The University of MichiganNews Services
The University Record Online
search
Updated 10:00 AM February 19, 2007
 

front

accolades

briefs

view events

submit events

UM employment


obituaries
police beat
regents round-up
research reporter
letters


archives

Advertise with Record

contact us
meet the staff
contact us
contact us

 
Network helps unify responses to IT security problems

Information technology security incidents are being tracked by individual units since fall when the University and IT Security Services (ITSS) began building a network of embedded unit security coordinators.

Unit coordinators hold expertise in recognizing and responding to IT security situations, including non-criminal incidents such as lost computers containing sensitive information, unauthorized changes to a University computer, denial of service or a compromised user account. The coordinators meet on a regular basis with each other and ITSS to share information and best practices.

"This approach ensures a consistent response among the units and provides a University-wide view of incidents," says Paul Howell, chief information technology security officer.

Ron Loveless, unit coordinator for LSA, reports that 31 incidents were captured in the first two months they began tracking, starting in October 2006.

"With each incident we learn something and improve our practices," Loveless says. "We want users to report anything defined in the SPG (Standard Practice Guide) 601.25. We'll make an assessment and escalate the report to ITSS, as appropriate."

The groundwork for the response protocol was laid in July 2006, when the University introduced SPG. The Information Security Incident Reporting Policy requires users to report promptly any IT security incidents to the appropriate University officials. If the unit security coordinator is unknown, users can contact security@umich.edu.

The Department of Public Safety (DPS) also plays a key role in incident reporting; when confronted with a security incident such as a stolen computer or other criminal activity users should contact DPS directly to file a report.

As part of the effort to minimize the number of IT security incidents, ITSS also has launched an awareness campaign called Privacy Matters to help educate faculty and staff about protecting data. The campaign describes the kind of data that needs to be protected and how to handle it throughout its lifecycle. Users are reminded to: Protect IT, Secure IT, Delete IT, Shred IT and Destroy IT. A brochure and a series of posters send interested users to safecomputing.umich.edu, where these concepts are explained in further detail.

"These are common best practices for individual users, Howell says. "We're not talking about University retention policies or official records. We're talking about the piece of paper with employee information left behind on a printer, or the records that are downloaded from a University server to a personal thumb drive or laptop.

"Not every kind of security incident is avoidable, but through education, we hope that people will have greater awareness of IT security issues and adopt better practices."

Incident Management is part of a larger, University-wide information security program developed by ITSS. Read more about the Incident Management SPG at spg.umich.edu/pdf/601.25.pdf. For more information on incident management, Privacy Matters or ITSS go to www.safecomputing.umich.edu.

More Stories