Ellucian Cloud Services. Joe Street Cloud Services, Sr. Solution Consultant

Size: px
Start display at page:

Download "Ellucian Cloud Services. Joe Street Cloud Services, Sr. Solution Consultant"

Transcription

1

2 Ellucian Cloud Services Joe Street Cloud Services, Sr. Solution Consultant

3 Confidentiality Statement The information contained herein is considered proprietary and highly confidential by Ellucian Managed Services Inc. (Ellucian). Any release of this information to third parties will likely cause substantial harm to the competitive positions of Ellucian. This information is provided in response to, and for the exclusive consideration of, those parties directly participating in meetings with Ellucian. Ellucian should be informed of any request by a third party to inspect or copy any of the information contained herein. In no event, should any such inspection or copying be permitted without sufficient advance notice to Ellucian to permit it to pursue any remedies available to it to prevent such inspection or copying. 3

4 Increased Demand Today s Higher Education IT Environment - Use & Users - Data - Transactions - Interconnections - New Technology - Expectations - Resources - Budgets - Predictability - Patience Less tools for success

5 Cloud Adoption in Higher Education 68% 52% 53% Messaging Collaboration Learning Management Systems Library 42% 40% 38% Management Web Servers Systems Web Content Management 35% Bookstore 34% 21% Management Student Portal ERP Sources: Ellucian Survey, Educause, Campus Computing 5

6 How Can Ellucian Cloud Services Help? Reduce Risk Provide up-to-date expertise and experience Strategically oriented IT organization Allow existing resources to focus on strategic priorities Reduce total cost of ownership Improved Return on Investment Cloud Services Application Hosting Services (AHS) Application Management Services (AMS) 6

7 01 Application Management Services

8 Application Management Services (AMS) Application Management Service Engagement Management Application Administration Database Administration Operating System Administration Monitoring 24x7 Emergency Support ITSM Portal 8

9 AMS: Engagement Management Experienced, single point of contact: Open communications, interaction, and reporting Direct and coordinate Transition planning and execution Manage deliverables Manage timelines 9

10 AMS: Administration Services Application, Database and Systems Administration Expertise and Experience on Demand Day-to-Day Operations Performance tuning, and Log review Patching, upgrades, and maintenance Monitoring & Troubleshooting Backup and Recovery administration Registration Health Check (2 per year) Cloning of Production Environment to non- Production Environments 10

11 02 Application Hosting Services

12 Application Hosting Services (AHS) Cloud Infrastructure Top Tier Facility Disaster Recovery Private Cloud Enterprise Operations Center (EOC) Security Services ITIL v3 Processes 12

13 Application Hosting Services Process & Governance Security & Compliance Applications Platform Virtualization & Abstraction Compute Storage Network Facilities & Infrastructure Automation User Experience 13

14 AHS: Sample Colleague Environment 14

15 AHS: Enterprise Operations Center 24x7 team of engineers and analysts providing: Multilayer monitoring SLA Reporting Trending Notification Response Ticket generation Triage support Alerting Escalation 15

16 AHS: Enterprise Operations Center 16

17 AHS: Ellucian s Cloud Security Framework Security Policy SANS Top 20 Cloud Security Alliance Password Data Classification Portable Devices Access Control KeePass Databases Vulnerability Management Red-Blue Team Exercises Penetration Testing Role-Based Training 24x7 Incident Response Team In-House Forensic Analysis Internal Security Auditing Liaison with law enforcement Transport Data Encryption/ Encryption at Rest (via CDD) CIS benchmarking FISMA capable Litigation hold support Ellucian Confidential 17

18 AHS: Data Security in the Ellucian Cloud People Training for handling protected data Policy training Dedicated Security Response Team Access Control Security training for ops teams People Process Technology Process ISO based policies SANS Top 20 Critical Controls SSAE 16 Audit ITIL Security Incident Response Technology Hardened facility, cameras, guards. Biometrics, Keycards, Physical keys Firewall (source/destination port and protocol) Automated Vulnerability Scanning Intrusion Detection Encryption & privileged VPN access Secured VPN for back-end communications to on-campus systems Encryption of data when transmitted in/out of the secure facility 2-Factor Authentication Automated Patch Mgmt. Tools to secure staff access 18

19 Ellucian Cloud Services: AMS and AHS Application Hosting Services Application Management Services Management (Chief Information Officer / Director) Application Administration Engagement Manager Information Security Functional Experts Application Licenses Programmer Analysts / Report Writers Internet Connectivity Client Responsibilities Database Administration Operation System Administration Systems Monitoring 24x7 Service Disaster Recovery Server & Network Administration Infrastructure Hardware Hosting Infrastructure and Licensing Ellucian Responsibilities 19

20 Value Drivers Increase return on IT investment Improve Value and Effective use of IT Spend Increase Operational Efficiencies and Effectiveness 20

21 The Value of Cloud to Higher Ed Strategic Initiatives Tomorrow Strategic Initiatives Support Systems Management Today Cloud addresses Capability Capacity Cost Control Support Systems Mgt. 21

22 Why Ellucian Cloud Services? Ellucian provides the foundation for a long term partnership Software, Implementation, Managed ERP Singular focus on Higher Education One trusted partner versus multiple vendors Flexibility, partnering with the institution Risk Reduction Ellucian s community of best practices Predictable Costs Accountability Strict change control process Service level responsiveness Systems are reliable and available 24x7x365 22

23 Thank You! Joe Street Cloud Services, Sr. Solution Consultant Chris Collier Director of Cloud Services - South

Securing the Service Desk in the Cloud

Securing the Service Desk in the Cloud TECHNICAL WHITE PAPER Securing the Service Desk in the Cloud BMC s Security Strategy for ITSM in the SaaS Environment Introduction Faced with a growing number of regulatory, corporate, and industry requirements,

More information

BMC s Security Strategy for ITSM in the SaaS Environment

BMC s Security Strategy for ITSM in the SaaS Environment BMC s Security Strategy for ITSM in the SaaS Environment TABLE OF CONTENTS Introduction... 3 Data Security... 4 Secure Backup... 6 Administrative Access... 6 Patching Processes... 6 Security Certifications...

More information

Anypoint Platform Cloud Security and Compliance. Whitepaper

Anypoint Platform Cloud Security and Compliance. Whitepaper Anypoint Platform Cloud Security and Compliance Whitepaper 1 Overview Security is a top concern when evaluating cloud services, whether it be physical, network, infrastructure, platform or data security.

More information

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security Technical Paper Plain talk about security When it comes to Cloud deployment, security is top of mind for all concerned. The Infor CloudSuite team uses best-practice protocols and a thorough, continuous

More information

IBX Business Network Platform Information Security Controls. 2015-02- 20 Document Classification [Public]

IBX Business Network Platform Information Security Controls. 2015-02- 20 Document Classification [Public] IBX Business Network Platform Information Security Controls 2015-02- 20 Document Classification [Public] Table of Contents 1. General 2 2. Physical Security 2 3. Network Access Control 2 4. Operating System

More information

Security from a customer s perspective. Halogen s approach to security

Security from a customer s perspective. Halogen s approach to security September 18, 2015 Security from a customer s perspective Using a cloud-based talent management program can deliver tremendous benefits to your organization, including aligning your workforce, improving

More information

University of Pittsburgh Security Assessment Questionnaire (v1.5)

University of Pittsburgh Security Assessment Questionnaire (v1.5) Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.5) Directions and Instructions for completing this assessment The answers provided

More information

Attachment E. RFP Requirements: Mandatory Requirements: Vendor must respond with Yes or No. A No response will render the vendor nonresponsive.

Attachment E. RFP Requirements: Mandatory Requirements: Vendor must respond with Yes or No. A No response will render the vendor nonresponsive. Attachment E RFP Requirements: Mandatory Requirements: Vendor must respond with Yes or No. A No response will render the vendor nonresponsive. Questions Support for Information Security 1. The Supplier

More information

Autodesk PLM 360 Security Whitepaper

Autodesk PLM 360 Security Whitepaper Autodesk PLM 360 Autodesk PLM 360 Security Whitepaper May 1, 2015 trust.autodesk.com Contents Introduction... 1 Document Purpose... 1 Cloud Operations... 1 High Availability... 1 Physical Infrastructure

More information

PCI Requirements Coverage Summary Table

PCI Requirements Coverage Summary Table StillSecure PCI Complete Managed PCI Compliance Solution PCI Requirements Coverage Summary Table December 2011 Table of Contents Introduction... 2 Coverage assumptions for PCI Complete deployments... 2

More information

APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST

APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST Application Name: Vendor Name: Briefly describe the purpose of the application. Include an overview of the application architecture, and identify the data

More information

Information Security Risk Assessment Checklist. A High-Level Tool to Assist USG Institutions with Risk Analysis

Information Security Risk Assessment Checklist. A High-Level Tool to Assist USG Institutions with Risk Analysis Information Security Risk Assessment Checklist A High-Level Tool to Assist USG Institutions with Risk Analysis Updated Oct 2008 Introduction Information security is an important issue for the University

More information

Critical Controls for Cyber Security. www.infogistic.com

Critical Controls for Cyber Security. www.infogistic.com Critical Controls for Cyber Security www.infogistic.com Understanding Risk Asset Threat Vulnerability Managing Risks Systematic Approach for Managing Risks Identify, characterize threats Assess the vulnerability

More information

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including: IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including: 1. IT Cost Containment 84 topics 2. Cloud Computing Readiness 225

More information

Cloud Vendor Evaluation

Cloud Vendor Evaluation Cloud Vendor Evaluation Checklist Life Sciences in the Cloud Cloud Vendor Evaluation Checklist What to evaluate when choosing a cloud vendor in Life Sciences Cloud computing is radically changing business

More information

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1 Host Hardening Presented by Douglas Couch & Nathan Heck Security Analysts for ITaP 1 Background National Institute of Standards and Technology Draft Guide to General Server Security SP800-123 Server A

More information

VMware vcloud Air SOC 1 Control Matrix

VMware vcloud Air SOC 1 Control Matrix SOC 1 Control Objectives/Activities Matrix goes to great lengths to ensure the security and availability of vcloud Air services. In this effort, we have undergone a variety of industry standard audits,

More information

Caretower s SIEM Managed Security Services

Caretower s SIEM Managed Security Services Caretower s SIEM Managed Security Services Enterprise Security Manager MSS -TRUE 24/7 Service I.T. Security Specialists Caretower s SIEM Managed Security Services 1 Challenges & Solution Challenges During

More information

INCIDENT RESPONSE CHECKLIST

INCIDENT RESPONSE CHECKLIST INCIDENT RESPONSE CHECKLIST The purpose of this checklist is to provide clients of Kivu Consulting, Inc. with guidance in the initial stages of an actual or possible data breach. Clients are encouraged

More information

PCI Requirements Coverage Summary Table

PCI Requirements Coverage Summary Table StillSecure PCI Complete Managed PCI Compliance Solution PCI Requirements Coverage Summary Table January 2013 Table of Contents Introduction... 2 Coverage assumptions for PCI Complete deployments... 2

More information

The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing

The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing Your Platform of Choice The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing Mark Cravotta EVP Sales and Service SingleHop LLC Talk About Confusing? Where do I start?

More information

Hosted SharePoint: Questions every provider should answer

Hosted SharePoint: Questions every provider should answer Hosted SharePoint: Questions every provider should answer Deciding to host your SharePoint environment in the Cloud is a game-changer for your company. The potential savings surrounding your time and money

More information

Client Security Risk Assessment Questionnaire

Client Security Risk Assessment Questionnaire Select the appropriate answer from the drop down in the column, and provide a brief description in the section. 1 Do you have a member of your organization with dedicated information security duties? 2

More information

Data Security and Healthcare

Data Security and Healthcare Data Security and Healthcare Complex data flows Millions of electronic medical records across many systems New and emerging business relationships Changing and maturing compliance frameworks Diverse population

More information

Information Technology Solutions. Managed IT Services

Information Technology Solutions. Managed IT Services Managed IT Services System downtime, viruses, spyware, lost productivity; if these problems are impacting your business, it is time to make technology work for you. At ITS, we understand the importance

More information

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Two

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Two Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Two Data Handling in University Case Study- Information Security in University Agenda Case Study Background

More information

Miami University. Payment Card Data Security Policy

Miami University. Payment Card Data Security Policy Miami University Payment Card Data Security Policy IT Policy IT Standard IT Guideline IT Procedure IT Informative Issued by: IT Services SCOPE: This policy covers all units within Miami University that

More information

Library Systems Security: On Premises & Off Premises

Library Systems Security: On Premises & Off Premises Library Systems Security: On Premises & Off Premises Guoying (Grace) Liu University of Windsor Leddy Library Huoxin (Michael) Zheng Castlebreck Inc. CLA 2015 Annual Conference, Ottawa, June 5, 2015 Information

More information

An Oracle White Paper May 2016. Oracle Integration Cloud Service (ICS) Security & Compliance

An Oracle White Paper May 2016. Oracle Integration Cloud Service (ICS) Security & Compliance An Oracle White Paper May 2016 Oracle Integration Cloud Service (ICS) Security & Compliance Contents Introduction... 1 Governance, Risk & Compliance... 1 Auditing and Reporting of Operational & Business

More information

Secure, Scalable and Reliable Cloud Analytics from FusionOps

Secure, Scalable and Reliable Cloud Analytics from FusionOps White Paper Secure, Scalable and Reliable Cloud Analytics from FusionOps A FusionOps White Paper FusionOps 265 Santa Ana Court Sunnyvale, CA 94085 www.fusionops.com World-class security... 4 Physical Security...

More information

BMC Remedy OnDemand. Product Overview

BMC Remedy OnDemand. Product Overview Alf Abuhajleh January 2012 Table of Contents BMC Remedy OnDemand 2 What you get with your subscription 2 Applications... 2 Purchase Requirements... 2 Internationalization... 2 Infrastructure and Service-level

More information

THE BLUENOSE SECURITY FRAMEWORK

THE BLUENOSE SECURITY FRAMEWORK THE BLUENOSE SECURITY FRAMEWORK Bluenose Analytics, Inc. All rights reserved TABLE OF CONTENTS Bluenose Analytics, Inc. Security Whitepaper ISO 27001/27002 / 1 The Four Pillars of Our Security Program

More information

Information Technology General Controls And Best Practices

Information Technology General Controls And Best Practices Paul M. Perry, FHFMA, CITP, CPA Alabama CyberNow Conference April 5, 2016 Information Technology General Controls And Best Practices 1. IT General Controls - Why? 2. IT General Control Objectives 3. Documentation

More information

Navigate Your Way to NERC Compliance

Navigate Your Way to NERC Compliance Navigate Your Way to NERC Compliance NERC, the North American Electric Reliability Corporation, is tasked with ensuring the reliability and safety of the bulk power system in North America. As of 2010,

More information

Troux Hosting Options

Troux Hosting Options Troux Hosting Options Introducing Troux Hosting Options Benefits of a Hosted Troux Environment...3 Convenience...3 Time-to-Value...3 Reduced Cost of Ownership...3 Scalability and Flexibility...3 Security...4

More information

Bellevue University Cybersecurity Programs & Courses

Bellevue University Cybersecurity Programs & Courses Undergraduate Course List Core Courses: CYBR 250 Introduction to Cyber Threats, Technologies and Security CIS 311 Network Security CIS 312 Securing Access Control CIS 411 Assessments and Audits CYBR 320

More information

Keyfort Cloud Services (KCS)

Keyfort Cloud Services (KCS) Keyfort Cloud Services (KCS) Data Location, Security & Privacy 1. Executive Summary The purposes of this document is to provide a common understanding of the data location, security, privacy, resiliency

More information

BAE Systems PCI Essentail. PCI Requirements Coverage Summary Table

BAE Systems PCI Essentail. PCI Requirements Coverage Summary Table BAE Systems PCI Essentail PCI Requirements Coverage Summary Table Introduction BAE Systems PCI Essential solution can help your company significantly reduce the costs and complexity of meeting PCI compliance

More information

DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the

More information

STATE OF NEW JERSEY Security Controls Assessment Checklist

STATE OF NEW JERSEY Security Controls Assessment Checklist STATE OF NEW JERSEY Security Controls Assessment Checklist Appendix D to 09-11-P1-NJOIT P.O. Box 212 www.nj.gov/it/ps/ 300 Riverview Plaza Trenton, NJ 08625-0212 Agency/Business (Extranet) Entity Response

More information

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 1. Obtain previous workpapers/audit reports. FIREWALL CHECKLIST Pre Audit Checklist 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 3. Obtain current network diagrams

More information

Cloud Security and Managing Use Risks

Cloud Security and Managing Use Risks Carl F. Allen, CISM, CRISC, MBA Director, Information Systems Security Intermountain Healthcare Regulatory Compliance External Audit Legal and ediscovery Information Security Architecture Models Access

More information

UCF Security Incident Response Plan High Level

UCF Security Incident Response Plan High Level UCF Security Incident Response Plan High Level Chris Vakhordjian Information Security Officer Computer Services & Telecommunications Division of IT&R Revision 1.1, 7 June 2007 Information Security Office

More information

Small Firm Focus: A Practical Approach to Cybersecurity Friday, May 29 9:00 a.m. 10:15 a.m.

Small Firm Focus: A Practical Approach to Cybersecurity Friday, May 29 9:00 a.m. 10:15 a.m. Small Firm Focus: A Practical Approach to Cybersecurity Friday, May 29 9:00 a.m. 10:15 a.m. Topics: Explain why it is important for firms of all sizes to address cybersecurity risk. Demonstrate awareness

More information

Section 1 CREDIT UNION Member Information Security Due Diligence Questionnaire

Section 1 CREDIT UNION Member Information Security Due Diligence Questionnaire SAMPLE CREDIT UNION INFORMATION SECURITY DUE DILIGENCE QUESTIONNAIRE FOR POTENTIAL VENDORS Section 1 CREDIT UNION Member Information Security Due Diligence Questionnaire 1. Physical security o Where is

More information

Digi Device Cloud: Security You Can Trust

Digi Device Cloud: Security You Can Trust Digi Device Cloud: Security You Can Trust Abstract Historically, security has oftentimes been an afterthought or a bolt-on to any engineering product. In today s markets, however, security is taking a

More information

Executive Summary Program Highlights for FY2009/2010 Mission Statement Authority State Law: University Policy:

Executive Summary Program Highlights for FY2009/2010 Mission Statement Authority State Law: University Policy: Executive Summary Texas state law requires that each state agency, including Institutions of Higher Education, have in place an Program (ISP) that is approved by the head of the institution. 1 Governance

More information

Publication 805-A Revision: Certification and Accreditation

Publication 805-A Revision: Certification and Accreditation Postal Bulletin 22358 (3-7-13) Policies, Procedures, and Forms Updates Publication 805-A Revision: Certification and Accreditation Effective immediately, the January 2013 edition of Publication 805-A,

More information

Security Controls for the Autodesk 360 Managed Services

Security Controls for the Autodesk 360 Managed Services Autodesk Trust Center Security Controls for the Autodesk 360 Managed Services Autodesk strives to apply the operational best practices of leading cloud-computing providers around the world. Sound practices

More information

Time to Value: Successful Cloud Software Implementation

Time to Value: Successful Cloud Software Implementation Time to Value: Successful Cloud Software Implementation Cloud & Data Security 2015 Client Conference About the Presenter Scott Schimberg, CPA, CMA Partner, Consulting, Armanino Scott became a Certified

More information

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the specific

More information

Collaborate on your projects in a secure environment. Physical security. World-class datacenters. Uptime over 99%

Collaborate on your projects in a secure environment. Physical security. World-class datacenters. Uptime over 99% Security overview Collaborate on your projects in a secure environment Thousands of businesses, including Fortune 500 corporations, trust Wrike for managing their projects through collaboration in the

More information

The Protection Mission a constant endeavor

The Protection Mission a constant endeavor a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring

More information

Introduction to Cyber Security / Information Security

Introduction to Cyber Security / Information Security Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be

More information

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL for INFORMATION RESOURCES Updated: June 2007 Information Resources Security Manual 1. Purpose of Security Manual 2. Audience 3. Acceptable

More information

Security Policy for External Customers

Security Policy for External Customers 1 Purpose Security Policy for This security policy outlines the requirements for external agencies to gain access to the City of Fort Worth radio system. It also specifies the equipment, configuration

More information

Cloud Technology Platform Enables Leading HR and Payroll Services Provider To Meet Solution Objectives

Cloud Technology Platform Enables Leading HR and Payroll Services Provider To Meet Solution Objectives Greytip Online Cloud based HR & Payroll software Cloud Technology Platform Enables Leading 16 Snapshot Client Profile A global HR & Payroll outsourcing company. The company is in the business of delivering

More information

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer What is Cloud Computing A model for enabling convenient, on-demand network access to a shared pool of configurable

More information

CompTIA Security+ (Exam SY0-410)

CompTIA Security+ (Exam SY0-410) CompTIA Security+ (Exam SY0-410) Length: Location: Language(s): Audience(s): Level: Vendor: Type: Delivery Method: 5 Days 182, Broadway, Newmarket, Auckland English, Entry Level IT Professionals Intermediate

More information

System Security Plan University of Texas Health Science Center School of Public Health

System Security Plan University of Texas Health Science Center School of Public Health System Security Plan University of Texas Health Science Center School of Public Health Note: This is simply a template for a NIH System Security Plan. You will need to complete, or add content, to many

More information

TASK -040. TDSP Web Portal Project Cyber Security Standards Best Practices

TASK -040. TDSP Web Portal Project Cyber Security Standards Best Practices Page 1 of 10 TSK- 040 Determine what PCI, NERC CIP cyber security standards are, which are applicable, and what requirements are around them. Find out what TRE thinks about the NERC CIP cyber security

More information

SMS. Cloud Computing. Systems Management Specialists. Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales

SMS. Cloud Computing. Systems Management Specialists. Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales SMS Systems Management Specialists Cloud Computing Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales Cloud Computing The SMS Model: Cloud computing is a model for enabling ubiquitous, convenient,

More information

1 Purpose... 2. 2 Scope... 2. 3 Roles and Responsibilities... 2. 4 Physical & Environmental Security... 3. 5 Access Control to the Network...

1 Purpose... 2. 2 Scope... 2. 3 Roles and Responsibilities... 2. 4 Physical & Environmental Security... 3. 5 Access Control to the Network... Contents 1 Purpose... 2 2 Scope... 2 3 Roles and Responsibilities... 2 4 Physical & Environmental Security... 3 5 Access Control to the Network... 3 6 Firewall Standards... 4 7 Wired network... 5 8 Wireless

More information

EVALUATION REPORT. Weaknesses Identified During the FY 2014 Federal Information Security Management Act Review. March 13, 2015 REPORT NUMBER 15-07

EVALUATION REPORT. Weaknesses Identified During the FY 2014 Federal Information Security Management Act Review. March 13, 2015 REPORT NUMBER 15-07 EVALUATION REPORT Weaknesses Identified During the FY 2014 Federal Information Security Management Act Review March 13, 2015 REPORT NUMBER 15-07 EXECUTIVE SUMMARY Weaknesses Identified During the FY 2014

More information

An Evaluation Framework for Selecting an Enterprise Cloud Provider

An Evaluation Framework for Selecting an Enterprise Cloud Provider An Evaluation Framework for Selecting an Enterprise Cloud Provider WHITE PAPER This White Paper is intended for senior IT leaders of global enterprises considering a new cloud solution or expanding an

More information

Remote Services. Managing Open Systems with Remote Services

Remote Services. Managing Open Systems with Remote Services Remote Services Managing Open Systems with Remote Services Reduce costs and mitigate risk with secure remote services As control systems move from proprietary technology to open systems, there is greater

More information

Managed Services Agreement. Hilliard Office Solutions, Ltd. PO Box 52510 Phone: 432-617-4677 Midland, Texas 79710 Fax: 432-617-3043

Managed Services Agreement. Hilliard Office Solutions, Ltd. PO Box 52510 Phone: 432-617-4677 Midland, Texas 79710 Fax: 432-617-3043 Managed Services Agreement Hilliard Office Solutions, Ltd. PO Box 52510 Phone: 432-617-4677 Midland, Texas 79710 Fax: 432-617-3043 SERVICE DESCRIPTIONS By purchasing these Services from Hilliard Office

More information

Security Threat Risk Assessment: the final key piece of the PIA puzzle

Security Threat Risk Assessment: the final key piece of the PIA puzzle Security Threat Risk Assessment: the final key piece of the PIA puzzle Curtis Kore, Information Security Analyst Angela Swan, Director, Information Security Agenda Introduction Current issues The value

More information

Security Officer s Checklist in a Sourcing Deal

Security Officer s Checklist in a Sourcing Deal Security Officer s Checklist in a Sourcing Deal Guide Share Europe Ostend, May 9th 2014 Johan Van Mengsel IBM Distinguished IT Specialist IBM Client Abstract Sourcing deals creates opportunities and challenges.

More information

Four Top Emagined Security Services

Four Top Emagined Security Services Four Top Emagined Security Services. www.emagined.com Emagined Security offers a variety of Security Services designed to support growing security needs. This brochure highlights four key Emagined Security

More information

Larry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping

Larry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping Larry Wilson Version 1.0 November, 2013 University Cyber-security Program Critical Asset Mapping Part 3 - Cyber-Security Controls Mapping Cyber-security Controls mapped to Critical Asset Groups CSC Control

More information

Running Mission-Critical Enterprise Applications in Private and Hybrid Cloud Environments

Running Mission-Critical Enterprise Applications in Private and Hybrid Cloud Environments Running Mission-Critical Enterprise Applications in Private and Hybrid Cloud Environments Working in Partnership Today s Presenters Working in Partnership Paul Calvert IT Services Solution Line Director

More information

Current IBAT Endorsed Services

Current IBAT Endorsed Services Current IBAT Endorsed Services Managed Network Intrusion Prevention and Detection Service SecureWorks provides proactive management and real-time security event monitoring and analysis across your network

More information

Vistara Lifecycle Management

Vistara Lifecycle Management Vistara Lifecycle Management Solution Brief Unify IT Operations Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid

More information

Name: Position held: Company Name: Is your organisation ISO27001 accredited:

Name: Position held: Company Name: Is your organisation ISO27001 accredited: Third Party Information Security Questionnaire This questionnaire is to be completed by the system administrator and by the third party hosting company if a separate company is used. Name: Position held:

More information

Small Business IT Risk Assessment

Small Business IT Risk Assessment Small Business IT Risk Assessment Company name: Completed by: Date: Where Do I Begin? A risk assessment is an important step in protecting your customers, employees, and your business, and well as complying

More information

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing

More information

Vendor Audit Questionnaire

Vendor Audit Questionnaire Vendor Audit Questionnaire The following questionnaire should be completed as thoroughly as possible. When information cannot be provided it should be noted why it cannot be provided. Information may be

More information

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Security concerns and dangers come both from internal means as well as external. In order to enhance your security posture

More information

Spyders Managed Security Services

Spyders Managed Security Services Spyders Managed Security Services To deliver world-class Managed Security Services, Spyders must maintain and invest in a strong Security Operations Centre (SOC) capability. Spyders SOC capability is built

More information

VMware vcloud Air Security TECHNICAL WHITE PAPER

VMware vcloud Air Security TECHNICAL WHITE PAPER TECHNICAL WHITE PAPER The Shared Security Model for vcloud Air The end-to-end security of VMware vcloud Air (the Service ) is shared between VMware and the customer. VMware provides security for the aspects

More information

Vendor Questionnaire

Vendor Questionnaire Instructions: This questionnaire was developed to assess the vendor s information security practices and standards. Please complete this form as completely as possible, answering yes or no, and explaining

More information

GoodData Corporation Security White Paper

GoodData Corporation Security White Paper GoodData Corporation Security White Paper May 2016 Executive Overview The GoodData Analytics Distribution Platform is designed to help Enterprises and Independent Software Vendors (ISVs) securely share

More information

Since 2005 E-SPIN SDN BHD. All Right Reserved. www.e-spincorp.com. SIEM - Log Consolidation Management (LCM) Solution

Since 2005 E-SPIN SDN BHD. All Right Reserved. www.e-spincorp.com. SIEM - Log Consolidation Management (LCM) Solution Since 2005 E-SPIN SDN BHD. All Right Reserved. www.e-spincorp.com SIEM - Log Consolidation Management (LCM) Solution Copyrighted Copyright Since 2005-2011 and respective update by E-SPIN Sdn. Bhd. All

More information

Always on. Hawaiian Telcom. April 27, 2016. State of Hawaii. State Procurement Office Carey Ann Sasaki P.O. Box 119 Honolulu, HI 96810-119

Always on. Hawaiian Telcom. April 27, 2016. State of Hawaii. State Procurement Office Carey Ann Sasaki P.O. Box 119 Honolulu, HI 96810-119 Managed.. Hawaiian Telcom April 27, 2016 State of Hawaii State Procurement Office Carey Ann Sasaki P.O. Box 119 Honolulu, HI 96810-119 Subject: SPO Vendor List Contract No. 12-12 Furnish, Deliver, Install,

More information

CLOUD FRAMEWORK & SECURITY OVERVIEW

CLOUD FRAMEWORK & SECURITY OVERVIEW CLOUD FRAMEWORK & OVERVIEW From small businesses to the largest Fortune 500 Enterprises, customers trust the irise cloud infrastructure when collaborating to define and design their applications. This

More information

Network Security Guidelines. e-governance

Network Security Guidelines. e-governance Network Security Guidelines for e-governance Draft DEPARTMENT OF ELECTRONICS AND INFORMATION TECHNOLOGY Ministry of Communication and Information Technology, Government of India. Document Control S/L Type

More information

Information Security Handbook

Information Security Handbook Information Security Handbook Adopted 6/4/14 Page 0 Page 1 1. Introduction... 5 1.1. Executive Summary... 5 1.2. Governance... 5 1.3. Scope and Application... 5 1.4. Biennial Review... 5 2. Definitions...

More information

Addressing Cloud Computing Security Considerations

Addressing Cloud Computing Security Considerations Addressing Cloud Computing Security Considerations with Microsoft Office 365 Protect more Contents 2 Introduction 3 Key Security Considerations 4 Office 365 Service Stack 5 ISO Certifications for the Microsoft

More information

Print4 Solutions fully comply with all HIPAA regulations

Print4 Solutions fully comply with all HIPAA regulations HIPAA Compliance Print4 Solutions fully comply with all HIPAA regulations Print4 solutions do not access, store, process, monitor, or manage any patient information. Print4 manages and optimize printer

More information

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc. Company Co. Inc. LLC Multiple Minds, Singular Results LAN Domain Network Security Best Practices An integrated approach to securing Company Co. Inc. LLC s network Written and Approved By: Geoff Lacy, Tim

More information

Managed Security Services for Data

Managed Security Services for Data A v a y a G l o b a l S e r v i c e s Managed Security Services for Data P r o a c t i v e l y M a n a g i n g Y o u r N e t w o r k S e c u r i t y 2 4 x 7 x 3 6 5 IP Telephony Contact Centers Unified

More information

Position Description. Job Summary: Campus Job Scope:

Position Description. Job Summary: Campus Job Scope: Position Description Report Run Date Sep 10 2015 11:07AM Position Number: 02018467 Dept: ENT APPS & INFRASTRUCTURE SVCS - 061419 Position: WNDOWS SYSTEM APPLICATION ADMINISTRATOR Approved Payroll Title

More information

2011 2012 Aug. Sept. Oct. Nov. Dec. Jan. Feb. March April May-Dec.

2011 2012 Aug. Sept. Oct. Nov. Dec. Jan. Feb. March April May-Dec. The OCR Auditors are coming - Are you next? What to Expect and How to Prepare On June 10, 2011, the U.S. Department of Health and Human Services Office for Civil Rights ( OCR ) awarded KPMG a $9.2 million

More information

Integrating Security into Your Corporate Infrastructure

Integrating Security into Your Corporate Infrastructure Integrating Security into Your Corporate Infrastructure December 13, 2001 Matthew K. Miller, CISSP, GIAC Manager, Security Services RedSiren Technologies 1 Who is RedSiren? We are a MSSP Managed Security

More information

THE UNIVERSITY OF IOWA INFORMATION SECURITY PLAN

THE UNIVERSITY OF IOWA INFORMATION SECURITY PLAN THE UNIVERSITY OF IOWA INFORMATION SECURITY PLAN This document is a compilation of resources, policy information and descriptions encompassing the overall (enterprise) information security environment

More information

Information Security Policy and Handbook Overview. ITSS Information Security June 2015

Information Security Policy and Handbook Overview. ITSS Information Security June 2015 Information Security Policy and Handbook Overview ITSS Information Security June 2015 Information Security Policy Control Hierarchy System and Campus Information Security Policies UNT System Information

More information

Security Tool Kit System Checklist Departmental Servers and Enterprise Systems

Security Tool Kit System Checklist Departmental Servers and Enterprise Systems Security Tool Kit System Checklist Departmental Servers and Enterprise Systems INSTRUCTIONS System documentation specifically related to security controls of departmental servers and enterprise systems

More information

INFRASTRUCTURE AS A SERVICE BUYER S CHECKLIST

INFRASTRUCTURE AS A SERVICE BUYER S CHECKLIST INFRASTRUCTURE AS A SERVICE BUYER S CHECKLIST 2 CONTENTS SERVICE LEVELS 3 SERVICE AND SUPPORT 4 CERTIFICATIONS 4 MANAGED HOSTING 7 BILLING 8 SERVICE MANAGEMENT 8 TECHNOLOGY 9 GLOBAL, REGIONAL, LOCAL 10

More information