InfraSec 08.08.18 Minutes

Attending:

Miguel Martin, Julio Chavarria, Frank Cervone, Elizabeth Romero, Chris Barton, Marcin Hiolski, Brent West, Sandeep Dath, Ed Zawacki, Kevin Price, Jason Maslanka, Mike Kirda, Lalo Camacho, Alex Phistry, Mark Goedert, Esteban Perez, Paul Neumann, John Mason, Charles Nutall, Will Marcyniuk, Andre Pavkokic, Lisa Blake, Ateeq Rahman, Dean Dang, Therese Molina, Doug McCarthy, Mat Willis, Ashok Bennett, Matt Miller, Kirsten Pielstrom, Ron Fernandez, Bala Ramaraju, Vinay Surpuriya, Ernesto Reyna, Ani Palakurthi, Barry White, Shannon Reden

  • UI Systems Report and Discussion Topics
    • RIMS – Disposal of Digital Content Policy, Standard, and Guidelines
      • A brief overview of the RIMS task force charged with composing a policy for digital content disposal for orphaned content was given
      • Suggested that the standard agreed upon recommends a soft deletion after 90 days, progressing to a final deletion point after 180 days
      • Noted that the task force is interested in feedback or recommendation guidelines on their standard for the creation of a new policy
      • Suggested that the policy is mainly interested in data associated with deleted accounts
      • Suggested that this policy would potentially apply to all systems
      • Minor discussion on what types of data and situations this policy would apply to
      • Suggested that this policy be discussed in the security subcommittee to address any potential issues or concerns
      • Discussion on HIPAA compliance, PHI, and data
  • UIC Reports
    • VPN and Networks Update
      • The New Core Remediation and VPN projects were presented on
      • Mentioned that phase one of four of the New Core Remediation project is complete and all departments are now on ASAs
      • The project is currently in phase two, consisting of reconnecting all buildings to new equipment in the data center
      • Phase three will consist of updating all buildings’ main switches
      • What the Networks team has upgraded and accomplished in the past few years leading up to this project was gone over
      • Suggested that there has been work done across multiple groups, offices, and departments for the AnyConnect VPN solution
      • Noted that AnyConnect will run concurrently with open VPNs for a short time to give anyone using open VPNs the chance to convert to AnyConnect
      • Noted that it was decided to integrate dual authentication with AnyConnect
      • The Networks team is working on documentation before deploying VPN-wide
      • Suggested that pilot users will be receiving documentation on how to use AnyConnect within the next week in order to provide feedback and suggestions, and once complete, AnyConnect will be deployed
      • Discussion on AnyConnect and other VPN solutions, dual authentication, administrative privileges, and general project timelines
    • EPM Update
      • There was a presentation on ACCC’s Endpoint Management Service
      • Noted that SCCM 2012 and BigFix are being discontinued and current customers will need to migrate
      • Suggested going to the Endpoint Management Service page for information and requests
      • Discussion on the importance of protecting data with an endpoint management system and the migration/transition to happen in the fall
    • Cloud Service Update
      • Suggested that the project is past its feasibility phase
      • Next step is to engage the community to gauge what is wanted via feedback and suggestions
    • Rate and Funding Committee
      • An update was given from the last meeting
      • Suggested that an approximate user spending rate was agreed upon
      • Mentioned a discussion within the subcommittee which proposes to increase the approximate user rate over the next five years
    • IT Governance Council Meeting
      • Noted that rate and funding were discussed in detail amongst the Council
      • The EAD/Networks teams’ merger was mentioned
      • Suggested that the search for a new Director of Infrastructure and Networks will begin soon
      • Mentioned that the JMLS and Red projects were discussed
      • Noted were minor discussion points from the meeting such as the GPU cluster, ACCC’s migration to KnowledgeBase, the CIO review, and the Data Governance Council gaining momentum
    • ACCC Metrics Report
      • There was a presentation on ACCC’s metrics regarding request and incident management
      • The updated dashboards which focus on details by service were noted
      • Suggested that the goal is to investigate why trends are not occurring the way they ideally would
      • Suggested that the focus will move more toward ACCC services rather than an overall group view
      • Noted that there is work being done to make information publically available and drillable
      • Future metrics were gone over, outlining work being done and future goals
  • UIC Discussion Topics
    • Outlook 365 Point-in-Time Backups
      • An issue with Outlook not automatically backing up content was noted
      • Suggested that there are ways to recover deleted emails via a data dumpster where all deleted mail is stored for two weeks
      • Also mentioned was that there are separate tools available for purchase that can automatically backup emails
      • Discussion on backup options and what can be done
    • Password Management
      • Password management was mentioned and it was asked whether UIC should provide administrative privileges for the regional campuses
      • It was decided that UIC will allow administrative privileges for regional campuses only
  • Subcommittee Reports
    • Risk Management / Risk Assessment
      • Mentioned that the subcommittee is using Tableau to analyze data and will have an update at the next meeting
    • Security Program
      • Mentioned that this group is still reconciling some changes in the security program
      • Suggested that this group is creating a more verbose change log to really spell out the details of meaningful changes made to the policy
      • Noted that this group is working on the phase six rollout, nearing completion
      • Trying to align the phase six rollout with the completion of the security program
      • Hope to distribute surveys before and after the rollout to measure level of experience and level of improvement with the security program
      • Mentioned that the SANS Securing and Human contract was renewed
      • Suggested making this training a part of the onboarding process
      • Suggested that ACCC is in the midst of evaluating and selecting an antivirus software