Presentation is loading. Please wait.

Presentation is loading. Please wait.

Educause/Internet 2 Computer and Network Security Task Force

Published byDwayne Blankenship Modified over 6 years ago

Similar presentations

Presentation on theme: "Educause/Internet 2 Computer and Network Security Task Force"— Presentation transcript:

1 Educause/Internet 2 Computer and Network Security Task Force
Copyright Gordon D. Wishon, This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author. Educause/Internet 2 Computer and Network Security Task Force

2 Higher Ed Computer and Network Security -- The View from the Campus
Gordon Wishon University of Notre Dame Educause/Internet 2 Computer and Network Security Task Force

3 The Challenges of Security in Higher Education
Diversity of the Higher Ed Industry Complexity of Service Offerings Drives Complexity of Architectures Cultural Challenges Educause/Internet 2 Computer and Network Security Task Force

4 Diversity of the Higher Ed Industry
3500+ Colleges and Universities > 1000 Community colleges < 100 major research universities 125+ University Medical Schools 400 Teaching Hospitals 150+ Institutional members of Internet2 Educause/Internet 2 Computer and Network Security Task Force

5 Complex Service Offerings
The University is an Educational and Research Entity The University is a Corporation The University is an ISP Educause/Internet 2 Computer and Network Security Task Force

6 Educause/Internet 2 Computer and Network Security Task Force
Cultural Challenges Loose confederation of autonomous entities Lack of control over users Academic “culture” and tradition of open access to information Complex trust relationships between departments at various Universities for research (e.g. Physics community) Creative Network Anarchy – anyone can attach anything to the network University research lab computers are often insecure and poorly managed Dorm Networking: little adult supervision Educause/Internet 2 Computer and Network Security Task Force

7 Why US Higher Ed Computer Networks are Attractive Targets
Excellent platforms for launching attacks Wired dorms (insecure Linux PCs, PC Trojans) High bandwidth Internet (Fract T3, T3, T3+) Sophisticated computing capacity (scientific computing clusters, even web servers, etc.) Unsophisticated user population “Open” network security environment (no firewalls or only “light” filtering routers on many high bandwidth WANs and LANs) Many college & university networks are insecure Too few security experts; weak tools; most institutions have no InfoSec office. Few policies regarding systems security Dearth of funding Educause/Internet 2 Computer and Network Security Task Force

8 Targets of Opportunity on US Higher Education Computer Networks
Sensitive Data Credit Card #s, ACH (NACHA) bank #s Patient Records (SSN) Student Records (SSN) Institution Financial Records Investment Records Donor Records Research Data & Other Intellectual Property Educause/Internet 2 Computer and Network Security Task Force

9 Increasing Visibility of Security Issues in Higher Ed
Increasing concerns about liability: E-Commerce site recover damages from institutions implicated in future DDoS attacks? Insurance companies begin to rewrite liability policies, separate ‘cyber’ policies to require info security vulnerability assessments & changes? Federal funding agencies to require firewalls, security? HIPAA is a “forcing function” in academic Medical Centers, Campus Health Centers FERPA, COPPA, DMCA, Privacy legislation Threats from terrorist activities, protection of the national infrastructure Recent Incidents: Massive Virus Attacks, Intrusions Leading to Potential for Identity Theft, Liability Educause/Internet 2 Computer and Network Security Task Force

10 Educause/Internet 2 Computer and Network Security Task Force
Five Point Action Statement Endorsed by Higher Ed leadership organizations (ACE, NASULGC, etc.) Evaluating Higher Ed Information Sharing and Analysis Center (ISAC) NSF Grant Commissioning of Papers, Reports, Case Studies Meetings of Security Experts, Policy Experts, and User Community Summit on Computer and Network Security in Higher Education Participating in development of National Strategy to Secure Cyberspace Chapter Devoted to Higher Education Higher Ed Response to “Questions” ( Educause/Internet 2 Computer and Network Security Task Force

11 Educause/Internet 2 Computer and Network Security Task Force
Higher Ed ISAC Real time information sharing mechanism Security consulting Vulnerability assessment Emergency notification Internet 911 services for academia? Educause/Internet 2 Computer and Network Security Task Force

12 Educause/Internet 2 Computer and Network Security Task Force
Action Statement Make IT security a higher and more visible priority in higher education Do a better job with existing security tools, including revision of institutional policies Design, develop, and deploy improved security for future research and education networks Raise the level of security collaboration among higher education, industry, and government Integrate higher education work on security into the broader national effort to strengthen critical infrastructure Educause/Internet 2 Computer and Network Security Task Force

Download ppt "Educause/Internet 2 Computer and Network Security Task Force"

Similar presentations

DSpace: the MIT Libraries Institutional Repository MacKenzie Smith, MIT EDUCAUSE 2003, November 5 th Copyright MacKenzie Smith, 2003. This work is the.

DSpace: the MIT Libraries Institutional Repository MacKenzie Smith, MIT EDUCAUSE 2003, November 5 th Copyright MacKenzie Smith, This work is the.
Making Sense out of the Information Security and Privacy Alphabet Soup in terms of Data Access A pragmatic, collaborative approach to promulgating campus-wide.

Making Sense out of the Information Security and Privacy Alphabet Soup in terms of Data Access A pragmatic, collaborative approach to promulgating campus-wide.
Disaster Recovery Planning Because It’s Time! Copyright Columbia University and Bentley College, 2003. This work is the intellectual property of the author.

Disaster Recovery Planning Because It’s Time! Copyright Columbia University and Bentley College, This work is the intellectual property of the author.
Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, 2007. This work is the intellectual property rights of the author.

Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, This work is the intellectual property rights of the author.
Challenges and Incidents in Higher Ed. About->Presenter Zach Jansen Information Security Officer, Calvin College.

Challenges and Incidents in Higher Ed. About->Presenter Zach Jansen Information Security Officer, Calvin College.
Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC) Mark S. Bruhn, Interim Director University Copyright.

Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC) Mark S. Bruhn, Interim Director University Copyright.
Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.

Educause Security 2007ISC Information Security Copyright Joshua Beeman, This work is the intellectual property of the author. Permission is granted.
Cyberspace Education: Challenges and Opportunities Presented by: Bob Diveley Manager of Administrative Systems Columbus State University Copyright Bob.

"Cyberspace Education: Challenges and Opportunities" Presented by: Bob Diveley Manager of Administrative Systems Columbus State University Copyright Bob.
Copyright Statement © Jason Rhode and Carol Scheidenhelm. 2006. This work is the intellectual property of the authors. Permission is granted for this material.

Copyright Statement © Jason Rhode and Carol Scheidenhelm This work is the intellectual property of the authors. Permission is granted for this material.
Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.

Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.
Chatham College Community and Computers Pervasive Computing at a Liberal Arts College Charlotte E. Lott, Ph. D. Lynda Barner West, Ed. D. Copyright Charlotte.

Chatham College Community and Computers Pervasive Computing at a Liberal Arts College Charlotte E. Lott, Ph. D. Lynda Barner West, Ed. D. Copyright Charlotte.
1 IT Security-related Legislation Judy Borreson Caruso CUMREC 2004 May 18, 2004 Copyright Judy Borreson Caruso, 2004. This work is the intellectual property.

1 IT Security-related Legislation Judy Borreson Caruso CUMREC 2004 May 18, 2004 Copyright Judy Borreson Caruso, This work is the intellectual property.
FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.

FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.
Information Technology Career Ladder Clayton College & State University Larry Booth, IT Department Head Copyright Larry Booth,

Information Technology Career Ladder Clayton College & State University Larry Booth, IT Department Head Copyright Larry Booth,
EDUCAUSE Systems Security Task Force - April 11, 2001 Educause Task Force on System Security Gordon Wishon Georgia Institute of Technology Networking 2001.

EDUCAUSE Systems Security Task Force - April 11, 2001 Educause Task Force on System Security Gordon Wishon Georgia Institute of Technology Networking 2001.
Risk Assessment 101 Kelley Bradder VP and CIO Simpson College.

Risk Assessment 101 Kelley Bradder VP and CIO Simpson College.
Security Issues on Campus: Government Initiatives Rodney J. Petersen University of Maryland Educause/Internet2 Security Task Force Copyright Rodney J.

Security Issues on Campus: Government Initiatives Rodney J. Petersen University of Maryland Educause/Internet2 Security Task Force Copyright Rodney J.
1 Institutions as Allies in the Security Challenge Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush, James Madison.

1 Institutions as Allies in the Security Challenge Wayne Donald, Virginia Tech Cathy Hubbs, George Mason University Darlene Quackenbush, James Madison.
CAMP - June 4-6, 2003 1 Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin 2003. This work is the intellectual property of the authors.

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
Information Security Governance in Higher Education Policy2004 The EDUCAUSE Policy Conference Gordon Wishon EDUCAUSE/Internet 2 Security Task Force This.

Information Security Governance in Higher Education Policy2004 The EDUCAUSE Policy Conference Gordon Wishon EDUCAUSE/Internet 2 Security Task Force This.

Similar presentations

Ads by Google