Sorry for the slow response on this.

1.  EDR/EPP numbers - Not sure what numbers they go by to sell this, so I will over-communicate.  All employees at USU: ~17.5K devices, ~3.5K FTE, ~11,000 headcount.  The initial deployment we were looking at without this $$ does not cover all employees and is substantially smaller.
2.  Currently own Palo Alto PA-5250 with URL filtering, Threat Prevention, and WildFire licenses - Maintenance paid through March 2021
3.  If you average out partial employees, USU has ~2.5 FTE assigned to security.


Matt


Matt Lorimer
Secure Systems Engineering
Information Technology
Utah State University
435.797.4242

From: USHE-ISO <ushe-iso-bounces@lists.dixie.edu> on behalf of Andrew Goble via USHE-ISO <ushe-iso@lists.dixie.edu>
Sent: Thursday, May 30, 2019 4:24 PM
To: ushe-iso@lists.dixie.edu
Subject: [USHE-ISO] IT Security Appropriations
 
Hi all,

Apologies in advance for this somewhat lengthy email.

tl;dr version:  There is some money to spend for security and we need to propose how best to do so.  Action items at the end.

Our funding position has become clearer after the Regents and CIO meetings the last couple of weeks.  There is one million in ongoing funding that the CIOs have been directed to put towards USHE security efforts.  Specifically, the CIOs are looking at the following areas:

Endpoint Protection
Layer 7 Firewalls
IT Security Staffing
(in that order)

We have been tasked to get a proposal on how to get the most bang for our buck with this money together in time for the CIO retreat in mid-July.  The CIOs feel like endpoint is the best place to start as several institutions are ready or close to ready to jump on that.  For layer 7 firewalls, their intent is either getting hardware in place where it's still lacking or possibly combine negotiation and subsidize the cost of Palo Alto subscriptions.  Finally, the CIOs would at least like to get a picture of where everyone is at with IT security staffing and identify greatest needs, although it may be unlikely that there will be funds to do much there.

We identified a small working group at our May 10th meeting to work together on Endpoint options, I have Matt, Cody, Mark, Jon, James, Florian, and myself marked down as willing to participate on that group.  Please correct me if I missed anybody or need to add others.  We'll need to mobilize soon.

So, action items for each school, please send me:

1.  A best-case scenario count for endpoints you would expect to cover (I have rough counts on endpoint from SLCC 3500, SUU, 2000, DSU, 2300, USHE/BoR 1500, Weber 5000, UofU 73000.  Please correct me if I've got bad numbers.)
2.  Current status / deployment of layer 7 firewalls
3.  Approximate FTE count dedicated to IT security functions

I'll compile and send this back out to the group.  For DSU I can report the following:

1.  No current endpoint solution and 2300 endpoints
2.  Palo Alto 5220 series with Threat subscription at network perimeter, older layer 4 FWs at distribution and data center.
3.  1 FTE dedicated to security.

Thanks,
Andrew


Andrew Goble
Information Security Officer
Dixie State University - Saint George, Utah
goble@dixie.edu
435.652.7963





--
USHE-ISO mailing list
USHE-ISO@lists.dixie.edu
http://lists.dixie.edu/cgi-bin/mailman/listinfo/ushe-iso