Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security The University of Texas at Dallas Education – Partnership – Solutions ISC Meeting April 10, 2015 Information Security

Published byLydia Neal Modified over 9 years ago

Similar presentations

Presentation on theme: "Information Security The University of Texas at Dallas Education – Partnership – Solutions ISC Meeting April 10, 2015 Information Security"— Presentation transcript:

1 Information Security The University of Texas at Dallas Education – Partnership – Solutions ISC Meeting April 10, 2015 Information Security infosecurity@utdallas.edu

2 Information Security The University of Texas at Dallas Education – Partnership – Solutions Information Resources Update Presented by Information Resources Management

3 Information Security The University of Texas at Dallas Education – Partnership – Solutions CISO Update Presented by Nate Howe

4 Initiatives Firewall architecture review and reduction of “global allow” Identity Finder – disabled monthly scanning WordPress administrative pages SANS Securing the Human videos Information Security Office Education – Partnership – Solutions Information Security The University of Texas at Dallas Education – Partnership – Solutions

5 Information Security The University of Texas at Dallas Education – Partnership – Solutions 6 month collaborative drafting process, including more than 75 reviewers Replaces all “policy” documents formerly published by ISO Outlines expectations for secure use of University data and computing resources http://policy.utdallas.edu/utdbp3096 New Information Security and Acceptable Use Policy

6 Information Security The University of Texas at Dallas Education – Partnership – Solutions Convenient reference table covering applicability to personal and University data, on personal or University equipment Updated language for data classification: confidential, controlled, and public data References standards, rather than incorporating technical details into policy All portions of the policy are subject to exemptions Policy Highlights

7 Information Security The University of Texas at Dallas Education – Partnership – Solutions Will detail specific configuration requirements for key technologies in use across campus The first set of standards will cover: – Desktops and laptops – Mobile computing devices – Servers – Web applications We will be seeking input from technical specialists on campus Coming Soon: Standards

8 Information Security The University of Texas at Dallas Education – Partnership – Solutions 2-Factor Authentication Presented by Nate Howe & Brian McElroy

9 Problem to be Solved Direct deposit routing number changed Passwords can be obtained if recovery questions are predictable based on social media research Phishing victims provide username and password by email or fraudulent website Information Security Office Education – Partnership – Solutions Information Security The University of Texas at Dallas Education – Partnership – Solutions

10 Information Security Office Education – Partnership – Solutions Information Security The University of Texas at Dallas Education – Partnership – Solutions

11 Information Security Office Education – Partnership – Solutions Information Security The University of Texas at Dallas Education – Partnership – Solutions

12 Information Security The University of Texas at Dallas Education – Partnership – Solutions What is 2-Factor Authentication? 3 Categories of authentication elements: Something you know Something you have Something you are

13 Information Security The University of Texas at Dallas Education – Partnership – Solutions What is 2-Factor Authentication? 3 Categories of authentication elements: Something you know (username, password, PIN, questions and answers) Something you have (ATM card, SecureID keychain, mobile phone) Something you are (fingerprint, retina, voice)

14 Information Security The University of Texas at Dallas Education – Partnership – Solutions What is 2-Factor Authentication? Video of Duo: https://www.youtube.com/watch?v=tPLxe9HUDjY

15 Information Security The University of Texas at Dallas Education – Partnership – Solutions What is 2-Factor Authentication? Traditional authentication only uses elements from the first category, such as username and password Reduced risk when using more elements from the first category, referred to as “multifactor authentication” Further risk reduction when using elements from two categories Authentication model should match the risk; ATMs use two factors because most people like cash

16 Information Security The University of Texas at Dallas Education – Partnership – Solutions Scope 2-Factor is the right thing to do for our high risk connections UT System memo defines August 31, 2015 target for: High-value PeopleSoft transactions, in particular direct deposit VPN remote access Remote administrative tasks [via external SSH]

17 April May June July August September -Initial committee meetings -Product decision Awareness campaign Letter to UT System 9/1 Moat & Mote for Admins - SSH Cisco VPN March Budget Proposal PeopleSoft Direct Deposit Change Draft Timeline

18 Information Security The University of Texas at Dallas Education – Partnership – Solutions Cloud Storage Update Presented by Brian McElroy

19 Information Security The University of Texas at Dallas Education – Partnership – Solutions Cloud Storage Update We have reviewed and approved several storage providers for various use cases We endorse box.com for the most allowed purposes This month we are launching utdallas.edu/cometspace Table indicating allowed use cases Frequently Asked Questions Link to our box.com instance

20 Information Security The University of Texas at Dallas Education – Partnership – Solutions Box.com The service is live – https://utdallas.app.box.comhttps://utdallas.app.box.com Login using your NetID and password 100GB storage quota Departmental shared folders are available 500+ early adopters are already using the service Very few questions, even with our FAQs not available yet

21 Information Security The University of Texas at Dallas Education – Partnership – Solutions Questions & Discussion Information Security infosecurity@utdallas.edu

Download ppt "Information Security The University of Texas at Dallas Education – Partnership – Solutions ISC Meeting April 10, 2015 Information Security"

Similar presentations

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Networking Academy Advanced Technology Update June 19, 2008.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Networking Academy Advanced Technology Update June 19, 2008.
Page 1 Organize for Success IST Organization Design January, 2013 MALCOLM BERNSTEIN CONSULTING.

Page 1 Organize for Success IST Organization Design January, 2013 MALCOLM BERNSTEIN CONSULTING.
Information Security The University of Texas at Dallas Education – Partnership – Solutions ISC Meeting December 5 th, 2014 Information Security

Information Security The University of Texas at Dallas Education – Partnership – Solutions ISC Meeting December 5 th, 2014 Information Security
Impact of the Recent UC Denver Remote Computing Audit May, 2010.

Impact of the Recent UC Denver Remote Computing Audit May, 2010.
Extending ForeFront beyond the limit www.AGATSolutions.com TMGUAG ISAIAG AG Security Suite.

Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.

Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.
Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.

Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
1 Introduction to OBIEE: Learning to Access, Navigate, and Find Data in the SWIFT Data Warehouse Lesson 2: Logging in and out of OBIEE This course, Introduction.

1 Introduction to OBIEE: Learning to Access, Navigate, and Find Data in the SWIFT Data Warehouse Lesson 2: Logging in and out of OBIEE This course, Introduction.
TRIRIGA Anywhere 10.4 Beta Registration Steps

TRIRIGA Anywhere 10.4 Beta Registration Steps
Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:

Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:
Mobility Methods for document access while away from the office.

Mobility Methods for document access while away from the office.
The Office of Information Technology Two-Factor Authentication.

The Office of Information Technology Two-Factor Authentication.
Penn State University College Of Education Understanding College of Education Resources.

Penn State University College Of Education Understanding College of Education Resources.
Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.

Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
15 Maintaining a Web Site Section 15.1 Identify Webmastering tasks Identify Web server maintenance techniques Describe the importance of backups Section.

15 Maintaining a Web Site Section 15.1 Identify Webmastering tasks Identify Web server maintenance techniques Describe the importance of backups Section.

Similar presentations

Ads by Google