Presentation is loading. Please wait.

Presentation is loading. Please wait.

Active Directory Security Improvements (ITCRB) CIO Council Update

Published byGodwin Stone Modified over 5 years ago

Similar presentations

Presentation on theme: "Active Directory Security Improvements (ITCRB) CIO Council Update"— Presentation transcript:

1 Active Directory Security Improvements (ITCRB) CIO Council Update
September 5 Tuesday 2:00 – 2:15 p.m. Smith 561

2 Purpose and Intended Outcome
9/14/2018 Purpose and Intended Outcome Purpose Update CIO Council on the Active Directory (AD) Security Improvements Project Obtain feedback on the Vision and Plan Intended Outcome CIO Council understands the Vision, Scope and Status of the AD Security Improvements Project Project Team understands any concerns and advice that the CIO Council members have about the project

3 Agenda Vision Plan and resources Current status
Active Directory shared service Questions and feedback

4 Vision: Active Directory Security Improvements
The Vision for Active Directory Security Improvements To significantly increase the security and resiliency of the University’s Active Directory environment by reducing complexity, cost, and the number of successful attacks. Objectives Guiding Principles Key Performance Indicators Design a reference architecture for University Active Directory Build a University Active Directory offered as a shared service Establish and deploy the Active Directory using standards from Microsoft and standards bodies (e.g. NIST) Focus on the data and the risks, not just Active Directory itself Active Directory is a service that must meet the needs of users, including application owners Collaborate closely with Schools to understand the effort required to move into the shared service and provide assistance wherever possible Allow local control and decision-making where we can Incorporate principles of automation to ensure scalability and cloud readiness Utilize published security standards and recommendations as baseline Design audit, monitoring, and alerting in accordance with ITIL and ITSM Schools know and understand the design and value of a shared architecture Existence of shared architecture and documented plan for onboarding of Schools Number of Schools whose AD instances can be demonstrated to meet the Microsoft/NIST standards

5 Plan and resources Our plan involves four key actions: Resources:
Perform a gap analysis of each Active Directory and remediate critical issues Build a reference architecture for Active Directory Design and implement a shared University-wide Active Directory Investigate and implement, as appropriate for the University, Microsoft’s “Red Forest” architecture Resources: Virtual team of seven people from HUIT including members of IAM, Messaging and Collaboration Technologies (MCT), Information Security Representatives from each school Vendors (Microsoft and other Active Directory experts)

6 Current Status Event Status Notes Finalize MS SOW Complete
ADH SOW signed RedForest in review Hire Architect/Engineer positions On Target One position hired (start 9/11/2017) Second position in interview state RMAS AD Audit RMAS/HUIT/Schools efforts are coordinated Identify initial schools for Gap Analysis HKS/HLS have agreed to be participants Begin Gap Analysis Expected dated in early October Build reference architecture Initial Architecture defined. Planned internal, Steering Committee, external reviews Investigate/implement Red Forest Pending Determine value of Red Forest – if we move forward, Schools will need to dedicate resources for work to join Red Forest Define financial/ operational model for FY20+ Ongoing Initial talks underway for running AD service

7 Active Directory shared service
University Active Directory Shared Service Delivered as: Platform As A Service (PAAS) Needs: University wide adoption Requires: support from CIOs and buy in from IT departments

8 Questions and feedback

Download ppt "Active Directory Security Improvements (ITCRB) CIO Council Update"

Similar presentations

Auditing, Assurance and Governance in Local Government

Auditing, Assurance and Governance in Local Government
NIST Special Publication Revision 1

NIST Special Publication Revision 1
Roles and Responsibilities

Roles and Responsibilities
Financial Capability Strategy for UK Older people in retirement Presentation to the Age Action Alliance Money Matters group Rebecca Langford, Policy Manager.

Financial Capability Strategy for UK Older people in retirement Presentation to the Age Action Alliance Money Matters group Rebecca Langford, Policy Manager.
From Policies to Programs to Practices Establishing the Green Infrastructure Eric Friedman Director of State Sustainability Mass. Executive Office of Env.

From Policies to Programs to Practices Establishing the Green Infrastructure Eric Friedman Director of State Sustainability Mass. Executive Office of Env.
National Provider Identifier HIPAA Summit 13 September 25, 2006 Peter Barry Hospital Implementation Planning.

National Provider Identifier HIPAA Summit 13 September 25, 2006 Peter Barry Hospital Implementation Planning.
781-890-7446 Health Delivery Services May 29, 20090 Eastern Massachusetts Healthcare Initiative Policy Work Group Session 2 May 29, 2009.

Health Delivery Services May 29, Eastern Massachusetts Healthcare Initiative Policy Work Group Session 2 May 29, 2009.
Knoxville, TN October 20, 2009 SG-Systems Systems Requirements Specification Team Status and Breakout Session.

Knoxville, TN October 20, 2009 SG-Systems Systems Requirements Specification Team Status and Breakout Session.
TDRp Implementation Challenges David Vance, Executive Director Peggy Parskey, Assistant Director October 23, 2014.

TDRp Implementation Challenges David Vance, Executive Director Peggy Parskey, Assistant Director October 23, 2014.
Project Discovery – Monday Holyoke 561 Most updates will only have 30 minutes maximum for their presentations. At least 10 minutes should be left for Q&A.

Project Discovery – Monday Holyoke 561 Most updates will only have 30 minutes maximum for their presentations. At least 10 minutes should be left for Q&A.
CI R1 LCO Review Panel Preliminary Report. General Comments –Provide clear definition of the goals of the phase (e.g. inception), the scope, etc. in order.

CI R1 LCO Review Panel Preliminary Report. General Comments –Provide clear definition of the goals of the phase (e.g. inception), the scope, etc. in order.
Vision to Reality: How Knowledge Sharing Promotes Efficiencies Through Process Improvement  History of the Knowledge Collaboration Centre (KCC)  The.

Vision to Reality: How Knowledge Sharing Promotes Efficiencies Through Process Improvement  History of the Knowledge Collaboration Centre (KCC)  The.
U.S. Department of Agriculture eGovernment Program Enabler’s Steering Committee Meeting January 9 th, 2003.

U.S. Department of Agriculture eGovernment Program Enabler’s Steering Committee Meeting January 9 th, 2003.
Implementing Clinical Governance COMPASS Consultant Outcome Indicators Programme.

Implementing Clinical Governance COMPASS Consultant Outcome Indicators Programme.
1 GR-PBA 22 September 2011. This presentation covers  What does an AC do? ToR & Vision  Work done by AC in the16 months  Assurances to CM on:  internal.

1 GR-PBA 22 September This presentation covers  What does an AC do? ToR & Vision  Work done by AC in the16 months  Assurances to CM on:  internal.
FY16 End of Year Goals Summary HUIT Top 40 GoalsFY16: Top 40 Goals Assessment Top 40 Goals Status Summary 82% Complete (33 of 40) 18% Incomplete (7 of.

FY16 End of Year Goals Summary HUIT Top 40 GoalsFY16: Top 40 Goals Assessment Top 40 Goals Status Summary 82% Complete (33 of 40) 18% Incomplete (7 of.
© Crown copyright Met Office Report of the Chair Stuart Goldstraw, UK Met Office, Chair ET-SBO-1, July 2013.

© Crown copyright Met Office Report of the Chair Stuart Goldstraw, UK Met Office, Chair ET-SBO-1, July 2013.
Asset Management Working Group & Bridge Condition Indicator Project Achievements, Updates & Future Work Paul Monaghan LoBEG Chairman May 2015.

Asset Management Working Group & Bridge Condition Indicator Project Achievements, Updates & Future Work Paul Monaghan LoBEG Chairman May 2015.
IT Vendor Management March, 2015 Peter Baskette Pratike Patel.

IT Vendor Management March, 2015 Peter Baskette Pratike Patel.
Digital Asset Management & Storage Program Program Summary

Digital Asset Management & Storage Program Program Summary

Similar presentations

Ads by Google