IT Security at IU - PowerPoint PPT Presentation

1 / 28

About This Presentation

Title:

IT Security at IU

Description:

Office of the Vice President for Information Technology. IT Security at IU ... Cracker - a hacker who uses skills for nefarious purposes ... – PowerPoint PPT presentation

Number of Views:24

Avg rating:3.0/5.0

Slides: 29

Provided by: tomd9

Category:

more less

Transcript and Presenter's Notes

Title: IT Security at IU

1
IT Security at IU
Tom Davis, CISSP University IT Security
Officer Office of the Vice President for
Information Technology
2
Agenda

ITSO Overview
IT Security Objectives
Terminology
Vulnerabilities
Threats
Why Do Crackers Crack?

3
Agenda (continued)

Who Cracks?
Why Attack Universities?
IU Concerns
ITSO Services
Technician Action Items

4
ITSO Overview
Michael McRobbie VP/CIO
Mark Bruhn IT Policy Officer/ Contracts
Agreements Officer
Admin Asst
Tom Davis IT Security Officer
Merri Beth Lavagnino Deputy IT Policy Officer
Stacie Wiegand Data Administrator Info Mgt Officer
Marge Abels Disaster Recovery Program Manager
4 Security Engineers 2 Security Analysts
Cross-Unit Recovery Planning Team
Information Technology Security Office
Global Directory Services Team
Incident Response Coordinator
Computer Accounts Manager
3 Data Analysts
Technical Investigators
6 Accounts Administrators
5
IT Security Objectives

Availability
Ensure that IT resources are available when
needed
Integrity
Ensure that data is reliable and correct
Confidentiality
Ensure that only those authorized have access

6
Terminology

Vulnerability - weakness that can be exploited
Threat - potential danger
Risk - probability that a threat will exploit a
vulnerability
Hacker - an individual who possesses expert
technical skills
Cracker - a hacker who uses skills for nefarious
purposes
Probe - the act of looking for a vulnerability

7
Vulnerabilities

Information Technology
software errors (aka bugs, often security
related)
configuration errors
Human
social engineering
system administration
not correcting (patching) software bugs
not installing anti-virus software and updating
virus patterns

8
Threats

Probes
probing tools are readily available to detect
vulnerable systems
every network connected device is subject to
probing
probes can and do lead to system compromise
System compromise
information release
data loss
network monitoring (aka "sniffing")
ancillary effects (DoS, liability, lawsuits)

9
Threats (continued)

Virus infections
commonly transmitted via e-mail and IRC
information release
data loss
Hardware theft
asset
information

10
Why Do Crackers Crack?

Unauthorized access to data
Collect passwords, keystrokes
Launch attacks on other internal or external
systems
Additional storage (bootleg movies or other
illegal materials)
Defacement (embarrassment or political reasons)

11
Why Do Crackers Crack? (continued)

Challenge and/or thrill
Monetary gain
Competitive advantage
Terrorism
Intelligence

12
Who Cracks?

Crackers
very skilled
develop and package scripts to probe and
compromise vulnerable systems
Script kiddies
juvenile, unskilled
use packaged scripts developed by others
thrill seekers

13
Why Attack Universities?

Large number of networked devices
High-speed, high-capacity networks
Diverse hardware and software packages deployed
New technologies deployed before matured
Varied physical system locations
Varied system administration practices

14
IU Concerns

Data disclosure (FERPA, HIPAA)
FERPA Federal Educations Rights and Privacy Act
HIPAA Health Insurance Portability and
Accountability Act
Number of networked devices (approximately 55,000
u-wide)
Un-patched systems (detected by probes)

15
IU Concerns (continued)

Virus infections
network performance
system damage (data loss)
lost productivity
Legal
if our machines are used to attack and/or damage
other machines

16
IU Concerns (continued)

Trustee Resolution May 04, 2001
to develop and implement policies necessary to
minimize the possibility of unauthorized access
to IUs IT infrastructure
to assume leadership, responsibility, and
control of responses to unauthorized access to
IUs IT infrastructure, unauthorized disclosure
of electronic information and computer security
breaches regardless of the IU office involved

17
IU Concerns (continued)

Policy IT-12 (draft)
Security of University IT Resources
http//www.itpo.iu.edu/IT12.html

18
ITSO Services

Provide IT security awareness and education
Provide IT security guidelines and standards
Provide security consulting and review
Maintain production services
Investigate and document IT security incidents

19
Services - Security Awareness and Education

General education and/or presentations on common
security issues
http//www.itso.iu.edu/hottopics/presentations/
Comprehensive resource for information on
security alerts, bulletins, and patches
http//www.itso.iu.edu/
https//www.itso.iu.edu/services/alerts/

20
Services - Security Guidelines and Standards

Function dedicated to developing and maintaining
consistent security standards.
Comprehensive resource for security information,
resources, etc.
http//www.itso.iu.edu/howto/
Resource for security related software
https//www.itso.iu.edu/services/
http//iuware.iu.edu/

21
Services - Security Consulting and Review

Assistance in reviewing specific situations and
analyzing exposures.
Technical architecture diagram required
Data flow diagram beneficial

22
Services - Production Services

Security scanning in support of system
administrators and audit activities
https//www.itso.iu.edu/scanner/
Central Kerberos authentication servers
Central SafeWord token authentication servers

23
Services - IT Security Incidents

Assistance in coordinating appropriate technical
investigation of security breaches
Assistance in packaging technical security
information for IU governance agencies, IU legal
counsel, law enforcement, prosecutors, university
administration, etc.
Common and consistent incident response

24
Technician Action Items