agrilife information technology it general...
TRANSCRIPT
AgriLife Information TechnologyIT General Session
January 2010
Agenda Topics
Year in Review
Enterprise IT Services Update
FirstCall Overview and Next Steps
Sophos Antivirus Initiative Update
Information/ System Security ProgramOverview
Year in Review
System IT Audits “The year of the Audit”
Help Desk Launch
Site Visits
Enterprise IT Services Analysis
Enterprise Antivirus Initiative
Enterprise IT Services UpdateJanuary 2010
Enterprise IT Service Update
Set of Recommendations Presented late October to Administration
Consisting of the Following Components:
Enterprise Email, Calendaring, Contacts Enterprise Directory / Identity Management Enterprise File Services (Backup, Archiving, Replication) Web hosting, Applications Server, Disaster Recovery Testing
Architecture Regional Center IT Infrastructure Needs
Next Steps
Complete HR resourcing / Level IV Colo cost modeling Finalize Funding model discussions with administration Initiate project planning, infrastructure procurement, platform/service
testing
FirstCall Help Desk Program UpdateJanuary 2010
Enterprise Antivirus (Sophos) UpdateJanuary 2010
Sophos Update
Jul 2009: Selected after comprehensive enterprise AV industry / product review
Provides Enterprise Class functions:- Antivirus, Malware, Spy bot, PUA detection and deterrence- Data Loss Protection (DLP) / alerts- Antivirus removal tools- Reporting and alerts- Managed Firewall - Web Alert Service
Oct 2009: Initiated deployment
Jan 2010: 1,300 workstations migrated to dateCurrent base roughly 50% regional , 50% campus
Key Issues: SEP removal, Windows 7 build # recognition
Sophos Update
Next Steps:
Continue and finalize deployment phase Finalize development of Console and Removal Tools training program Formalize operation communications and practices Formalize “Home Version” offering and support policies Release “Home Version” Initiate “Web Alert” Service Offering
IT Security & Management UpdateJanuary 2010
Year In Review
• College Audit Finalized!
• AgriLife Extension and Research Agency System IT Audit Conducted
• Assisted in University ISSAC Process and Remediation
• Facilitate Management Review Team Remediation (for 14 units)
• Launched New Blog (ait-security.tamu.edu)
• More comprehensive Communications from ISO
Security Office - Vision
Implement cost effective solutions and proactive security practices and strategies to the changing security risk.
Provide information and analysis on changing regulations and policies
Perform regular assessments on the overall state of AgriLife IT security and IT management
Education & Awareness
Quality Assurance
Audit Assistance
Strategic Guidance
IT Security & Management Program
IT Security & Management Program Purpose:
To establish a formal overall set of IT management and assessment practices to guarantee ongoing adherence and understanding of IT security and operational management requirements established by State of Texas for institutes of higher education and state agencies.
Program Model:
Participants: Unit IT managers, AgriLife IT, AgriLife Administration Consists of: Scheduled and Ongoing Initiatives Facilitated by: AgriLife IT Accountable to: AgriLife Administration (risk assessments, funding, etc.)
IT Security & Management Program
Scheduled Initiatives: ISAAC Reporting (All) ISAAC Review Process (ISO, IT Managers) Disaster Recovery Plan Submission & Review & Testing Cycle (All) Annual IT Risk Assessment Report (AIT Director) Annual Information Resource Security Controls Report (ISO) Physical Security Reviews (MRT, AIT ISO) State Incident Report (monthly - All) DIR Pen Tests
As Required: Security Incident response mitigation & reporting Mgmt Review Team Remediation ISAAC Remediation
Educational/Awareness Components: Best practice guides (IT management, end users) IT Policies and Terms of Use Communication & Awareness Security awareness notifications (exploits, exposures, etc.) Operating system and application patch notifications
ITSMP Annual Calendar of Events
JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC
Ad Hoc Physical Security Reviews
Pre‐ISSAC Planning ISSAC Reporting Period
ISSAC Reviews & Remediation
Disaster Recovery Plan Testing
Annual Risk Assess. & ISO Sec. Report to VC Office
* Monthly Security Incident Reports** Management Review Team Audits
DRP Submission Period
DIR Pen Tests
DIR Pen Test Remediation
Disaster Recovery Plan Reviews
Security Office ‐ Contact Info
• The Information Security Office can be contacted at 979‐862‐7254 or by sending e‐mail to j‐[email protected]
• You can view our information resource links at http://ait.tamu.edu/security.shtml