![Page 28: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/28.jpg)
ISC Information Security Educause Security 2007
![Page 29: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/29.jpg)
ISC Information Security Educause Security 2007
![Page 30: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/30.jpg)
ISC Information Security Educause Security 2007
![Page 31: Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.](https://reader031.fdocuments.in/reader031/viewer/2022032723/56649d135503460f949e76f1/html5/thumbnails/31.jpg)
ISC Information Security Educause Security 2007
Results
Remember that v.1 was based on:
• Individual Excel spreadsheets
• 5 data fields