* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Harvard SEAS Information Security Office Services Overview
Survey
Document related concepts
Deep packet inspection wikipedia , lookup
Cyberwarfare wikipedia , lookup
Post-quantum cryptography wikipedia , lookup
IT risk management wikipedia , lookup
Unix security wikipedia , lookup
Airport security wikipedia , lookup
Wireless security wikipedia , lookup
Security printing wikipedia , lookup
Information security wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Mobile security wikipedia , lookup
Distributed firewall wikipedia , lookup
Cyber-security regulation wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Security-focused operating system wikipedia , lookup
Transcript
INFORMATION SECURITY & RISK MANAGEMENT OFFICE Harvard SEAS Information Security Office Services Overview 1. Computer Security Incident Response responds to and manages computer security incidents Harvard University determining scope of incident containing risk preserving evidence investigating via network and/or computer forensics managing remediation reporting findings ensuring resumption of normal operations post-incident guidance and education Harvard SEAS (working with HUIT Security) HUIT Security 2. Digital Security Management issues and manages Harvard’s digital certificates Harvard University issues and manages Harvard’s digital certificates manages “root certificates” provides administrators with tools to manage their local certificates Harvard SEAS HUIT Security HUIT Security 3. Network Access Services provides planning, design, implementation and operational management for Harvard’s intranet, Internet, and Internet2 access and related network components Harvard University planning, design, implementation and operational management for Harvard’s intranet, Internet, and Internet2 access and related network components planning, design, implementation and administration of IP Address Management, DNS, DHCP, network registration, mail aliasing, and SSL certificates Harvard SEAS HUIT HUIT 4. Network Security Services provides network vulnerability scanning and remediation, intrusion detection, computer security emergency response, authentication infrastructure support, firewall administration, digital forensics, auditing, and compliance support INFORMATION SECURITY & RISK MANAGEMENT OFFICE Harvard University network vulnerability scanning and remediation intrusion detection computer security emergency response authentication infrastructure support firewall administration digital forensics auditing compliance support Harvard SEAS HUIT Security HUIT HUIT Security 5. Security Consulting provides subject matter expertise across the information security discipline Harvard University guidance for creating and engineering secure hardware/software systems and controls policy development and guidance regulatory/policy compliance review IT risk assessments vendor/service provider compliance review firewall rule analysis post-incident remediation guidance research data security Harvard SEAS 6. Security Education provides security awareness education materials, including printed materials, online learning modules, presentations and security product education for faculty, students, staff and researchers Harvard University security awareness education materials develops and delivers customized training materials coordinates job-specific information security training for Harvard IT professionals Harvard SEAS (General, FERPA, research data) (FERPA Online certification training) 7. Security Operation Center monitors network traffic in real-time to detect anomalous behavior that may indicate computer attack, compromised machine, data breach, etc Harvard University monitors network traffic in real-time aggregates and correlates security data from network and system infrastructure Harvard SEAS HUIT Security (QRadar and Splunk) INFORMATION SECURITY & RISK MANAGEMENT OFFICE resources notifies user or resource owner and triggers incident response service Inspects network traffic to identify security vulnerabilities in networkconnected systems or devices. monitors, detects and, as necessary, protects High Risk Confidential Information detects and reports on computers that exhibit characteristics consistent with infection by spyware, trojan horse or other malware, via traffic analysis or notification by a trusted third party analyzes network packet data for anomalous activity, targeted system attacks or network Denial of Service attack establishes configuration baseline and monitors infrastructure resources aggregates security event log data from infrastructure resources (FireGen and QRadar) In progress In progress 8. Vulnerability Assessment, Penetration Testing, and Code Analysis evaluates effectiveness of information security controls and procedures Harvard University Identifies, quantifies, and prioritizes weaknesses in a target network architecture, application, database, or system (Comprehensive managed and self-service security vulnerability assessment) Delivers prioritized recommendations for remediation. Assessment can also include detection of High Risk Confidential Information Scans can be run on demand or scheduled as required Penetration testing Identifies vulnerabilities in software applications by analyzing program code itself or the behavior of the application under test Harvard SEAS