Profile

CommunityPlatform_1350x900.jpg

Rusty Carter

Edit My Profile

My Content

1 to 20 of 33 total

Password Phrases

Posted By Rusty Carter 02-26-2024 11:57:00 AM
Found In Egroup: Cybersecurity \ view thread
Has anyone implemented password phrases in their organization? If so how did you roll it out? Do you still require password resets? Is it annually? What type of rules did you implement? Any obstacles to implementing this? ------------------------------ Rusty Carter Information Security & Privacy Manager ...

ID card and photo retention

Posted By Rusty Carter 02-06-2024 07:12:48 AM
Found In Egroup: Cybersecurity \ view thread
Posing a question to the group. How often do you force employees to update the photos on the ID cards that are issued? We renew IDs every 4 years but we haven't forced users to take a new photo. That being said we have employees that have been here more than 20 years. I am interested to see if your organization ...

RE: MFA

Posted By Rusty Carter 12-13-2023 12:52:23 PM
Found In Egroup: Cybersecurity \ view thread
When we rolled out our MFA we communicated frequently. We were able to roll out by groups, this helped to not flood our helpdesk or us. We did all employees by department then rolled it out to the students as the last group. Students were more accepting than the employees. We use EntraID, with MS authenticator, ...

RE: Student MFA Exemption

Posted By Rusty Carter 11-06-2023 08:38:26 AM
Found In Egroup: Cybersecurity \ view thread
Wanted to chime in as well on this topic. We use Entra ID (Azure). 2FA options are the authenticator application, text message, or phone call. This is for students and employees. One workaround we use where phones do not work or are not allowed we advise them to get a Google number (which is free) ...

RE: IT Risk Management software

Posted By Rusty Carter 08-22-2023 02:43:48 PM
Found In Egroup: Cybersecurity \ view thread
Thanks Chris, This could be something our Institution could use as well. Thank You, Rusty Carter '05 Information Security and Privacy Manager IT Services, Buies Creek NC 27506 Voice (910) 814-4764 carter@campbell.edu Current System Status - IT Status Page Get IT Help - IT Service ...

RE: IT Risk Management software

Posted By Rusty Carter 08-22-2023 12:47:22 PM
Found In Egroup: Cybersecurity \ view thread
I apologize Becky for not addressing you by your name. My fingers aren't as fast as my brain when I begin to type. Thank You, Rusty Carter '05 Information Security and Privacy Manager IT Services, Buies Creek NC 27506 Voice (910) 814-4764 carter@campbell.edu Current System Status - IT ...

RE: IT Risk Management software

Posted By Rusty Carter 08-22-2023 12:45:08 PM
Found In Egroup: Cybersecurity \ view thread
Thank you Beck, Isn't that the company saltycloud? I believe they presented at a conference in Baltimore regarding the HECVAT use. Is it a cloud solution? Is the price reasonable? Did you look at other products before deciding upon this one? If so why did you chose this one? If you want to take this ...

RE: IT Risk Management software

Posted By Rusty Carter 08-22-2023 12:25:38 PM
Found In Egroup: Cybersecurity \ view thread
Thanks Chris That is what we are using for our risk register. With so many items coming in it is becoming a daunting task to keep track of. That is why I am asking if anyone else is using a solution. Thank You, Rusty Carter '05 Information Security and Privacy Manager IT Services, Buies ...

IT Risk Management software

Posted By Rusty Carter 08-22-2023 12:13:00 PM
Found In Egroup: Cybersecurity \ view thread
Anyone using a Risk management software solution? If so what are you using and is it working for you? Thank You, Rusty Carter '05 Information Security and Privacy Manager IT Services Buies Creek NC 27506 Voice (910) 814-4764 carter@campbell.edu Current System Status - IT Status Page ...

RE: NSC Breach

Posted By Rusty Carter 06-29-2023 07:16:28 AM
Found In Egroup: Cybersecurity \ view thread
Any others getting reports that other vendors that you may use were also affected? I was informed that TIAA was also affected. Thank You, Rusty Carter '05 Information Security and Privacy Manager IT Services, Buies Creek NC 27506 Voice (910) 814-4764 carter@campbell.edu Current System ...

RE: NSC Breach

Posted By Rusty Carter 06-28-2023 01:27:41 PM
Found In Egroup: Cybersecurity \ view thread
Yeah, I just was forwarded the email from our Registrar. They (clearinghouse) has no idea to what extent the compromise is, or if they do they aren't ready to share it yet. That would explain the vague general terms used in the notification. Thank You, Rusty Carter '05 Information Security ...

RE: NSC Breach

Posted By Rusty Carter 06-28-2023 12:44:07 PM
Found In Egroup: Cybersecurity \ view thread
This is an interesting issue. We do not directly use this but the vendor whom we have a contract with (Clearinghouse) does. Has Clearinghouse put out any information on this? Thank You, Rusty Carter '05 Information Security and Privacy Manager IT Services Buies Creek NC 27506 Voice (910) ...

RE: Fischer Identity

Posted By Rusty Carter 03-16-2023 01:37:11 PM
Found In Egroup: Identity and Access Management \ view thread
What solution did you go with? If you don't mind sharing? Thank You, Rusty Carter '05 Information Security and Privacy Manager IT Services Buies Creek NC 27506 Voice (910) 814-4764 carter@campbell.edu Current System Status - IT Status Page Get IT Help - IT Service Desk Leaders impart ...

Fischer Identity

Posted By Rusty Carter 03-16-2023 01:25:00 PM
Found In Egroup: Identity and Access Management \ view thread
Has anyone used this company for provisioning/deprovisioning accounts? We are currently investigating. Our current ERP is Ellucian Colleague on Linux and was looking to get any feedback from anyone who has used their services? ------------------------------ Rusty Carter Information Security & Privacy ...

RE: Password reset policy

Posted By Rusty Carter 03-01-2023 01:12:54 PM
Found In Egroup: Cybersecurity \ view thread
Would anyone have a procedure template they would be willing to share? We have policies in place for users to reset passwords, enroll into MFA. But looking to create procedures for if a user doesn't login, enroll into MFA or reset their passwords etc. Just looking for a Template to organize it. I have ...

Matchbook

Posted By Rusty Carter 02-15-2023 02:29:30 PM
Found In Egroup: Cybersecurity \ view thread
Just putting this out there. Does anyone use MatchBook. If so how did you deploy it. Thank You, Rusty Carter '05 Information Security and Privacy Manager IT Services Buies Creek NC 27506 Voice (910) 814-4764 carter@campbell.edu Current System Status - IT Status Page Get IT Help - ...

RE: Crowdstrike

Posted By Rusty Carter 01-24-2023 02:05:31 PM
Found In Egroup: Cybersecurity \ view thread
We deployed a managed crowdstrike solution mid last year. It is not the full blown version but we have it on all of our endpoints, servers etc. And so far seems to be working well. We removed Sophos and Malwarebytes. We are in the process of deploying intune to all endpoints so we shall see how that ...

RE: Required MFA for Students

Posted By Rusty Carter 12-12-2022 06:42:43 AM
Found In Egroup: Cybersecurity \ view thread
We purchased these types https://www.token2.net/ Token2 c202 hardware token - They seem to work well. We do not issue for every user. We have special use cases where they have to be used were phones are not allowed and are primarily for faculty. But they work and have had no issues. Thank ...

RE: Gramm-Leach Bliley Act (GLBA) Safeguards Rule Compliance Status

Posted By Rusty Carter 12-08-2022 12:17:42 PM
Found In Egroup: Cybersecurity \ view thread
Funny I was just evaluating that very list of where we are when this email popped up. These two stand out the most because there hasn't been much guidance on how to execute these without causing data loss/corruption or a significant loss of performance. For the rest there are some things I am still ...

RE: Required MFA for Students

Posted By Rusty Carter 11-30-2022 02:49:35 PM
Found In Egroup: Cybersecurity \ view thread
With us, the Azure options are a text or phone call that provides a code or Microsoft authenticator. So they can use the office phone if they wish. But that becomes problematic if they are working remotely that day. The other option is Microsoft authenticator. (others may work but we only support that ...