Presentation is loading. Please wait.

Presentation is loading. Please wait.

End User Security Awareness Program University of Toledo Educational and Information Technology Presented by: Interim Chief Information Officer, Joseph.

Similar presentations


Presentation on theme: "End User Security Awareness Program University of Toledo Educational and Information Technology Presented by: Interim Chief Information Officer, Joseph."— Presentation transcript:

1

2 End User Security Awareness Program University of Toledo Educational and Information Technology Presented by: Interim Chief Information Officer, Joseph Sawasky Communications Administrator, Melissa Crabtree Communications Administrator, Melissa Crabtree

3 What’s in an end user security program for you? Despite IT’s best efforts (firewall, passwords, encryption, directory permissions, anti-virus, anti-spyware, facility controls, video surveillance etc…), one careless or malicious end user can cause major problems for you – it will happen on your campus! Despite IT’s best efforts (firewall, passwords, encryption, directory permissions, anti-virus, anti-spyware, facility controls, video surveillance etc…), one careless or malicious end user can cause major problems for you – it will happen on your campus! Ensures IT AND end user departments have shared “skin in the game” Ensures IT AND end user departments have shared “skin in the game” Shows due diligence Shows due diligence Shows IT is proactively addressing area of high potential security risk outside the data center Shows IT is proactively addressing area of high potential security risk outside the data center It’s relatively cheap It’s relatively cheap You’ll have ready answers when the local media visits and when angry students, parents, employees and bosses call You’ll have ready answers when the local media visits and when angry students, parents, employees and bosses call (and it reduces the chances that the previous bullet will occur!) (and it reduces the chances that the previous bullet will occur!) Steal with pride! That’s what OHECC is for! Steal with pride! That’s what OHECC is for!

4 “It’s not if it will happen.. it’s when!” Stolen laptop at University of CA, Berkeley causes breach of 98,400 SSN’s Stolen laptop at University of CA, Berkeley causes breach of 98,400 SSN’s Hacker comprises security at Boston College, breach of 120,000 Hacker comprises security at Boston College, breach of 120,000 Dishonest insider at University of Hawaii leaks 150,000 SSN’s Dishonest insider at University of Hawaii leaks 150,000 SSN’s Ohio Incidents – Closer to Home Ohio Incidents – Closer to Home University of Toledo University of Toledo Faculty member posts grades and SSN’s of 56 students Faculty member posts grades and SSN’s of 56 students Faculty member posts grades and SSN’s of 155 students Faculty member posts grades and SSN’s of 155 students 4 stolen laptops breach approximately 2,200 SSN’s 4 stolen laptops breach approximately 2,200 SSN’s Rule of thumb – notification costs ~$2.00 per record compromised Rule of thumb – notification costs ~$2.00 per record compromised Data Source: Privacy Rights Clearninghouse -

5 What we’ll talk about today The University of Toledo – Educational and Information Technology The University of Toledo – Educational and Information Technology End User Awareness Training and Best Practices “Recommendations” End User Awareness Training and Best Practices “Recommendations” Departmental Auditing Procedures Departmental Auditing Procedures CyberAngel and PowerGREP CyberAngel and PowerGREP Looking to the future Looking to the future

6 The University of Toledo 20,000 Students 20,000 Students 2,200 Faculty and Staff 2,200 Faculty and Staff 10,000+ computers 10,000+ computers Educational and Information Technology Educational and Information Technology 79 FTE’s 79 FTE’s 1 Full Time Network Security Analyst 1 Full Time Network Security Analyst Team created from existing employees for security awareness and audit procedure Team created from existing employees for security awareness and audit procedure Central Response Unit for security breaches Central Response Unit for security breaches Provide University-wide information security best practices Provide University-wide information security best practices Promote Security Awareness and Education of Employees Promote Security Awareness and Education of Employees

7 Security Awareness and Training Program Lunch and Learn Program Lunch and Learn Program The Presentation The Presentation What is Sensitive Information? What is Sensitive Information? What is Sensitive Information? What is Sensitive Information? Their role and responsibility Their role and responsibility Three methods of security – Physical, Computer, and Procedural (Social Engineering) Three methods of security – Physical, Computer, and Procedural (Social Engineering) Guidelines for Information Security for Faculty/Staff tri-fold Guidelines for Information Security for Faculty/Staff tri-fold Video on Information Security Video on Information Security Video on Information Security Video on Information Security

8 Security Awareness and Training Program Lunch and Learn Program Continued Lunch and Learn Program Continued Participant’s Next Steps Participant’s Next Steps Personal Security Action Plan Personal Security Action Plan Personal Security Action Plan Personal Security Action Plan Each user should go through their computers and verify that all “Sensitive Data” is secure using the PSAP Each user should go through their computers and verify that all “Sensitive Data” is secure using the PSAP Computer Security Checklist Computer Security Checklist Computer Security Checklist Computer Security Checklist Prepares user for and Information Security Audit Prepares user for and Information Security Audit Information Security Audit Information Security Audit Send follow up to Business Unit Manager and request audit of department Send follow up to Business Unit Manager and request audit of department

9 Security Awareness and Training Program Statistics on Lunch and Learn Program Statistics on Lunch and Learn Program Conducted six targeted programs since program inception (January 2006) Conducted six targeted programs since program inception (January 2006) 3 future programs planned 3 future programs planned Over 180 Faculty and Staff have gone through the program Over 180 Faculty and Staff have gone through the program Led to the audit of 5 major business units Led to the audit of 5 major business units

10 Information Security Audit Procedure Announcement Letter or Web Audit Request Announcement Letter or Web Audit Request Announcement Letter or Web Audit Request Announcement Letter or Web Audit Request Preliminary Review Preliminary Review Date of Audit, Time, Mgr. uses checklist to choose what should be audited, and any special details Date of Audit, Time, Mgr. uses checklist to choose what should be audited, and any special details Audit Audit Audit team uses Security Checklist to complete the audit of the selected users Audit team uses Security Checklist to complete the audit of the selected users Remote audit of PC’s and Servers conducted using PowerGREP Remote audit of PC’s and Servers conducted using PowerGREP Audit results sent to Mgr. and CIO Audit results sent to Mgr. and CIO Includes all supporting documentation Includes all supporting documentation Follow-up Review Follow-up Review EIT conducts follow-up audit on any security issues found EIT conducts follow-up audit on any security issues found Installation of CyberAngel for users that handle large amounts of sensitive data Installation of CyberAngel for users that handle large amounts of sensitive data

11 Information Security Audit Procedure Sample Documentation Sample Documentation of Audit Results of Audit Results Compiled Security Checklist Compiled Security Checklist Compiled Security Checklist Compiled Security Checklist PowerGREP results PowerGREP results PowerGREP results PowerGREP results

12 Information Security Audit Procedure Audit Statistics/Benefits Audit Statistics/Benefits Audited 5 major business units (including Enrollment Services, EIT, and ERP which include 65% of data owners) Audited 5 major business units (including Enrollment Services, EIT, and ERP which include 65% of data owners) Proactively found 108,000 SSN’s in over 15,000 documents Proactively found 108,000 SSN’s in over 15,000 documents Awareness is branching out to other departments Awareness is branching out to other departments 4 audits in queue 4 audits in queue

13 CyberAngel Security Software Creates an encrypted drive – preventing unauthorized access to files if computer is stolen Creates an encrypted drive – preventing unauthorized access to files if computer is stolen 8 different available algorithms, including Rijndael-AES different available algorithms, including Rijndael-AES 256 If an incorrect or no password is given, users don’t see the drive or files stored there If an incorrect or no password is given, users don’t see the drive or files stored there HIPAA, GLB, FERPA, and new Sub HB 104 compliant HIPAA, GLB, FERPA, and new Sub HB 104 compliant Offers Single or Two-Factor Authentication Offers Single or Two-Factor Authentication Tracks, Locates and Recovers Lost or Stolen Computers Tracks, Locates and Recovers Lost or Stolen Computers 92% return rate 92% return rate CyberAngel Incident Report used to obtain search warrants and subpoena’s CyberAngel Incident Report used to obtain search warrants and subpoena’s

14 CyberAngel Security Software Provides “Real-Time” Security for Data and Information Protection Provides “Real-Time” Security for Data and Information Protection Prohibits Unauthorized VPN Access Prohibits Unauthorized VPN Access Prevents Unauthorized Application Use Prevents Unauthorized Application Use Locks Communication Ports Locks Communication Ports Sends Notification of Unauthorized Access Sends Notification of Unauthorized Access

15 CyberAngel Security Software Simple and Customizable Login Screen Simple and Customizable Login Screen Encrypted “P:\Drive” works like a standard folder, making it easy for your Staff to use Encrypted “P:\Drive” works like a standard folder, making it easy for your Staff to use

16 CyberAngel Security Software 24-hour support hotline and theft reporting – IT involvement is not necessary 24-hour support hotline and theft reporting – IT involvement is not necessary Customizable hotkey to disable and re-enable encrypted drive Customizable hotkey to disable and re-enable encrypted drive CyberAngel Configuration Manager CyberAngel Configuration Manager Does not have to be installed on machine Does not have to be installed on machine Create a “Master” password for University Create a “Master” password for University Assign a different drive letter Assign a different drive letter Change encrypted size of drive Change encrypted size of drive Uninstall and reinstall software Uninstall and reinstall software User can change password User can change password

17 CyberAngel Security Software Statistics/Benefits Statistics/Benefits Already installed on 125 “data owner” machines Already installed on 125 “data owner” machines Purchases are being made by the departments Purchases are being made by the departments $62.50 for a 5-year license (when 100 – 500 are purchased) $62.50 for a 5-year license (when 100 – 500 are purchased) Discount pricing for students – CyberAngel assumes all responsibility Discount pricing for students – CyberAngel assumes all responsibility

18 PowerGREP Software A powerful Windows grep tool A powerful Windows grep tool Ability to extract statistics and knowledge from log files and large data sets Ability to extract statistics and knowledge from log files and large data sets Find files and information anywhere on a PC or network Find files and information anywhere on a PC or network Simple user interface Simple user interface Full-featured text and hex built-in editor Full-featured text and hex built-in editor

19 PowerGREP Software Unique Abilities Unique Abilities Search through specific file sections Search through specific file sections Split files into records before searching Split files into records before searching Post-process replacement text Post-process replacement text Permanent Undo History Permanent Undo History Compatibilities Compatibilities Perl, Java and.Net compatible regular expressions Perl, Java and.Net compatible regular expressions Extensive text encoding support Extensive text encoding support Search through zip archives Search through zip archives

20 PowerGREP Software

21

22 Statistics/Benefits Statistics/Benefits Proactively found 108,000 instances of SSN’s in first round of audit Proactively found 108,000 instances of SSN’s in first round of audit Easily identify file locations for users Easily identify file locations for users Uses beyond just PC searches Uses beyond just PC searches 80-gig hard drive in just under an hour and half (on the network!) 80-gig hard drive in just under an hour and half (on the network!) Only $149 Only $149

23 Looking to the Future Likelihood of more rigorous external requirements and more severe penalties Likelihood of more rigorous external requirements and more severe penalties Expanded audits Expanded audits Increased faculty awareness Increased faculty awareness More automation in audit process More automation in audit process Challenge of providing information to decision-makers and providing more security Challenge of providing information to decision-makers and providing more security

24 Summary Be proactive and provide leadership – create your own end user security program Be proactive and provide leadership – create your own end user security program Promote it across campus – market and communicate Promote it across campus – market and communicate You’ll be happy you did WHEN the next incident occurs You’ll be happy you did WHEN the next incident occurs Reduce the MTBsF Reduce the MTBsF Borrow anything you can from UT – we’re happy to help Borrow anything you can from UT – we’re happy to help

25 Any Questions? Joseph Sawasky: Joseph Sawasky: Melissa Crabtree: Melissa Crabtree: “Motivational” backgrounds “Motivational” backgrounds The Sourcefire Computer Security Calendar The Sourcefire Computer Security Calendar Security Breaches - Privacy Rights Clearninghouse Security Breaches - Privacy Rights Clearninghouse The CyberAngel Inc – The CyberAngel Inc – PowerGREP PowerGREP UT - Educational and Information Technology UT - Educational and Information Technology


Download ppt "End User Security Awareness Program University of Toledo Educational and Information Technology Presented by: Interim Chief Information Officer, Joseph."

Similar presentations


Ads by Google