NUS InfoComm Security Landscape

Similar documents
PCI Requirements Coverage Summary Table

BAE Systems PCI Essentail. PCI Requirements Coverage Summary Table

PCI Requirements Coverage Summary Table

Introduction. PCI DSS Overview

How To Audit The Mint'S Information Technology

Enforcing PCI Data Security Standard Compliance

Payment Card Industry Self-Assessment Questionnaire

Fear Not What Security Can Do to Your Firm; Instead, Imagine What Your Firm Can Do When Secured!

How To Achieve Pca Compliance With Redhat Enterprise Linux

PATCH MANAGEMENT. February The Government of the Hong Kong Special Administrative Region

Did you know your security solution can help with PCI compliance too?

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Business process efficiency is improved with task management, alerts, notifications and automated process workflows.

PCI COMPLIANCE REQUIREMENTS COMPLIANCE CALENDAR

Client Security Risk Assessment Questionnaire

7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Executive Summary Program Highlights for FY2009/2010 Mission Statement Authority State Law: University Policy:

How To Control Vcloud Air From A Microsoft Vcloud (Vcloud)

PCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst Page 1 of 7

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

A Decision Maker s Guide to Securing an IT Infrastructure

The self-defending network a resilient network. By Steen Pedersen Ementor, Denmark

GFI White Paper PCI-DSS compliance and GFI Software products

University of Pittsburgh Security Assessment Questionnaire (v1.5)

Cyber Security & Role of CERT-In. Dr. Gulshan Rai Director General, CERT-IN Govt. of India grai@mit.gov.in

Response to Questions CML Managed Information Security

IT Security. Securing Your Business Investments

IBM Global Technology Services Preemptive security products and services

Hardware and Software Security

INCIDENT RESPONSE CHECKLIST

Cyber Essentials Scheme

Patch Management Policy

SECURITY PATCH MANAGEMENT INSTALLATION POLICY AND PROCEDURES

Information Security Threat Trends

Lot 1 Service Specification MANAGED SECURITY SERVICES

IBM Internet Security Systems products and services

A Rackspace White Paper Spring 2010

IT Security & Compliance. On Time. On Budget. On Demand.

The Electronic Arms Race of Cyber Security 4.2 Lecture 7

Patch and Vulnerability Management Program

PCI Compliance Top 10 Questions and Answers

PCI Compliance. Top 10 Questions & Answers

Managed Service Plans

Payment Card Industry Data Security Standards.

Managed Services Agreement. Hilliard Office Solutions, Ltd. PO Box Phone: Midland, Texas Fax:

SERVICES BRONZE SILVER GOLD PLATINUM. On-Site emergency response time 3 Hours 3 Hours 1-2 Hours 1 Hour or Less

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

Ellucian Cloud Services. Joe Street Cloud Services, Sr. Solution Consultant

74% 96 Action Items. Compliance

Ovation Security Center Data Sheet

Achieving SOX Compliance with Masergy Security Professional Services

Assuria can help protectively monitor firewalls for PCI compliance. Assuria can also check the configurations of personal firewalls on host devices

NERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice

Information Technology Solutions. Managed IT Services

How To Manage Your Information Systems At Aerosoft.Com

Automation Suite for. 201 CMR Compliance

Global Partner Management Notice

Microsoft Windows Intune: Cloud-based solution

Specific observations and recommendations that were discussed with campus management are presented in detail below.

PREMIER SUPPORT STANDARD SERVICES BRONZE SILVER GOLD

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

Information security controls. Briefing for clients on Experian information security controls

Cisco Advanced Services for Network Security

Modular Network Security. Tyler Carter, McAfee Network Security

PCI DSS 3.0 Changes Bill Franklin Executive IT Auditor January 23, 2014

Remote Vendor Monitoring

How To Manage A System Vulnerability Management Program

CA Anti-Virus r8.1. Benefits. Overview. CA Advantage

The Education Fellowship Finance Centralisation IT Security Strategy

MANAGED SECURITY SERVICES

SAP Secure Operations Map. SAP Active Global Support Security Services May 2015

Table of Contents. FME Cloud Architecture Overview. Secure Operations. Application Security. Shared Responsibility.

TECHNICAL VULNERABILITY & PATCH MANAGEMENT

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Managing Vulnerabilities for PCI Compliance White Paper. Christopher S. Harper Managing Director, Agio Security Services

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

Frequently Asked Questions

This policy shall be reviewed at least annually and updated as needed to reflect changes to business objectives or the risk environment.

TEXAS AGRILIFE SERVER MANAGEMENT PROGRAM

Threat Management: Incident Handling. Incident Response Plan

Continuous compliance through good governance

PCI DSS. Payment Card Industry Data Security Standard.

McAfee Server Security

Overcoming PCI Compliance Challenges

i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

PCI COMPLIANCE TO BUILD HIGHER CONFIDENCE FOR CARD HOLDER AND BOOST CASHLESS TRANSACTION. Suresh Dadlani, ControlCase

MOBILITY & INTERCONNECTIVITY. Features SECURITY OF INFORMATION TECHNOLOGIES

Five ways to simplify the vulnerability management lifecycle. Scott Sidel, CISSP, CEH, ETC May 2005

Current IBAT Endorsed Services

Transcription:

NUS InfoComm Security Landscape Yong Fong Lian, Manager (IT Security), NUSCERT, NUS, Computer Centre 1

NUS Security Strategy People Process Technology 2

NUS Security Framework NUS InfoComm Security Framework P E O P L E Policy, Procedures, Best Practices Awareness, Training Vulnerability and Threat Management Security Audit and Penetration Testing Incident Management Security Infrastructure Technology P R O C E S S 3

People : Policies, Procedures, Best Practices Policies, Standards, Control Procedures NUS IT Security Policy Acceptable Use Policy ISO 27000 compliant policy ISO 9001:2000 certified procedures Portals facilitate secure access to policies Best practices US-CERT SingCERT SANS 4

People: Awareness, Training Awareness NUS IT Security Week Freshman Security Orientation Week IT Security e-newsletter, Blog Email, MOTD alerts, SMS alerts Training Online Security Module (staff and students) End User Security Training (admin staff) Technical Security training on Firewall, IDS, Windows, Linux, Apache, Application Security Controls Certification Program (systems and network administrators) Systems Accreditation Program 5

Process: Vulnerability Management Vulnerability management Network Address Tracking and Security (NATS) Scans from Internet and within NUSNET Quarterly scans for mission critical servers Campus wide scans (full scans and incremental scans) Vulnerability self-assessment (ad-hoc scans) Multiple scanners for cross-checks In-house web-based portals and systems with workflow Vulnerabilities evaluated at system, network, application and database levels Automated patch management for Windows Auditing of Disk Images before deployment 6

Vulnerability and Threat Management (Process) Campus wide scans Security administrator scans systems Results automatically posted online and administrators email alerted. Periodic scans (greatly-automated) Rescan initiated automatically to verified results System administrators fix and feedback on results 7

Vulnerability and Threat Management (Process) Certification of disk images Helpdesk alerted of new patches/hotfixes Helpdesk adds tested patches/hotfixes onto disk image Cerfication of disk images (controlled process) Helpdesk deploys certified disk images into new systems InfoComm Security team certifies disk images 8

Vulnerability and Threat Management (Process) Automated patch management Security administrator downloads patch/hotfix Into test system Testing group tests and evaluate patch for robustness and effectiveness Patch management (greatly automated) Servers and clients are patched according to run cycle Security administrator loads tested patch onto dissemination server 9

Process: Threat Management Threat management SANS Top 20 vulnerabilities Editing Comm In-house Vulnerability Alert System Alerts include SANS, SECUNIA, Microsoft, BugTraq, SecurityTracker. Allows user subscription to relevant ones Mechanism of alerts Email and SMS Threats are assessed and mitigated patch management updates to firewall rules blocking attachments at email gateways blocking outbound access to malicious sites at proxy 10

Process : Security Audit, Penetration Test Security audit (internal and external periodically) Audit on policy compliance Audit on technical control compliance ISO 9001 audit on security processes Audit of disk images before deployment Penetration test Social engineering penetration test Password audits Technical penetration test System, network (e.g. firewall), database, application From Internet and within NUS network 11

Process : Incident Management Incident management and Forensics Existing threats Signature-based IDS Behavioral-based IDS Honeynet Detection at network and host levels SANS advisory FIRST advisory Compromised or infected systems are quarantined and redirected to a self-help page for remedy Detection of new virus via scanning of attachments at the email gateway with multiple virus scanners 12

Process : Incident Management Incidents include systems compromises, email misuses, copyright infringement, virus etc. Follows standard incident management guidelines CERT/CC and SANS recommended incident handling tools are used in manual investigations. Owners of compromised/infected systems are automatically alerted or quarantined for remedial actions in a self-help workflow. 13

Process : Incident Management Self-help workflow IDS detects compromised/infected Systems and sends alerts or initiate quarantine Administrator/owner directed to self-help portal to resolve compromise or seek further assistance Self-help workflow (greatly-automated) Administrator alerted when system released, guided on follow-up actions System cleansed is released from quarantine automatically 14

Technology : Defence in Depth Infrastructure Segmentation of network into different levels of security VPN used to encrypt sensitive data transmitted across network Firewalls, IDS, anti-virus, anti-spyware, anti-spam installed at server and client Gateway Server Client Firewalls IDSes Anti-virus Anti-spyware Anti-spam 15

Technology : Defence in Depth Infrastructure ITU (Admin-subnet related servers) ITU (Internet) Internet High Medium Low ITU (Intranet) Internet Servers (Corporate Servers) Internet Servers (Personal Servers) Intranet Servers (Corporate Servers) Cisco FWSM MSUS deployment server Cisco FWSM Student PCs) Clients with anti-virus, MSUS and anti-spam Cisco FWSM Server Farm Gateways with anti-virus, anti-spyware Cisco FWSM Admin Network Intranet Servers (Personal Servers) RIRC SOC SOC Network Network SOC Network RAS / VPN GW NUSNET Staff PC Client with MSUS, anti-virus, MSUS, antispam, anti-spyware Servers with MSUS, anti-virus and ids Remote Network 16

InfoComm Security Scorecard Finalist for MIS Asia 2006 Best IT Security Strategy Award Result of IDA government-wide scan on 60+ critical web servers is 0 vulnerabilities 0 security incidents on critical servers Certified for inclusion in FIRST (Forum of Incident Response Security Teams), an established and renowned International consortium. Member of APCERT, which comprises mainly of national level CERTs. Security quality processes are ISO 9001 certified More than 15 new worms/variants have been reported to antivirus vendor over last 12 months. Patches are deployed are up-to-date within 22 hrs. 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information