Transcript Technology Presentation

MEASURE I
CITIZEN’S OVERSIGHT
COMMITTEE MEETING
Technology Projects
July 1, 2015 – December 31, 2015
TECHNOLOGY AND
INSTRUCTIONAL
EQUIPMENT
MODERNIZATION
2
Technology and Instructional
Equipment Modernization
Technology Advisory Committee (TAC)
Recommended:
 127 projects
 One hundred classroom computers ($117K)
 Podium upgrades ($31K)
 Wireless upgrade ($40K)
 One hundred thirty computers/printers/scanners
for faculty/staff offices ($137K)
 Seven digital signage systems ($12K)
 Tree inventory system ($10K)
 Latex wide-format printer ($23K)
3
HP Latex 360 Printer
4
Six Student Success Factors
5
VOICE OVER INTERNET
PROTOCAL (VOIP)
TELEPHONE SYSTEM
6
VOIP Telephone Project Completed
7
IP 485G phone
IP 655 phone
30 purchased
8 purchased
SECURITY
8
Why is Data Security Important?
• To prevent data breaches
• To protect Personal Identifiable
Information (PII)
• To maintain continuous operations
• To avoid expenses associated with
compromises
– Maricopa County College District in Arizona computer hack
tops $26M
– Breach in 2011 never addressed lead to 2013 hacking
incident
9
AHC Data Security Measures
Physical Security and Environmental
Controls
• Solid HVAC system
• Redundant electrical system
• Controlled access
• Clean room
• Redundant servers
• Secured cabinets
10
AHC Data Security Measures
11
Cyber Security Controls
• Redundant firewalls
• Partitioned network
• 802.1X port-based authentication
• Business grade antivirus
• Remote centers on secure connections
• Business grade antivirus
• Encrypted passwords
• SPAM filters
AHC Data Security Measures
IT Services Practices
• Servers patched once a month
• Regular data backups
• Minimize 3rd party database access
• 3rd party contracts reviewed for data
security provisions
• Computer surplus service includes disk
wipe
• Network and servers monitored
12
AHC Data Security Measures
User Security Controls
• Updated Board Policy 3720 Computer
and Network Use
• Password policy enforced
• Separate system authorizations Principle of least privilege
(translates to giving people the lowest level of user rights
that they can have and still do their jobs)
13
AHC Data Security Measures
Education in addition to tools
• Malware and strategies to mitigate
their affect
– Adware
– Ransomware
– Trojans
– Spyware
• Phishing
14
CCC INFORMATION
SECURITY CENTER
THE CCC INFORMATION SECURITY CENTER IS FUNDED BY
A GRANT FROM THE CALIFORNIA COMMUNITY COLLEGES
CHANCELLOR'S OFFICE
15
Why the State Funds the CCC
Security Center
• 75% of California Community Colleges
have no dedicated IT Security Staff.
• 60% have no Security Awareness
Programs.
• 60% of Colleges ranked their
Information security program as just
starting out.
16
CCC Technology Center
Vulnerability Scans of Web facing servers
 Identify misconfigurations
 Validate firewall rules
 Identify out of date and vulnerable
software.
17
CCC Technology Center –
Awareness Training
Firewalls
Logging
IDS
Staff
Antivirus
Authentication
18
SSL
CCC Technology Center
Future Plans
• Policy Reviews
• Inside Vulnerability Scan
• Architecture Review
• Risk Analysis
• Phishing Assessment
19
Cuesta College Data Breach
• Human Resources analyst out on
medical leave
– Remotely accessed private information
(addresses, phone numbers and SSNs)
and emailed to private account without
authorization
– Discovered two weeks later
– Raided home and found drugs
– Lacy Fowler arrested June 17, 2015
20
AHC Response to Cuesta Data Breach
• Updated VPN/Remote User Agreement
• Reviewed list of all employees, contractors,
and agents with remote access
– Removed access for all except those with
current business needs
– Required a signed agreement to maintain
access
• Employee account disabled when:
– An employee separates
– ITS director notified by cabinet member
for special circumstances
21
Disaster Recovery Plan –
Securing the data
• All critical data is backed up
• Disk to disk copies are made daily
from the Santa Maria (SM) data center
to the LVC server room.
• Disk to tape backup is still used for a
few of the older servers.
– A full backup to tape is made twice a year
with the tapes transported to LVC for
offsite storage.
22
Disaster Recovery Plan Recovery
• Rent or ‘borrow’ infrastructure
– Cuesta College or Santa Barbara City
College
– Amazon Web Services (AWS)
– Microsoft Azure
– Rackspace
• Recover services needed for business
continuity
23
THANK YOU
24