IT-Security Office · PDF fileProgram History & Responsibilities ... Once the ITSO has...
28
IT-Security Office
-
Upload
nguyenmien -
Category
Documents
-
view
215 -
download
3
Transcript of IT-Security Office · PDF fileProgram History & Responsibilities ... Once the ITSO has...
IT-Security Office
Outline
Program History & Responsibilities
Notice Types and how to handle Compromise Network Issues Policy/legal Other (education resources)
IT-Security Office
Presenter
Presentation Notes
An NSC is a departmental Network Security Contact
Program inception, 1998
IT-Security Office
Presenter
Presentation Notes
Deans, Directors, Departmental Executive Officers asked the Depart. Executive Officers to appoint 2 contacts per department – to improve better inter-dept. communication.
2 ‘default’ contacts - a primary and a secondary
Act as communication liaison (network outages, security)
An org/department may choose to “roll up” contacts to the next organizational level e.g. UIHC/HealthCare Information Systems or the College of Engineering
IT-Security Office
Permanent university staff employed at least 50% time in the department (or unit)
Regular employment validation to keep database up to date – annual health checks
IT-Security Office
Registration Information
Department Number(s)
Department Name
Buildings with staff or equipment
http://itsecurity.uiowa.edu/incident/nsc-form.shtml
IT-Security Office
Presenter
Presentation Notes
You can use one form for multiple buildings no need to fill out one form per building list.
Registered systems in USR Attempts will be made to contact owners
directly.
IT-Security Office
IT-Security Office
Presenter
Presentation Notes
To access the application go to http://itsecurity.uiowa.edu/usr – if you have no systems registered this will be what the first screen will look like. You can only register systems with Static IP addresses – these can be requested through Hostmaster. More information and FAQs can be found off the url above.
IT-Security Office
IT-Security Office
Presenter
Presentation Notes
Add the MAC, IP etc… Once you add them they will be automatically listed below the Network Information fields Add a your FQDN to associate that with the IP if you have one. You can request network scans for your systems from here by clicking Scan IP… In the contact info fields your name is automatically assigned to the system you are registering. You are encouraged to add a secondary contact in the event you are unreachable. Add Group Access Search for a group by Common Name, then, from the search results, click on a link to the right to add the desired access level for that group.�Wild cards (*) and other LDAP search features may be used.�
Various Email Lists
uiowa-security
Training opportunities or Vendor notices
Current threats or incident information
Discussion
NSC-ALL
General notices and Directives
Network issues or Training opportunities
IT-Security Office
NSC-[building code] – Buildings your department housed in = lists you’re subscribed to
Incident reports if system is not registered through USR
IT-ADMINS
Occasionally send notices, though list audience is more general.
Collaboration, discussion on technical issues.
IT-Security Office
How to contact every person in your department or unit, if necessary
Where each person works (building)
Who supports the equipment in your department
IT-Security Office
University IT Policies
http://cio.uiowa.edu/policy
Acceptable Use Network Citizenship Your department’s policies
IT-Security Office
Regulatory Compliance Issues, be familiar with as and where needed:
FERPA
HIPAA
GLBAPCI-DSS
FISMA
And all of the appropriate security controls that apply to the type of data your department handles.
IT-Security Office
Situations you will receive notices Policy Violation Compromises - any confidential data on
machine? Repair or Reformat? Misuse/AUP violations E-mail harassment, Threats, etc Copyright infringement, Software piracy
IT-Security Office
If ITSO/Networking discovers a problem:Notice to you or “NSC-Building” from ITSO
includes: What & where is the problem Actions taken, or need to be taken (i.e., port
shut off)
IT-Security Office
Presenter
Presentation Notes
After hours issues – who to contact – HD 5-5550.
IT-Security Office
IT-Security Office
NSC Resolution: Contacting ITSO
Requesting a security scan of computer (if not disabled)
Resolve the issue, or forward to responsible party
IT-Security Office
Presenter
Presentation Notes
Scan request via USR or Network Scan request form
If ‘YOU’ - the NSC discovers problem:
Follow the escalation procedures, foremost contact the ITSO as soon as possible
Any need for/request from external Law Enforcement: You MUST consult the Office of the General Council or the ITSO before providing information
IT-Security Office
Presenter
Presentation Notes
Escalation procedures: 1. report the attack to the University IT Security Officer/Office we will advise you on what action to take next 2. Once the ITSO has informed you on what action to take - block or prevent escalation of the attack, if possible 3. repair the resulting damage 4. restore service to its former level, if possible 5. preserve evidence, where appropriate
DISCIPLINARY ACTION Human Resources, et al determine
if/when/what discipline is appropriate May be expected to review university or
departmental policy with individualsFIXING PROBLEMS Expected to notify appropriate staffs of
problems, not necessarily to fix them
IT-Security Office
Presenter
Presentation Notes
Investigate issue. Meet with Student/Employee. Resolve the Issue Resources Students – Student Services and ResHall Discipline procedures http://housing.uiowa.edu/res-hall-guidebook/discipline.htm Staff - http://www.uiowa.edu/hr/relations/hrrep/discipline.html
Various E-Mail List Notices
http://itsecurity.uiowa.edu/incidents/
http://cio.uiowa.edu/policy/
http://itsecurity.uiowa.edu/usr/
Miscellaneous resources and best practiceshttp://itsecurity.uiowa.edu/resources/
IT-Security Office
Presenter
Presentation Notes
Be sure to review your links – the Security Office website has changed and some of the URL locations have changed. Visit http://itsecurity.uiowa.edu/ or contact [email protected] for assistance.
