Presentation is loading. Please wait.

Presentation is loading. Please wait.

Gaspar Modelo-Howard NEEScomm Cybersecurity Software Engineer Saurabh Bagchi NEEScomm Cybersecurity Officer.

Published byElmer Cox Modified over 8 years ago

Similar presentations

Presentation on theme: "Gaspar Modelo-Howard NEEScomm Cybersecurity Software Engineer Saurabh Bagchi NEEScomm Cybersecurity Officer."— Presentation transcript:

1 Gaspar Modelo-Howard NEEScomm Cybersecurity Software Engineer Saurabh Bagchi NEEScomm Cybersecurity Officer

2  Scanning of Remote Sites  Incident Response Procedure  Best Security Practices  Remote Authentication Service  NEEScomm Security Operational Duties GOAL  Ensure that NEEScomm can operate and maintain its IT resources to serve the NEES community

3  Objective: To check the security of the IT resources at the sites  Guiding principles: ◦ Be proactive ◦ Minimize impact to the sites’ activities  Will be done once per year ◦ Remote (non-intrusive) scans from “inside” the network ◦ Limited to site IT assets from inventory ◦ Time schedule determined between SIM and CSO

4  Candidate scanners to be used: Nessus, Nikto, web app scanners  Critical vulnerabilities will be immediately identified and reported to SIM with mitigation hints  Each discovered vulnerability will follow an incident report procedure  Results of the scan will be documented in a comprehensive archival report

5  If it pertains to operation of NEES IT resources, at earliest possible opportunity  Form available from http://nees.org (not working yet)  Telephone line set up 1-877-644-1381 ◦ Report the incident via a voice message ◦ Greeting message will prompt for required information and will trigger a ticket which will notify NEEScomm IT support ◦ NEEScomm IT will contact the person reporting the cybersecurity incident to gather standard information, primarily IP and description of incident ◦ Information will be recorded in the current ticketing system and will be tagged as a cybersecurity incident

6  A team for resolving the incident will be developed by the CSO in consultation with the SIM  Criticality level of the incident will be determined: critical, important, moderate, low  Site IT resource may be taken offline to prevent spread of the security incident  Record will be kept of the incident progression through the ticketing system  Incidents of a grave nature will need to be reported to NSF, as per agreement with NSF

7  Modification of previous remote authentication service (gridauth.cgi) by Karan Bhatia ◦ Objective was to make as few changes (to users) as possible  Accessible thru https://neesws.neeshub.org:9443  Complete URL: https://neesws.neeshub.org:9443/GRIDAUTH /gridauth.cgi?username=uuuuuuu&password =ppppppp

8  User account administration  NEEScomm servers audit ◦ Source code  File integrity checker  Intrusion detection system

9 1. Encourage difficult to guess, easy to remember passwords, especially administrators accounts 2. Keep your systems up-to-date with patches and updated software versions 3. Monitor system logs periodically 4. Have backup and disaster recovery processes 5. Create educational sessions for users – we can help 6. Screen lock on unattended user terminals 7. Decide from which IP addresses you will allow users to connect to your critical IT assets  Sites’ feedback is appreciated

10 Contact: Gaspar Modelo-Howard 765-494-5515 / gmodeloh@purdue.edu Saurabh Bagchi, PhD 765-494-3362 / sbagchi@purdue.edu

11

12 gama.neeshub.org www.neeshub.org Existing Accts.: 222 Migrated: 1258 NOT migrated: 367 Migrated: 1258 neesforge.neeshub.org Migrated: 159 NOT migrated: 138 ml.neeshub.org Migrated: zero NOT migrated: 1788 Migrated: 159 Migrated: zero Total Number of Accounts: 1639

13  Unix47%  Windows44%  Others9%

14

Download ppt "Gaspar Modelo-Howard NEEScomm Cybersecurity Software Engineer Saurabh Bagchi NEEScomm Cybersecurity Officer."

Similar presentations

Identification and Disposition of Official University Records University of Texas at Arlington Records Management.

Identification and Disposition of Official University Records University of Texas at Arlington Records Management.
Secure Systems Research Group - FAU Process Standards (and Process Improvement)

Secure Systems Research Group - FAU Process Standards (and Process Improvement)
Security Controls – What Works

Security Controls – What Works
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
SLAC Vulnerability Scanning Cyber Security Working Group - LBL December 5, 2005 Teresa Downey - SLAC.

SLAC Vulnerability Scanning Cyber Security Working Group - LBL December 5, 2005 Teresa Downey - SLAC.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Introduction <Header Title> Last saved: YYYY-MM-DD

Introduction <Header Title> Last saved: YYYY-MM-DD
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
COEN 252: Computer Forensics Router Investigation.

COEN 252: Computer Forensics Router Investigation.
CyberSecurity for NEEShub: Best-Practices and Lessons Learned Gaspar Modelo-Howard CyberSecurity Engineer George E. Brown, Jr. Network for Earthquake Engineering.

CyberSecurity for NEEShub: Best-Practices and Lessons Learned Gaspar Modelo-Howard CyberSecurity Engineer George E. Brown, Jr. Network for Earthquake Engineering.
Incident Response Updated 03/20/2015

Incident Response Updated 03/20/2015
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
 Review the security rule as it pertains to ›Physical Safeguards ♦ How to protect the ePHI in the work environment ♦ Implementation ideas for your office.

 Review the security rule as it pertains to ›Physical Safeguards ♦ How to protect the ePHI in the work environment ♦ Implementation ideas for your office.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
HIPAA COMPLIANCE WITH DELL

HIPAA COMPLIANCE WITH DELL

Similar presentations

Ads by Google