Safe Computing :
What Is Being Done To Protect Us?

[Draft]

What are IT Organizations like AITS, CITES, and CIO doing?

Protection of Computers and Networks from remote attacks, viruses and other malware.

• CIO provides local administration of the College of Education networks and computers.
  • Machines set up and managed by CIO are patched and configured to auto-update properly.
  • Provide anti-virus installation as well as configuration of auto-updates for College users including personal machines brought to campus.  (Visit room 25 or call TLC at 244-6053.)
  • Respond to incidents (e.g., virus infection) to help people get back to work. This is often in articulation with CITES.
  • Implemented network device registration solution requiring users to register their computers before using the Education Building wired network in order a) to educate people when they first try to connect about the need and where to go to make sure their computer is properly patched and configured before they connect, and b) to be able to associate network users with network devices to help us respond to incidents in a more timely manner.
• The CIO's Office has worked with CITES to site-license several software solutions to provide users and those who support them (such as CIO) with tools to improve security:
  • McAfee's Anti-Virus Software for Windows (VirusScan), Mac (Virex), including enterprise software for remote management (ePolicyOrchestrator).
  • Anti-Virus (and anti-SPAM) solutions on various CITES email services.
  • Anti-Malware Software
• CITES provides some specific services to help keep machines updated:
  • A help desk at DCL where you can get your machine patched and configured for automatic updates.
  • CDs and online archives of latest tools for disinfecting or patching machines.
  • Microsoft System Update Service (SUS) / Workstation Update Service (WUS).  This service provides a local point of distribution of patches from Microsoft.  WUS provides both OS and Office updates.
  • WUS/ePO Bundle:  CITES is working on a service which delivers to strategically identified units servers with WUS and ePO pre-configured and ready for setup, allowing local staff to provide remote patch and configuration management for both operating system and anti-virus software.
  • CITES Active Directory (AD) service provides a feature known as Group Policy Objects (GPO) which allows units using the AD to manage certain configuration elements such as firewall and auto-update settings.
• CITES also provides network protection services:
  • CITES' Firewall service provides several protections including baseline protection against known attacks from off-campus and from the residence halls.
  • CITES' also monitors the network for evidence of security breaches that may affect the network or others on it and blocks them until local staff can respond and address.

Protection of Credentials

• Password Vault (CIO's Office w/ CITES)
• Directory Services, Kerberos/bluestem, certificate authority proxy, and AD (consolidation of passwords)
  • CITES Provides
  • CIO Adopted
• Password Change Pages (CITES)
• Disallowed unencrypted authentication for email services, Exchange and Express (CITES)

Protection of Data.

• File Services
  • Access from other computer
  • Servers & Server Environment
  • SAN
  • Shadow Copy
  • Backups
• Access Privileges
  • Use of AD and DB groups
  • Strategy of assigning only groups to resources instead greatly simplifies management.
  • Group Manager
  • Classification of and Authorization to Data in Databases
  • Web Applications Security