Presentation is loading. Please wait.

Presentation is loading. Please wait.

Campus Meeting on CSUID Implementation – SSN Purge Pat Burns and Steve Lovaas ACNS July 28, 2006.

Similar presentations

Presentation on theme: "Campus Meeting on CSUID Implementation – SSN Purge Pat Burns and Steve Lovaas ACNS July 28, 2006."— Presentation transcript:

1 Campus Meeting on CSUID Implementation – SSN Purge Pat Burns and Steve Lovaas ACNS July 28, 2006

2 Outline Burns  Background  Authority  Scope  The CSUID  The “Purge” Process  Roles and responsibilities Lovaas  Scanning systems  Encryption techniques All:  Q&A

3 Background HB 03-1175: cease and desist using SSN’s or portions thereof as primary identifiers for students effective July 1, 2004  CCHE exception granted until fall 2006 Federal/state mandates/laws  Paccione legislation  GLBA, SOX, HIPAA,…  Impending “Identity Theft Protection Act”

4 Authority CSU IT Security Policy version 1.7, approved by the ITEC July 11, 2006  Prohibition of SSN’s on systems unless approved by the AVPIIT  Scanning files permitted SSN “purge” process, approved by the ITEC July 11, 2006  Letter from SVP/Provost to Deans, Directors and Department Heads (ddd’s)  SSN Attestation Form  SSN Exception Form

5 The CSU IT Security Policy ver. 1.7 Approved by the ITEC on July 11, 2006 New material:  SSN’s not allowed on systems, unless approved by the AVPIIT  SSN’s on portable devices must be encrypted  Authority to scan files/systems for sensitive information For the purpose of identifying sensitive information Location information returned only to the owner of the file, for appropriate action

6 Moreover It is the “right” thing to do Our constituents deserve no less than diligent protection of their personal information

7 Scope All employees All systems  No automatic exceptions

8 The New CSUID The ID card office is replacing all ID cards, and this will be completed at the start of the fall 2006 semester PID will be replaced by CSUID on all central systems (except ISIS) on August 17, 2006  Including the data warehouse  Including class rolls and grade rolls  SSN’s generally unavailable thereafter Also need to “purge” SSNs from all systems

9 Risk Mitigation Avoid – purge SSNs from systems Reduce – remove unnecessary SSNs from systems Transfer – use SSNs on central systems Accept – accept risk where we must

10 The “Purge” Process Ddd’s distribute, collect and return SSN Personal Attestation Forms for their employees  All employees must complete an SSN Personal Attestation Form  Employees who check “Yes” (SSNs used) assess their level of effort  Suggest they work with IT staff to scan systems

11 Exceptions Must be applied for and approved by the AVPIIT Request ddd’s to collect and return SSN Exception Forms  Must be endorsed by IT staff, or if IT staff is the applicant, by their supervisor Form available at   All forms, including SVP memo, available there

12 Role of IT Staff Work with users to scan systems for SSNs and CCN’s  Scan systems  Return lists of files to users for their actions  Endorse SSN Exception Forms  Provide feedback to ACNS Remove all requests for SSNs from hardcopy and electronic forms/programs Reprogram all applications not to use SSNs

13 Role of AVPIIT Coordinate the process Process Exception forms Report outcome to SVP/Provost

14 Role of ACNS Provide a solution for scanning systems and files for SSN’s and CCN’s Provide a solution for encrypting files, and central archival of encryption keys  Horror stories about individuals losing or “forgetting” their encryption key, not like a system password that can be reset

15 Scanning and Encryption Steve Lovaas, ACNS Scanning  Spider Encryption  TrueCrypt  Key escrow

16 Scanning Systems for SSN’s and CCN’s Cornell’s Spider A Note on Exchange Approach for Linux/Mac and Windows  Architecture  Features  Usage Gotchas

17 Cornell University’s Spider – the product In-house tool from Cornell  Originally a Helix forensic boot disk tool  New version written for Windows  EDUCAUSE distribution effort Uses regular expressions to scan for SSNs, with extensions to look into some of the more popular file formats Note: Credit card numbers already a no-no; this tool helps purge them too!

18 Cornell University’s Spider at CSU Hosting code and documentation locally  ACNS developed custom regular expressions and CSU-default configurations Hosting local copies of original Cornell docs Please don’t flood Cornell with questions 

19 Using Spider – results and procedures False positives  There will be a lot  You or the user get to sort through them  Extension skip list to minimize them Notifying users of potential hits  Avoid anything that actually sends SSNs over the network (email users file paths only, or describe over the phone…) Remember to protect the results  Encrypt or store off-line

20 A note on Exchange Servers Spider doesn’t search Exchange stores  Cornell doesn’t use Exchange  Microsoft protection of Exchange ACNS will scan CSU Exchange farm with custom tools Colleges/departments with Exchange?  Contact Nick Smith in ACNS 

21 Spider for Linux - Architecture Written in Perl  Uses several modules and other utilities 2 parts:  Client does scanning  Server listens for and logs results Recommended approach  Run on a single machine  Mount other machines via NFS or Samba  This is the best way to scan Mac OS X

22 Spider for Linux - Features Older, stable version of forensic tool Command line only No recent feature upgrades Limited view into Microsoft file formats

23 Spider for Linux - Usage Resources on CSUID tools page  Instructions, config hints, recommendations  Custom REGEX file to replace defaults Man page in the distribution  All the switches and config details

24 Spider for Windows - Architecture Native executable  Many features compiled in, many options Requirements:  Administrative access  2000/XP/2003 with.NET 1.1  Must reboot after installing tool Run locally or map remote drives  Speed vs load

25 Spider for Windows - Features Newer product  CSU IT Security Technical Subcommittee has been submitting feedback and bug reports  Many recent feature additions and revisions, bug fixes  CSU has chosen the latest Beta rather than the last stable release, due to advanced features (after extensive ACNS testing) Easy-to-use GUI

26 Spider for Windows - Usage Resources on the CSUID tools page  Instructions, config hints, recommendations  CSU-customized.reg file with default settings  ACNS’ best guess at a good list of extensions to skip Recommended approach  Easier to install than Linux version  Single scanning machine vs one-by-one  Balance of time vs resources

27 Spider - Gotchas for both flavors Some file types not scanned or don’t work  Linux can do Word, but not Excel or Access  Windows has trouble with some PDF files  Very large files will sometimes stall the program Email attachments are difficult to scan Log files are a roadmap to all this data  Save to USB device or CD  Encrypt anything remaining on fixed disks (Windows version does this itself)

28 Encrypt What’s Left Some systems will receive exemptions  Need to store SSNs or CCNs locally Policy says encrypt What tools? Risks of encryption

29 Encryption – Choice of Tools Basic options  Operating system features (Windows EFS)  Commercial products (PGP Desktop)  Open source products (TrueCrypt) Metrics to choose by  Price  Ease of use  Reliability/risk

30 Encryption – Windows EFS Pros  Available out of the box in 2000 and XP  Very easy, intuitive user experience  Free Cons  If user login is compromised, data is accessible  Default key recovery agent is Administrator  Need an enterprise CA to be flexible enough  Self-destruct feature in XP without a CA

31 Encryption – TrueCrypt Pros  Free, Open Source  Fairly easy to use  Available key escrow without a CA  Separate password from Windows login  Available for Linux as well Cons  A separate product to install

32 Encryption with TrueCrypt - concept Volume encryption  An entire hard drive  A whole logical drive  An entire removable device (USB stick)  A single file on any of these as a virtual filesystem Not OS-dependent  Application + password (+ keyfile)  Single USB device usable on Windows, Linux

33 Encryption with TrueCrypt - features Virtual filesystem  Mount a file or drive as a separate mount point  Treated just like a drive – defrag, virus scan, etc  Can be backed up Key escrow  Administrator installs program, creates volume  Backs up header, then sets a user password  Recovery of header restores original admin password

34 Encryption with TrueCrypt - usage Windows  Launch the GUI  Create an encrypted volume  Mount the volume to make it available  Drag and drop files in and out  Dismount when done (reboot dismounts too) Linux  Command line only  Same procedures and features

35 Encryption with TrueCrypt – usage (2) Encryption strength  AES (256-bit)  Hashing function only for randomization in creating the volume, so SHA-1 is OK Key escrow HIGHLY RECOMMENDED  ACNS will provide storage of volume headers  If you use this (or any) encryption product without recovery ability, data could be lost forever  The cure could be worse than the disease

36 Key Escrow Crucial to acceptance of an encryption tool  Loss of password must not = loss of data forever ACNS will provide hosting  Offline, redundant storage (not networked)  Physical security (monitored, locked, alarmed)  Consistent naming conventions (for scalability) May be intermediate step toward a future CA  Better scalability, automation, ease of use  Support for email encryption, client certificates

37 Summary of Resources  Forms  Spider Executables, configs, documentation  TrueCrypt Local user instruction document External links to download installers and documentation ACNS  

38 Discussion Is most welcome

Download ppt "Campus Meeting on CSUID Implementation – SSN Purge Pat Burns and Steve Lovaas ACNS July 28, 2006."

Similar presentations

Ads by Google