AgriLife Information TechnologyIT General Session

January 2010

Agenda Topics

Year in Review

Enterprise IT Services Update

FirstCall Overview and Next Steps

Sophos Antivirus Initiative Update

Information/ System Security ProgramOverview

Year in Review

System IT Audits “The year of the Audit”

Help Desk Launch

Site Visits

Enterprise IT Services Analysis

Enterprise Antivirus Initiative

Enterprise IT Services UpdateJanuary 2010

Enterprise IT Service Update

Set of Recommendations Presented late October to Administration

Consisting of the Following Components:

Enterprise Email, Calendaring, Contacts Enterprise Directory / Identity Management Enterprise File Services (Backup, Archiving, Replication) Web hosting, Applications Server, Disaster Recovery Testing

Architecture Regional Center IT Infrastructure Needs

Next Steps

Complete HR resourcing / Level IV Colo cost modeling Finalize Funding model discussions with administration Initiate project planning, infrastructure procurement, platform/service

testing

FirstCall Help Desk Program UpdateJanuary 2010

Enterprise Antivirus (Sophos) UpdateJanuary 2010

Sophos Update

Jul 2009: Selected after comprehensive enterprise AV industry / product review

Provides Enterprise Class functions:- Antivirus, Malware, Spy bot, PUA detection and deterrence- Data Loss Protection (DLP) / alerts- Antivirus removal tools- Reporting and alerts- Managed Firewall - Web Alert Service

Oct 2009: Initiated deployment

Jan 2010: 1,300 workstations migrated to dateCurrent base roughly 50% regional , 50% campus

Key Issues: SEP removal, Windows 7 build # recognition

Sophos Update

Next Steps:

Continue and finalize deployment phase Finalize development of Console and Removal Tools training program Formalize operation communications and practices Formalize “Home Version” offering and support policies Release “Home Version” Initiate “Web Alert” Service Offering

IT Security & Management UpdateJanuary 2010

Year In Review

• College Audit Finalized!

• AgriLife Extension and Research Agency System IT Audit Conducted

• Assisted in University ISSAC Process and Remediation

• Facilitate Management Review Team Remediation (for 14 units)

• Launched New Blog (ait-security.tamu.edu)

• More comprehensive Communications from ISO

Security Office - Vision

Implement cost effective solutions and proactive security practices and strategies to the changing security risk.

Provide information and analysis on changing regulations and policies

Perform regular assessments on the overall state of AgriLife IT security and IT management

Education & Awareness

Quality Assurance

Audit Assistance

Strategic Guidance

IT Security & Management Program

IT Security & Management Program Purpose:

To establish a formal overall set of IT management and assessment practices to guarantee ongoing adherence and understanding of IT security and operational management requirements established by State of Texas for institutes of higher education and state agencies.

Program Model:

Participants: Unit IT managers, AgriLife IT, AgriLife Administration Consists of: Scheduled and Ongoing Initiatives Facilitated by: AgriLife IT Accountable to: AgriLife Administration (risk assessments, funding, etc.)

IT Security & Management Program

Scheduled Initiatives: ISAAC Reporting (All) ISAAC Review Process (ISO, IT Managers) Disaster Recovery Plan Submission & Review & Testing Cycle (All) Annual IT Risk Assessment Report (AIT Director) Annual Information Resource Security Controls Report (ISO) Physical Security Reviews (MRT, AIT ISO) State Incident Report (monthly - All) DIR Pen Tests

As Required: Security Incident response mitigation & reporting Mgmt Review Team Remediation ISAAC Remediation

Educational/Awareness Components: Best practice guides (IT management, end users) IT Policies and Terms of Use Communication & Awareness Security awareness notifications (exploits, exposures, etc.) Operating system and application patch notifications

ITSMP Annual Calendar of Events

JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC

Ad Hoc Physical Security Reviews

Pre‐ISSAC Planning ISSAC Reporting Period

ISSAC Reviews & Remediation

Disaster Recovery Plan Testing

Annual Risk Assess. & ISO Sec. Report to VC Office

* Monthly Security Incident Reports** Management Review Team Audits

DRP Submission Period

DIR Pen Tests

DIR Pen Test Remediation

Disaster Recovery Plan Reviews

Security Office ‐ Contact Info

• The Information Security Office can be contacted at 979‐862‐7254 or by sending e‐mail to j‐braden@tamu.edu

• You can view our information resource links at http://ait.tamu.edu/security.shtml