California State Polytechnic University, Pomona. Network Monitoring Guidelines



Similar documents
R345, Information Technology Resource Security 1

Ohio Supercomputer Center

Utica College. Information Security Plan

Minnesota State Colleges and Universities System Procedures Chapter 5 Administration. Guideline Information Security Incident Response

California State Polytechnic University, Pomona. Desktop Security Standard and Guidelines

Account Management Standards

Network Security Policy

Standard: Information Security Incident Management

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES

Network Security Policy

Cal Poly Information Security Program

Approved by President Mohammed Qayoumi. Reviews: IT Management Advisory Committee

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL

IT Security Standard: Computing Devices

The University of Information Technology Management System

University of Maryland Baltimore Information Technology Acceptable Use Policy

CONTENTS. Introduction Page 2. Scope.Page 2. Policy Statements Pages 2-3. Major IT Security Incidents Defined... Page 3

Ulster University Standard Cover Sheet

ANNUAL SECURITY RESPONSIBILITY REVIEW

University of Kent Information Services Information Technology Security Policy

INFORMATION SECURITY Humboldt State University

ST. CLOUD STATE UNIVERSITY INSTALLATION AND USE OF VIDEO SURVEILLANCE EQUIPMENT PROCEDURE. Purpose

NETWORK AND AIS AUDIT, LOGGING, AND MONITORING POLICY OCIO TABLE OF CONTENTS

University of Colorado at Denver and Health Sciences Center HIPAA Policy. Policy: 9.2 Latest Revision: 04/17/2005 Security Incidents Page: 1 of 9

Guideline on Auditing and Log Management

INFORMATION SECURITY California Maritime Academy

COMPUTER AND NETWORK USAGE POLICY

CSUSB Cloud Computing Standard CSUSB, Information Security Office

SUPREME COURT OF COLORADO OFFICE OF THE CHIEF JUSTICE

C. Author(s): David Millar (ISC Information Security) and Lauren Steinfeld (Chief Privacy Officer)

Information Security Policy

Southern Law Center Law Center Policy #IT0014. Title: Privacy Expectations for SULC Computing Resources

California State University, Sacramento INFORMATION SECURITY PROGRAM

Specific observations and recommendations that were discussed with campus management are presented in detail below.

APHIS INTERNET USE AND SECURITY POLICY

UTech Services Compliance, Auditing, Risk, and Security (CARS) Team Charter

STFC Monitoring and Interception policy for Information & Communications Technology Systems and Services

Data Security Incident Response Plan. [Insert Organization Name]

Ohio Supercomputer Center

REQUEST FOR BOARD ACTION

Responsible Use of Technology and Information Resources

933 COMPUTER NETWORK/SERVER SECURITY POLICY

AUGUST 28, 2013 INFORMATION TECHNOLOGY INCIDENT RESPONSE PLAN Siskiyou Boulevard Ashland OR 97520

UIT Security is responsible for developing security best practices, promoting security awareness, coordinating security issues, and conducting

State of Vermont. Intrusion Detection and Prevention Policy. Date: Approved by: Tom Pelham Policy Number:

Information Technology Services Guidelines

III. RESPONSIBILITIES

How To Monitor A Municipality

Central Texas College District Human Resource Management Operating Policies and Procedures Manual Policy No. 294: Computer Security Policy

Wright State University Information Security

Wellesley College Whistleblower Policy Adopted April 2009

BLOOMFIELD COLLEGE ACCEPTABLE USE POLICY

TABLE OF CONTENTS. University of Northern Colorado

RUTGERS POLICY. Section Title: Legacy UMDNJ policies associated with Information Technology

OSU INSTITUTE OF TECHNOLOGY POLICY & PROCEDURES

Policy for Accepting Payment (Credit) Card and Ecommerce Payments

California State University, Chico. Information Security Incident Management Plan

Information Technology Policy

Information Security Operational Procedures Banner Student Information System Security Policy

Bates Technical College. Information Technology Acceptable Use Policy

Monitoring for network security and management. Cyber Solutions Inc.

IT Security Handbook. Incident Response and Management: Targeted Collection of Electronic Data

Network Security Policy: Best Practices White Paper

POLICY TEMPLATE. Date initially approved: November 5, 2013 Date of last revision: same

Data Management Policies. Sage ERP Online

COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING

Mental Health Resources, Inc. Mental Health Resources, Inc. Corporate Compliance Plan Corporate Compliance Plan

Boynton Beach Chamber Lunch. How to Deter, Defend, and Detect Identity Theft July 11, 2012

Computer Security Incident Reporting and Response Policy

Policy No: TITLE: EFFECTIVE DATE: CANCELLATION: REVIEW DATE:

BALTIMORE CITY COMMUNITY COLLEGE INFORMATION TECHNOLOGY SECURITY PLAN

UNIVERSITY OF ROCHESTER INFORMATION TECHNOLOGY POLICY

RUTGERS POLICY. Policy Name: Standards for Privacy of Individually Identifiable Health Information

Maruleng Local Municipality

ARTICLE 10. INFORMATION TECHNOLOGY

Chicago State University Computer Usage Policy

Standard: Event Monitoring

Information Security Program

Information Services. The University of Kent Information Technology Security Policy

Policy on Privileged Access

Title: Data Security Policy Code: Date: rev Approved: WPL INTRODUCTION

CITY OF BOULDER *** POLICIES AND PROCEDURES

Intrusion Detection for Mobile Ad Hoc Networks

MCOLES Information and Tracking Network. Security Policy. Version 2.0

BERKELEY COLLEGE DATA SECURITY POLICY

Responsible Access and Use of Information Technology Resources and Services Policy

A Database Security Management White Paper: Securing the Information Business Relies On. November 2004

Legislative Language

Introduction of Intrusion Detection Systems

Information Security Plan May 24, 2011

Introduction. Purpose. Reference. Applicability. HIPAA Policy 7.1. Safeguards to Protect the Privacy of PHI

Who Should Know This Policy 2 Definitions 2 Contacts 3 Procedures 3 Forms 5 Related Documents 5 Revision History 5 FAQs 5

USM IT Security Council Guide for Security Event Logging. Version 1.1

Log Management Standard 1.0 INTRODUCTION 2.0 SYSTEM AND APPLICATION MONITORING STANDARD. 2.1 Required Logging

Standard Operating Procedure. Authority to access and monitor University IT Account holder communications and data

Information technology security and system integrity policy.

Marist College. Information Security Policy

Transcription:

California State Polytechnic University, Pomona Network Monitoring Guidelines Developed in consultation with the Information Security Governance Council Al Arboleda, Stephanie Doda, Glendy Yeh, Kevin Morningstar, Lisa Rotunni, Joe Matsumoto, Randall Townsend And University Human Resources, Faculty Affairs, and I&IT Systems Angie Hernandez, George Tejadilla, and Jarod Beekman Final: 12/10/10

Revision Control Document Title: Author: File Reference: CPP Network Monitoring Guidelines Information Security Department Network Monitoring Guidelines121010.doc Date By Action Pages 8/10/10 Al Arboleda Develop Draft 8/12/10 Al Arboleda Update Guidelines 3 12/09/10 Al Arboleda Update Guideline add Chief of Police to consultation process Review/Approval History Date By Action Pages 9/1/10 Angie Hernandez and George, Tejadilla 9/14/10 Information Security Governance Council 12/10/10 Information Technology Governance Council 4 2

Network Monitoring Guidelines Purpose The purpose of this document is to outline university guidelines regarding the monitoring, logging, and retention of network packets that traverse the university network. Cal Poly Pomona takes all reasonable measures to assure the integrity of private and confidential electronic information transported over its networks. The goals of these guidelines are to maintain the confidentiality, integrity, and availability of the university s network infrastructure and information assets. Any inspection of electronic data packets, and any action performed following such inspection, will be governed by all applicable federal and state statutes and by CSU and Cal Poly Pomona policies. Scope This guideline applies to all IT Custodians and IT Owners of department or enterprise information technology resource (including, but not limited to, any networking devices, network monitoring devices, computers acting as network monitoring device, intrusion detection systems other packet sniffing devices, logs of other devices such as firewalls, and flow detectors monitoring network activity) operating on a university network. Guidelines 1. Two groups on campus are authorized to routinely monitor traffic on university networks. These groups are I&IT Systems and the Information Security Office (ISO). 2. The University will not monitor traffic on university networks in most instances, nor will it examine the content of network packets that traverse the university network except under certain circumstances. 3. Authorized staff shall use network monitoring devices only to detect: known patterns of attack or compromise; the improper release of confidential employee or student data; or to troubleshoot and analyze network-based problems. Authorized staff may also analyze certain network-based anomalies to determine the security risk to the university and conduct statistical/operational studies. monitoring shall be as narrow in scope as possible. 4. Authorized staff may not exceed specified scope of monitoring (for example, users, address ranges, protocols, signatures). 3

5. Investigations into allegation of violation of policy or law will require the review and approval of the Chief Information Officer, and the respective Division Vice President before network monitoring can begin. The Chief of University Police will be consulted on violations of law. 6. The ISO will be the contact for investigations into allegations of violations of law or policy 7. The ISO will be the contact for resolution of security-related anomalies or other suspicious activity noticed by representatives in I&IT Systems or in other departments. 8. monitoring points will be architected, approved, and configured by I&IT Systems. Monitoring points and associated devices may not be extended physically or virtually (such as through a VPN) or changed without written approval from I&IT Systems. I&IT Systems shall maintain written records of all monitoring points, architectures, and agreements. 9. Monitored data and usage logs will not be stored past the period of an active investigation. I&IT Systems and the ISO may store incident related data as required. Unrelated monitored data may not be stored by anyone except as required by law. I&IT Systems and the ISO may store aggregated data and usage logs for operational, compliance, and statistical purposes. Usage logs must be purged as per campus policies. 10. Monitoring data stores and logs may not be accessible from the public Internet. personnel must show due care in protection, handling, and storage of all monitored data and logs. Off campus access to monitoring data stores and logs must be authorized and updated by I&IT Systems as part of the monitoring point agreement. 11. I&IT Systems and the ISO have the authority to discontinue service to any network or network device that: is in violation of this policy, has demonstrated an operational hindrance or threat to Cal Poly Pomona network or is a threat to the Internet community, in general. In such cases, I&IT Systems or the ISO shall notify the local campus technician of the disconnection. In less threatening situations, I&IT Systems and ISO representatives will contact the appropriate information technology administrator and inform them of specific actions that must be taken to avoid imminent disconnection. If corrective actions are not implemented as soon as possible, I&IT Systems or the ISO may discontinue service. 12. normal requests for monitoring assistance from external agencies shall be coordinated through the ISO. Exceptional/urgent requests are to be directed to I&IT Systems (24x7x365), which will comply as appropriate and inform the ISO as lawfully allowed. 4

13. I&IT Systems will be responsible for the architecture and operations of all network facilities/functions required for lawful intercept assistance and compliance, and will be responsible for executing all requests as coordinated through the ISO. Departments will comply with all I&IT Systems requirements and assist I&IT Systems to fulfill its legal obligations. 14. It is the role of Information Technology professionals to monitor resources, to identify potential incidents, and to bring such incidents to the attention of appropriate Cal Poly Pomona officials. The following guidelines apply: Suspected incidents involving student, faculty, or staff misuse of information technology resources should be brought to the attention of the ISO. If an investigation involving review of the content of a faculty member, staff member, or student s files is required, permission will be obtained from the Chief Information Officer and the respective Division Vice President, and other departments, as necessary. If it is determined that a misuse violation has occurred by a student, faculty, or staff member, this should be brought to the attention of the ISO. The ISO will consult with the Human Resource department, Office of Judicial Affairs, or Office of Faculty Affairs, as needed, and in the case of criminal violations, the University Police Department. Violations by non-affiliates will be referred to the appropriate authorities. The University Legal Counsel may be contacted to provide direction in terms of identifying the appropriate authority. Issues of departmental non-compliance may be reported to the respective executive Related Policies management, the Office of Internal Audit, or the Office of the President. Cal Poly Pomona Appropriate Use Policy for Information Technology Integrated CSU Administrative Manual - California State University Information Security Policy o Section- Information Technology Security - http://www.calstate.edu/icsuam/sections/8000/8045.0.shtml o Section- Privacy of Personal Information - http://www.calstate.edu/icsuam/sections/8000/8025.0.shtml o Section- Policy Enforcement - http://www.calstate.edu/icsuam/sections/8000/8095.0.shtml 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information