SUU.
1. Currently using CrowdStrike. Have really liked it. We are just finishing year 2 of a 3-year license. We need to renew or go with something else by July 1, 2020. Would look at protecting around 2000 endpoints. 2. In the process of purchasing a pair of PA 5220's to replace our current ASA's. Hope to take delivery by June 30, 2019, and have deployed later in the summer. We are going with just the Threat Prevention license. Looking at a 5-year quote since we have some one-time monies allocated for the purchase. 3. 2 FTE and 1-2 part-time students.
I would have Shaun be included in the group working on endpoint protection. Either as a +1 or to take my place. Also, let's add Shaun to the ISO mailing list.
Mark
On Thu, May 30, 2019 at 4:24 PM Andrew Goble via USHE-ISO < ushe-iso@lists.dixie.edu> wrote:
Hi all,
Apologies in advance for this somewhat lengthy email.
tl;dr version: There is some money to spend for security and we need to propose how best to do so. Action items at the end.
Our funding position has become clearer after the Regents and CIO meetings the last couple of weeks. There is one million in ongoing funding that the CIOs have been directed to put towards USHE security efforts. Specifically, the CIOs are looking at the following areas:
Endpoint Protection Layer 7 Firewalls IT Security Staffing (in that order)
We have been tasked to get a proposal on how to get the most bang for our buck with this money together in time for the CIO retreat in mid-July. The CIOs feel like endpoint is the best place to start as several institutions are ready or close to ready to jump on that. For layer 7 firewalls, their intent is either getting hardware in place where it's still lacking or possibly combine negotiation and subsidize the cost of Palo Alto subscriptions. Finally, the CIOs would at least like to get a picture of where everyone is at with IT security staffing and identify greatest needs, although it may be unlikely that there will be funds to do much there.
We identified a small working group at our May 10th meeting to work together on Endpoint options, I have Matt, Cody, Mark, Jon, James, Florian, and myself marked down as willing to participate on that group. Please correct me if I missed anybody or need to add others. We'll need to mobilize soon.
So, action items for each school, please send me:
- A best-case scenario count for endpoints you would expect to cover (I
have rough counts on endpoint from SLCC 3500, SUU, 2000, DSU, 2300, USHE/BoR 1500, Weber 5000, UofU 73000. Please correct me if I've got bad numbers.) 2. Current status / deployment of layer 7 firewalls 3. Approximate FTE count dedicated to IT security functions
I'll compile and send this back out to the group. For DSU I can report the following:
- No current endpoint solution and 2300 endpoints
- Palo Alto 5220 series with Threat subscription at network perimeter,
older layer 4 FWs at distribution and data center. 3. 1 FTE dedicated to security.
Thanks, Andrew
Andrew Goble Information Security Officer Dixie State University - Saint George, Utah goble@dixie.edu 435.652.7963
-- USHE-ISO mailing list USHE-ISO@lists.dixie.edu http://lists.dixie.edu/cgi-bin/mailman/listinfo/ushe-iso