Educause/Internet 2 Computer and Network Security Task Force

Slides:



Advertisements
Similar presentations
DSpace: the MIT Libraries Institutional Repository MacKenzie Smith, MIT EDUCAUSE 2003, November 5 th Copyright MacKenzie Smith, This work is the.
Advertisements

Making Sense out of the Information Security and Privacy Alphabet Soup in terms of Data Access A pragmatic, collaborative approach to promulgating campus-wide.
Disaster Recovery Planning Because It’s Time! Copyright Columbia University and Bentley College, This work is the intellectual property of the author.
Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, This work is the intellectual property rights of the author.
Challenges and Incidents in Higher Ed. About->Presenter Zach Jansen Information Security Officer, Calvin College.
Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC) Mark S. Bruhn, Interim Director University Copyright.
Educause Security 2007ISC Information Security Copyright Joshua Beeman, This work is the intellectual property of the author. Permission is granted.
"Cyberspace Education: Challenges and Opportunities" Presented by: Bob Diveley Manager of Administrative Systems Columbus State University Copyright Bob.
Copyright Statement © Jason Rhode and Carol Scheidenhelm This work is the intellectual property of the authors. Permission is granted for this material.
Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.
Chatham College Community and Computers Pervasive Computing at a Liberal Arts College Charlotte E. Lott, Ph. D. Lynda Barner West, Ed. D. Copyright Charlotte.
1 IT Security-related Legislation Judy Borreson Caruso CUMREC 2004 May 18, 2004 Copyright Judy Borreson Caruso, This work is the intellectual property.
FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.
Information Technology Career Ladder Clayton College & State University Larry Booth, IT Department Head Copyright Larry Booth,
EDUCAUSE Systems Security Task Force - April 11, 2001 Educause Task Force on System Security Gordon Wishon Georgia Institute of Technology Networking 2001.
Risk Assessment 101 Kelley Bradder VP and CIO Simpson College.
Security Issues on Campus: Government Initiatives Rodney J. Petersen University of Maryland Educause/Internet2 Security Task Force Copyright Rodney J.
1 Institutions as Allies in the Security Challenge Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush, James Madison.
CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
Information Security Governance in Higher Education Policy2004 The EDUCAUSE Policy Conference Gordon Wishon EDUCAUSE/Internet 2 Security Task Force This.
Information Assurance and Higher Education Clifton Poole National Defense University Carl Landwehr National Science Foundation Tiffany Olson Jones Symantec.
CAMP Med Mapping HIPAA to the Middleware Layer Sandra Senti Biological Sciences Division University of Chicago C opyright Sandra Senti,
1 Fighting Back With An Alliance For Secure Computing And Networking Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush,
© 2003, EDUCAUSE/Internet2 Computer and Network Security Task Force Computer Access, Privacy and Security: Legal Obligations and Liabilities Rodney J.
Accessibility, Integrity, & Confidentiality: Security Challenges for E-Business Rodney J. Petersen University of Maryland & Educause/Internet2 Security.
Sharing MU's SharePoint Experience 2005 Midwest Regional Conference Innovative Use of Technology: Getting IT Done Wednesday, March 23, 2005.
Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.
Lynette Olson, Assessment & Effectiveness Director & Gary Langer, Associate Vice Chancellor, Office of the Chancellor, Minnesota State Colleges and Universities.
Sharing Information and Controlling Content: Continuing Challenges for Higher Education Susanna Frederick Fischer Assistant Professor Columbus School of.
Ten Thing IT Staff Need to Know About Education Records Privacy Ten Things IT Staff Need to Know About Education Records Privacy Jeff von Munkwitz-Smith.
Copyright Michael White and Sandra Thompson, This work is the intellectual property of the author. Permission is granted for this material to be.
Higher Education and the New International Imperative David Ward President American Council on Education Global Challenges and Higher Education Duke University.
BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
November 6, 2003 Leveraging Resources and Building Partnerships for Critical Infrastructure Protection John B. Noftsinger, Jr., Associate Vice President.
Rhode Island Network for Educational Technology, Inc Update Sharon Hussey Executive Director Copyright Sharon L. Hussey, This work is the intellectual.
Security Interchange Paul Howell Information Systems Security Officer MAIS / Technical Infrastructure Operations June 2002.
Internet2 Health Sciences Security Jere Retzer, OHSU March 7, 2001.
Stanford Computer Security and You . Higher Education  Higher education environment is open, sharing, exploratory, experimental  Many information assets.
Research and Education Networking Information Sharing and Analysis Center REN-ISAC John Hicks TransPAC2/Indiana University
Safeguarding Research Data Policy and Implementation Challenges Miguel Soldi February 24, 2006 THE UNIVERSITY OF TEXAS SYSTEM.
EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess January 21, 2004.
George Mason University Assessing Technology Support: Using Portfolios to Set Goals and Measure Progress Anne Agee, Star Muir, Walt Sevon Information Technology.
Tough Times and Hard Decisions – Thinking Strategically About IT The CIO – What Lies Ahead? Gordon Wishon, CIO, University of Notre Dame 2003 SAC Executive.
Integration is Critical for Success Curriculum Course Delivery Ongoing Support Instructor & Learner.
A Cat-Herding Tale Forging a Single Course Management System for a Decentralized Institution Copyright Abdul Shibli, 2004.This work is the intellectual.
IT Security Challenges In Higher Education Steve Schuster Cornell University Copyright Steve Schuster This work is the intellectual property of.
What’s Happening at Internet2 Renee Woodten Frost Associate Director Middleware and Security 8 March 2005.
Information Security Services. Overview  Administrative Systems Security  Legislative Requirements  SUNet Security  Individual Security Awareness.
EDUCAUSE/Internet2 Computer & Network Security Task Force Update Dan Updegrove VP for IT, University of Texas at Austin Task Force Co-chair Tempe,
Quickly Establishing A Workable IT Security Program EDUCAUSE Mid-Atlantic Regional Conference January 10-12, 2006 Copyright Robert E. Neale This.
NMI-EDIT and Rice University Federated Identity Management: Managing Access to Resources in Texas Barry Ribbeck Director System Architecture and Infrastructure.
The Duluth Area CIO’s Consortium Collaborating with Regional IT Organizations Copyright Linda Deneen and Lynne Hamre, This work is the intellectual.
REN-ISAC Research and Education Networking Information Sharing and Analysis Center Doug Pearson REN-ISAC Director Internet2 Security WG BoF October 14,
Systemic Progress in Teaching and Learning Common Elements that Support Campus-Wide Innovation Copyright Andrea Nixon, A. Michael Berman, Christine Haile,
Information Security, Theory and Practice.
A Path to the Community Cloud Making Above Campuses Services a Reality
Julian Hooker Assistant Managing Director Educause Southwest
Networking 2002 USA-Patriot Act Tracy Mitrano Cornell University
Soft Selling Tough Issues
Adapting Enterprise Security to a University Environment
Ed Barboni, Senior Advisor, Council of Independent Colleges
Higher Education Privacy Update
Blaine A. Brownell, President,
Project for OnLine Instructional Support (POLIS)
myIS.neu.edu – presentation screen shots accompany:
An App A Day Copyright Tina Oestreich and Brian Yuhnke This work is the intellectual property of the author. Permission is granted for this material.
EDUCAUSE Networking 2002 Washington, D.C. April 17, 2002
Corporate Forum Presented by
Presentation transcript:

Educause/Internet 2 Computer and Network Security Task Force Copyright Gordon D. Wishon, 2002. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author. Educause/Internet 2 Computer and Network Security Task Force

Higher Ed Computer and Network Security -- The View from the Campus Gordon Wishon University of Notre Dame www.educause.edu/security Educause/Internet 2 Computer and Network Security Task Force

The Challenges of Security in Higher Education Diversity of the Higher Ed Industry Complexity of Service Offerings Drives Complexity of Architectures Cultural Challenges Educause/Internet 2 Computer and Network Security Task Force

Diversity of the Higher Ed Industry 3500+ Colleges and Universities > 1000 Community colleges < 100 major research universities 125+ University Medical Schools 400 Teaching Hospitals 150+ Institutional members of Internet2 Educause/Internet 2 Computer and Network Security Task Force

Complex Service Offerings The University is an Educational and Research Entity The University is a Corporation The University is an ISP Educause/Internet 2 Computer and Network Security Task Force

Educause/Internet 2 Computer and Network Security Task Force Cultural Challenges Loose confederation of autonomous entities Lack of control over users Academic “culture” and tradition of open access to information Complex trust relationships between departments at various Universities for research (e.g. Physics community) Creative Network Anarchy – anyone can attach anything to the network University research lab computers are often insecure and poorly managed Dorm Networking: little adult supervision Educause/Internet 2 Computer and Network Security Task Force

Why US Higher Ed Computer Networks are Attractive Targets Excellent platforms for launching attacks Wired dorms (insecure Linux PCs, PC Trojans) High bandwidth Internet (Fract T3, T3, T3+) Sophisticated computing capacity (scientific computing clusters, even web servers, etc.) Unsophisticated user population “Open” network security environment (no firewalls or only “light” filtering routers on many high bandwidth WANs and LANs) Many college & university networks are insecure Too few security experts; weak tools; most institutions have no InfoSec office. Few policies regarding systems security Dearth of funding Educause/Internet 2 Computer and Network Security Task Force

Targets of Opportunity on US Higher Education Computer Networks Sensitive Data Credit Card #s, ACH (NACHA) bank #s Patient Records (SSN) Student Records (SSN) Institution Financial Records Investment Records Donor Records Research Data & Other Intellectual Property Educause/Internet 2 Computer and Network Security Task Force

Increasing Visibility of Security Issues in Higher Ed Increasing concerns about liability: E-Commerce site recover damages from institutions implicated in future DDoS attacks? Insurance companies begin to rewrite liability policies, separate ‘cyber’ policies to require info security vulnerability assessments & changes? Federal funding agencies to require firewalls, security? HIPAA is a “forcing function” in academic Medical Centers, Campus Health Centers FERPA, COPPA, DMCA, Privacy legislation Threats from terrorist activities, protection of the national infrastructure Recent Incidents: Massive Virus Attacks, Intrusions Leading to Potential for Identity Theft, Liability Educause/Internet 2 Computer and Network Security Task Force

Educause/Internet 2 Computer and Network Security Task Force Five Point Action Statement Endorsed by Higher Ed leadership organizations (ACE, NASULGC, etc.) Evaluating Higher Ed Information Sharing and Analysis Center (ISAC) NSF Grant Commissioning of Papers, Reports, Case Studies Meetings of Security Experts, Policy Experts, and User Community Summit on Computer and Network Security in Higher Education Participating in development of National Strategy to Secure Cyberspace Chapter Devoted to Higher Education Higher Ed Response to “Questions” (http://www.educause.edu/netatedu/groups/security/security-survey.html) Educause/Internet 2 Computer and Network Security Task Force

Educause/Internet 2 Computer and Network Security Task Force Higher Ed ISAC Real time information sharing mechanism Security consulting Vulnerability assessment Emergency notification Internet 911 services for academia? Educause/Internet 2 Computer and Network Security Task Force

Educause/Internet 2 Computer and Network Security Task Force Action Statement Make IT security a higher and more visible priority in higher education Do a better job with existing security tools, including revision of institutional policies Design, develop, and deploy improved security for future research and education networks Raise the level of security collaboration among higher education, industry, and government Integrate higher education work on security into the broader national effort to strengthen critical infrastructure Educause/Internet 2 Computer and Network Security Task Force

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.