ISOs Road to Disclosure - PowerPoint PPT Presentation

1 / 24

About This Presentation

Title:

ISOs Road to Disclosure

Description:

7. Recap: May 05 Oct 05. Completed. 431 - Deploy Anti-spyware software via MyAndrew ... DELIVERY: Windows Update Quarantine ... – PowerPoint PPT presentation

Number of Views:41

Avg rating:3.0/5.0

Slides: 25

Provided by: marylpre

Category:

more less

Transcript and Presenter's Notes

Title: ISOs Road to Disclosure

1
ISOs Road to Disclosure

Lets do it all!

2
ISOs Road to Disclosure

Do we have the resources?
Do others???

3
ISOs Road to Disclosure

4
The Do it All Plan

5
The Do Some Plan

6
Concerns

FTE meaning
Estimate confidence
Unplanned events
Matching need with availability
Who else is counting on us?

7
Recap May 05 Oct 05

Completed
431 - Deploy Anti-spyware software via MyAndrew
435c - Intrusion Detection System (Phase 1
Continuing into Phase 2)
Deferred
432 - Bandwidth Service Groups
433 - Cluster Firewalls
437 - NetReg CompServ subgroups

8
Recap May 05 Oct 05

Carry Over into Fall 2005
430 - ISO Web redesign
434 - Data Security Policy Update
436 - Initial Andrew Account Passwords
438 - Password Policy
439 - Policy update monitoring
440 - Policy update for research data (network
traffic)

9
Recap May 05 Oct 05

Hired Policy Coordinator
Hired Training Awareness Coordinator
Hired Director of Info Sec
Campus security survey
ISO Team Retreat (3 year plan coming)

10
ToDo Internal Nov 05 Apr 06

Create Incident Response Plan
Guideline/Policy Gap Analysis
Guideline Development
network data research
account data retention
IKON eCopy
TA Curriculum Plan
College/Dept GLB assessment
IT security assessment plan

11
ToDo Internal Nov 05 Apr 06

Staff Training Certifications
Document Internal Procedures
Convene Security Advisory Committee
Data Mining Strategies/Netnotify Analysis
IDS Outsourcing Analysis
Signed email for ISO

12
ToDo External Nov 05 Apr 06

DELIVERY Windows Update Quarantine
DELIVERY Computing Services Elimination of
Clear Text Login of Andrew credentials
DELIVERY Desupporting Kerberos 4
DELIVERY DNS Black-hole for Malware

13
ToDo External Nov 05 Apr 06

DELIVERY Environment Scanning
DELIVERY Automated Welcome Messages for New
Email Accounts
DISCOVERY Calea Compliance
DELIVERY Hire Security Engineer

14
Windows Update Quarantine

Provide suspended machines access to all patches.
Options to be investigated
Direct access to Windows Update via a proxy
server
Access to a Windows Software Update Server
Risks support burden, client issues
.7 FTE 10,000

15
Elimination of Clear Text Login

The elimination/mitigation of clear text Andrew
login/password for Computing Services
applications.
Telnet, FTP, NiftyTelnet, IMAP, SMTP, GQL
Risks non-negotiable dependencies, VPN service
.65 FTE

16
Desupporting Kerberos 4

Decommission Kerb 4 and perhaps replace what has
been reported as the only application depending
on Kerb4, zephyr
Cryptographically weak, DES based, vulnerable to
ticket fabrication
Risks user acceptance, degradation in
communication
.07FTE

17
DNS Black-hole for Malware

Limit the spread of malware by blocking sites
associated with the spread or control of malware.
Risks false positives, workarounds, user
experience, lack of timely updates
.5 FTE 8,000

18
Environment Scanning

Build a system/methodology that attempts to
passively identify operating systems, databases
and applications on campus on a host-by-host
basis.
Risks accuracy, time consuming, privacy
concerns, insufficient coverage
.5 FTE 9,000

19
Automated Welcome Messages for New Email Accounts

Seed new inboxes with relevant security-related
(and other) information designed for each user
type, recognizing that the first message in the
inbox may receive special intention and have
lasting impact.
.1 FTE

20
CALEA Compliance