Security Management and Intrusion Detection and Prevention
Open Source Security Tools at Maricopa Community Colleges
| Title: | Open Source Security Tools at Maricopa Community Colleges (ID: EPS193) | | Author(s): | Carol Myers (Paradise Valley Community College) | | Origin: | Contributed by Organizations or Campuses (2004) | | Type: | Effective Practices | | Abstract: | The Maricopa Community Colleges consist of 10 colleges, two skill centers, and many college satellite centers, including classes being held at the Arizona state prison. More than 200,000 students are enrolled, supported by approximately 11,000 employees. This translates to roughly 25,000 network hosts. Maricopa has a decentralized administration, with each college having a president and a full complement of deans. The district office administration handles core, centralized, administrative operations such as human resources and financials. The colleges have diverse missions, from purely occupational to largely academic colleges. One college is solely distance learning. | | View this resource: | |
Effective IT Security Practices
| Title: | Effective IT Security Practices (ID: EDU06165) | | Author(s): | John Bruggeman (Hebrew Union College-Jewish Institute of Religion), H. Morrow Long (Yale University), and Christopher Misra (University of Massachusetts Amherst) | | Origin: | Presented at EDUCAUSE Annual Conferences (10/09/2006) | | Type: | Presentations/Speeches | | Abstract: | IT security is a critical issue in higher education. This seminar will focus on network security architectures, infrastructure, data security, incident detection, prevention, and response. A framework and set of tools that participants can take back to their institutions for handling IT security incidents will also be provided. Participants will learn how to bypass typical mistakes, develop incident-handling protocols and procedures, use shareware and open source tools, interpret logs, and leverage other forensic and investigative resources. The effective practices work of the EDUCAUSE/Internet2 Computer Network Security Task Force will also be discussed. | | View this resource: | |
Ensure IT's Quality, Ensure IT's Security, or Throw IT Out!
| Title: | Ensure IT's Quality, Ensure IT's Security, or Throw IT Out! (ID: EDU06269) | | Author(s): | Marina Arseniev (University of California, Irvine), Josh Drummond (University of California, Irvine), and Katya Sadovsky (University of California, Irvine) | | Origin: | Presented at EDUCAUSE Annual Conferences (10/11/2006) | | Type: | Presentations/Speeches | | Abstract: | This presentation on application hacking and programming blunders that compromise security will be an eye-opening session for IT professionals at all levels. We will demonstrate and explain common Web application hacks such as URL rewriting, impersonation, SQL injection, and defense techniques and countermeasures that you can implement today. | | View this resource: | |
Final Report of the Computer Incident Factor Analysis and Categorization (CIFAC) Project: Volume I: College and University Sample
| Title: | Final Report of the Computer Incident Factor Analysis and Categorization (CIFAC) Project: Volume I: College and University Sample (ID: CSD4207) | | Author(s): | Virginia E. Rezmierski (University of Michigan-Ann Arbor) and Daniel M. Rothschild (University of Michigan-Ann Arbor) | | Origin: | Contributed by the Security Task Force (2005) | | Type: | Articles, Papers, and Reports | | Abstract: | This study provides information about 319 computer-related incidents that occurred in 36 colleges and universities within the past two years. Researchers sought to bring a broader institutional focus to bear in the identification and management of computer-related incidents. Instead of the current definition of incidents which often focuses too heavily on technical vulnerabilities, researchers used a broader definition in identifying computer-related incidents to more realistically look at associated factors. Participants provided detailed information about each of the incidents. The data were analyzed to identify perceived cause, seriousness, recommended preventative actions, and the specific factors that were related to the occurrence of different types of incidents, people-focused, systems-focused, and data-focused incidents. Participants provided recommended best practices for preventing each of the incidents, for mitigating the effects of the incidents and for managing them. | | View this resource: | |
|
