Download presentation
Presentation is loading. Please wait.
1
Security Issues Steve Lovaas, ACNS IAC, 22 April 2008 Colorado State University1
2
2 The big issues this month… Encryption Utimaco SafeGuard Enterprise SQL Injection, database attacks WatchFire AppScan User behavior and culture Risk Analysis Background Checks SSN rescan and purge
3
Encryption: Utimaco SafeGuard Disk encryption product, protecting sensitive data loss on mobile computers Architecture in place, testing the deployment process Departments that participated in the January training are beginning to deploy Training for other departments coming soon Network share encryption – new module expected next month Colorado State University 3
4
Web Apps: WatchFire AppScan Web application vulnerability scanner SQL injections [just had one this month!] Cross-site scripting IIS/Apache/.NET vulnerabilities Complex tool, requires consultation for setup and interpretation of results Have scanned a number of departments, contact ACNS if you’re interested Colorado State University 4
5
Behavior/Culture: Risk Analysis Have a draft tool, reviewing with Internal Auditing Goals for the first iteration Responsibilities Behavior Controls Test first round this summer Colorado State University 5
6
Behavior/Culture: Background Checks Last year, IAC strengthened sub-committee’s recommendation: check ALL employees w/ access to sensitive data New committee working on University-wide policy Seeking clarification on policy overlap More details in April… Colorado State University 6
7
Behavior/Culture: SSN scanning Most colleges/departments are done Removed a substantial number of SSNs (mostly from servers that didn’t get scanned last time around) Huge amount of extra, unexpected work Both necessary and greatly appreciated A few larger departments are still finishing up with removal/remediation Remaining SSNs require an exception request, and will need to be encrypted Colorado State University 7
8
Please contact me Dealing with security is my job – both planning to prevent issues and responding to issues after the fact… Feel free! Steven.Lovaas@ColoState.edu 6 th Floor, USC Building 297-3707 Colorado State University 8
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.