USHE-ISO

Download

ushe-iso@lists.utahtech.edu

June 2019

2 participants
2 discussions

Endpoint Working Group
by Andrew Goble 05 Jun '19

05 Jun '19

For those planning on participating in the Endpoint working group, we need to get moving. A couple of action items we need to work out: * Identify a couple of people to take the lead on coordinating the working group. (I plan to participate in the group, but I don't think I can take a lead role, due to time constraints and the fact that several of you are much further down this road than DSU is) * Identify what solutions are out there that we are interested in pursuing. (again, I think we have a good handle on this but need to all be on the same page) Thoughts? If necessary we can try to schedule a call for late this week or early next. Thanks, Andrew

1 0

IT Security Appropriations
by Andrew Goble 05 Jun '19

05 Jun '19

Hi all, Apologies in advance for this somewhat lengthy email. tl;dr version: There is some money to spend for security and we need to propose how best to do so. Action items at the end. Our funding position has become clearer after the Regents and CIO meetings the last couple of weeks. There is one million in ongoing funding that the CIOs have been directed to put towards USHE security efforts. Specifically, the CIOs are looking at the following areas: Endpoint Protection Layer 7 Firewalls IT Security Staffing (in that order) We have been tasked to get a proposal on how to get the most bang for our buck with this money together in time for the CIO retreat in mid-July. The CIOs feel like endpoint is the best place to start as several institutions are ready or close to ready to jump on that. For layer 7 firewalls, their intent is either getting hardware in place where it's still lacking or possibly combine negotiation and subsidize the cost of Palo Alto subscriptions. Finally, the CIOs would at least like to get a picture of where everyone is at with IT security staffing and identify greatest needs, although it may be unlikely that there will be funds to do much there. We identified a small working group at our May 10th meeting to work together on Endpoint options, I have Matt, Cody, Mark, Jon, James, Florian, and myself marked down as willing to participate on that group. Please correct me if I missed anybody or need to add others. We'll need to mobilize soon. So, action items for each school, please send me: 1. A best-case scenario count for endpoints you would expect to cover (I have rough counts on endpoint from SLCC 3500, SUU, 2000, DSU, 2300, USHE/BoR 1500, Weber 5000, UofU 73000. Please correct me if I've got bad numbers.) 2. Current status / deployment of layer 7 firewalls 3. Approximate FTE count dedicated to IT security functions I'll compile and send this back out to the group. For DSU I can report the following: 1. No current endpoint solution and 2300 endpoints 2. Palo Alto 5220 series with Threat subscription at network perimeter, older layer 4 FWs at distribution and data center. 3. 1 FTE dedicated to security. Thanks, Andrew Andrew Goble Information Security Officer Dixie State University - Saint George, Utah goble(a)dixie.edu 435.652.7963

4 3