AgriLife Information Technology IT General Session January 2010

Transcription

1 AgriLife Information Technology IT General Session January 2010

2 Agenda Topics Year in Review Enterprise IT Services Update FirstCall Overview and Next Steps Sophos Antivirus Initiative Update Information/ System Security Program Overview

3 Year in Review System IT Audits The year of the Audit Help Desk Launch Site Visits Enterprise IT Services Analysis Enterprise Antivirus Initiative

4 Enterprise IT Services Update January 2010

5 Enterprise IT Service Update Set of Recommendations Presented late October to Administration Consisting of the Following Components: Next Steps Enterprise , Calendaring, Contacts Enterprise Directory / Identity Management Enterprise File Services (Backup, Archiving, Replication) Web hosting, Applications Server, Disaster Recovery Testing Architecture Regional Center IT Infrastructure Needs Complete HR resourcing / Level IV Colo cost modeling Finalize Funding model discussions with administration Initiate project planning, infrastructure procurement, platform/service testing

6 FirstCall Help Desk Program Update January 2010

7 Enterprise Antivirus (Sophos) Update January 2010

8 Sophos Update Jul 2009: Selected after comprehensive enterprise AV industry / product review Provides Enterprise Class functions: - Antivirus, Malware, Spy bot, PUA detection and deterrence - Data Loss Protection (DLP) / alerts - Antivirus removal tools - Reporting and alerts - Managed Firewall - Web Alert Service Oct 2009: Initiated deployment Jan 2010: 1,300 workstations migrated to date Current base roughly 50% regional, 50% campus Key Issues: SEP removal, Windows 7 build # recognition

9 Sophos Update Next Steps: Continue and finalize deployment phase Finalize development of Console and Removal Tools training program Formalize operation communications and practices Formalize Home Version offering and support policies Release Home Version Initiate Web Alert Service Offering

10 IT Security & Management Update January 2010

11 Year In Review College Audit Finalized! AgriLife Extension and Research Agency System IT Audit Conducted Assisted in University ISSAC Process and Remediation Facilitate Management Review Team Remediation (for 14 units) Launched New Blog (ait-security.tamu.edu) More comprehensive Communications from ISO

12 Security Office - Vision Implement cost effective solutions and proactive security practices and strategies to the changing security risk. Provide information and analysis on changing regulations and policies Perform regular assessments on the overall state of AgriLife IT security and IT management Education & Awareness Quality Assurance Audit Assistance Strategic Guidance

13 IT Security & Management Program IT Security & Management Program Purpose: To establish a formal overall set of IT management and assessment practices to guarantee ongoing adherence and understanding of IT security and operational management requirements established by State of Texas for institutes of higher education and state agencies. Program Model: Participants: Unit IT managers, AgriLife IT, AgriLife Administration Consists of: Scheduled and Ongoing Initiatives Facilitated by: AgriLife IT Accountable to: AgriLife Administration (risk assessments, funding, etc.)

14 IT Security & Management Program Scheduled Initiatives: ISAAC Reporting (All) ISAAC Review Process (ISO, IT Managers) Disaster Recovery Plan Submission & Review & Testing Cycle (All) Annual IT Risk Assessment Report (AIT Director) Annual Information Resource Security Controls Report (ISO) Physical Security Reviews (MRT, AIT ISO) State Incident Report (monthly - All) DIR Pen Tests As Required: Security Incident response mitigation & reporting Mgmt Review Team Remediation ISAAC Remediation Educational/Awareness Components: Best practice guides (IT management, end users) IT Policies and Terms of Use Communication & Awareness Security awareness notifications (exploits, exposures, etc.) Operating system and application patch notifications

15 ITSMP Annual Calendar of Events Pre ISSAC Planning Ad Hoc Physical Security Reviews ISSAC Reporting Period ISSAC Reviews & Remediation JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC Annual Risk Assess. & ISO Sec. Report to VC Office DRP Submission Period DIR Pen Tests DIR Pen Test Remediation Disaster Recovery Plan Testing Disaster Recovery Plan Reviews * Monthly Security Incident Reports ** Management Review Team Audits

16 Security Office Contact Info The Information Security Office can be contacted at or by sending e mail to j braden@tamu.edu You can view our information resource links at