Services Offered
University IS Architecture and Policy
Policy: After a request by the Chief Information Office, Deputy Chief Information Office, or the Office of University Counsel, the Information Security Office may draft policies and standards related to Information Security at UNC Chapel Hill. Through a combination of policy drafting and standards for IT, a more safe and secure computing environment will be generated at UNC Chapel Hill. Policy drafting includes ITS- as well as University-wide policies. Policies will become official policies through a University-approved process involving input from a number of UNC-Chapel Hill committees and divisions.
Actions:
- Acceptable Use Policy was revised in 2009
- Additional policies are now being reviewed by the appropriate committees and cover areas such as incident management, vulnerability management as well as general information security topics, such as password strength
Architecture: The Information Security Office is providing guidance and expertise regarding appropriate security architecture.
Information Security Compliance
Information Security has to be consistent with existing federal and state laws and regulations. In conjunction with the Office of University Counsel, through network architecture, best practices, policies and technological safeguards, the Information Security Office will assist the University community in meeting these selective compliance standards by providing help in the interpretation of these standards, as they relate to the technical services provided by the Information Security Office. The Information Security Office does not provide on site compliance training, verification or auditing services.
Actions:
- The draft policies cover the latest laws and regulations, such as the Identity Theft Protection Act of 2005
- Staff of the Information Security Office are involved in implementing the latest regulations, such as the Red Flag Rules of 2007 and EAGLE
Security Consulting
Staff members provide consulting services on a range of information security topics, including, but not limited to, virus removal, secure access and appropriate safeguards. In most cases, requests can be handled via remedy tickets or email, but, as needed, an in person meeting will be held, at the discretion of the Information Security Office. Depending on the finding of the Information Security Office, additional divisions within the University may be involved to resolve the matter.
Security Awareness
Through a combination of lectures, Web sites and conferences, the Office of Information Security, in collaboration with other UNC Chapel Hill offices, seeks to increase general security awareness across campus. Security awareness activities take place at the discretion of the Information Security Office staff on an ad-hoc, time permitting basis and may be driven by incidents. Security awareness may involve lectures by Information Security Office staff on a number of information security-related topics. In addition, the Information Security Office will organize periodic security conferences open to the UNC Chapel Hill community and have a presence at various technology-related events at UNC Chapel Hill.
Actions:
- Security Awareness Day
- Regular Outreach activities geared towards students (Tar Heel Tech Fair)
- Regular Security Liaison meetings
Vulnerability Management
Staff members at the Information Security Office help the IT administration manage risk for UNC Chapel Hill computer users to vulnerabilities through providing technological resources and consulting on best practices. Currently, the Information Security Office has tools available to perform OS vulnerability scanning, database scanning and web application scanning. The Information Security office assists the UNC-Chapel Hill community in vulnerability management by providing the vulnerability management tools and assistance to help system administrators and application administrators detect and address vulnerabilities.
Actions:
- Monthly OS vulnerability scanning interest group meetings
Incident Management
Staff members at the Information Security Office provide incident management leadership and oversight to address information security incidents and minimize risk following the assessment of the incident. Through a variety of techniques, incident management involves identification, containment, eradication, recovery and lessons learned to minimize exposure of sensitive information and potential harm in the future.
Network Security (IPS, Firewall)
Staff members at the Information Security Office ensure a secure network at UNC Chapel Hill by providing technical support through firewall management and a network of intrusion prevention systems. Upon request by UNC Chapel Hill groups, Information Security staff will, on a for-cost basis, build, maintain and manage the firewalls. A fixed number of changes per month to existing firewalls managed by the Information Security Office are included at no cost. Additional changes to the firewall may be requested for cost.
On an ad-hoc basis only, the Information Security Office maintains a set of intrusion prevention systems to filter out network-based attacks and remediate network vulnerabilities. The Information Security Office will design the optimum architecture for distribution of these systems and the staff will maintain the signatures up-to-date and collaborate with outside vendors to update the signatures as required.
