EDUCAUSE | Contributed by Organizations or Campuses; Articles, Papers, and Reports; and Security Planning

How Ready Are IT Managers for a Crisis?

ckeller — Tue, 30 Oct 2007 10:57:21 -0500

The annual Campus Computing Survey focuses on IT security and crisis management, finding gaps in preparation but fewer attacks on networks.

A Few Good Metrics

ckeller — Wed, 22 Aug 2007 14:38:42 -0500

Information security metrics don't have to rely on heavy-duty math to be effective, but they also don't have to be dumbed down to red, yellow, green. Here are five smart measurements—and effective ways to present them.

A Guide to Security Metrics

ckeller — Wed, 22 Aug 2007 14:32:46 -0500

The pressure is on. Various surveys indicate that over the past several years computer security has risen in priority for many organizations. Spending on IT security has increased significantly in certain sectors. As with most concerns that achieve high priority status with executives, computer security is increasingly becoming a focal point not only for investment, but also for scrutiny of return on that investment. In the face of regular, high-profile news reports of serious security breaches, security managers are more than ever before being held accountable for demonstrating effectiveness of their security programs. What means should managers be using to meet this challenge? Some experts believe that key among these should be security metrics. This guide provides a definition of security metrics, explains their value, discusses the difficulties in generating them, and suggests a methodology for building a security metrics program.

Final Report of Emergency Communication Systems for Florida University and Community College Campuses

drupal — Fri, 27 Apr 2007 13:06:00 -0500

This report studies the current emergency communications system for Florida higher education institutions which do not have PA systems that are similar to the K-12 schools. Universities and Colleges require systems and procedures to rapidly pass critical information in emergency situations to all buildings classrooms, laboratories, and offices to alert students, faculty and staff regarding emergency situations such as a terrorist event, active shooter, bomb threat, hazmat release, or natural event such as tornado. Three important criteria are relevant to campus alert/notification systems: (1) provide an alert to the campus population as quickly as possible; (2) alert and inform the campus population in multiple areas with different instructions that could change rapidly; (3) provide at least a means of basic communications under extreme situations such as a power outage and/or downed telephone service. These criteria must also consider the limitations of the disabled.

Security Checklist: Strategy Setting

drupal — Thu, 27 Jul 2006 16:33:36 -0500

The author provides information on how implement a comprehensive information security plan.

This article reprinted with permission from CDW-D's EdTech Higher Education Focus Magazine.

Defining Incident Management Processes for CSIRTs: A Work in Progress

drupal — Wed, 27 Apr 2005 12:16:33 -0500

This report presents a prototype best practice model for performing incident management processes and functions. It defines the model through five high-level incident management processes: Prepare/Sustain/Improve, Protect Infrastructure, Detect Events, Triage Events, and Respond. Workflow diagrams and descriptions are provided for each of these processes.

Handbook for Computer Security Incident Response Teams (CSIRTs), 2nd edition

drupal — Wed, 27 Apr 2005 11:56:30 -0500

This document provides guidance on forming and operating a computer security incident response team (CSIRT). In particular, it helps an organization to define and document the nature and scope of a computer security incident handling service, which is the core service of a CSIRT. The document explains the functions that make up the service; how those functions interrelate; and the tools, procedures, and roles necessary to implement the service. This document also describes how CSIRTs interact with other organizations and how to handle sensitive information. In addition, operational and technical issues are covered, such as equipment, security, and staffing considerations.

State of the Practice of Computer Security Incident Response Teams (CSIRTs)

drupal — Wed, 27 Apr 2005 12:10:20 -0500

Keeping organizational information assets secure in today's interconnected computing environment is a challenge that becomes more difficult with each new "e" product and each new intruder tool. There is no one solution for securing information assets; instead a multi-layered security strategy is required. One of the layers that many organizations are including in their strategy today is a computer security incident response team, or CSIRT. This report provides an objective study of the state of the practice of incident response, based on information about how CSIRTs around the world are operating. It covers CSIRT services, projects, processes, structures, and literature, as well as training, legal, and operational issues. The report can serve as a resource both to new teams that are setting up their operations and to existing CSIRTs that are interested in benchmarking their operations.

Gartner: Microsoft "Missed Opportunity" In Security

drupal — Fri, 25 Feb 2005 12:10:02 -0600

"Bill Gates may have shed some light on his company's security plans this week, but Gartner questions if the revelations add up to a coherent strategy."

Strategies for Automating Network Policy Enforcement - Draft

drupal — Tue, 26 Oct 2004 15:23:58 -0500

This document provides a summary of some approaches forautomating technical policy enforcement as a condition fornetwork access in colleges and universities.