70 likes | 211 Views
Managing Restricted Data at UC Berkeley. Allison Henry, Infrastructure Services, akhenry@berkeley.edu Vahid Nadi, Application Services, vnadi@berkeley.edu Information Services and Technology, UC Berkeley. Agenda. Strategy for Restricted Data Management
E N D
Managing Restricted Data at UC Berkeley Allison Henry, Infrastructure Services, akhenry@berkeley.edu Vahid Nadi, Application Services, vnadi@berkeley.edu Information Services and Technology, UC Berkeley
Agenda • Strategy for Restricted Data Management • Restricted Data Management Application – user walkthrough • Restricted Data Management Application – administrator walkthrough • Technical details • Future directions and Q and A
Strategy for data security • Find and inventory data • Consolidate/remove restricted data • Register in the Restricted Data Management (RDM) application • Secure the host machines • Safeguard the restricted data
RDM Application benefits • Inventory of data repositories • Resource for departmental IT staff • Identify areas for consolidation and removal • Reporting for CIO, deans, directors • Development of security plans • Compliance with IT security policies • Indentify area where additional resources are needed • IP address priority watch list • Best allocation of network security resources • Identify unencrypted restricted data transmissions • Identify vulnerabilities before they are exploited • Network log retention for post-breach investigation
RDM Security Services Overview • Sensitive data search tools • Proventsure software suite • Spider, regular expressions • Desktop encryption with key management • EFS (Active Directory), Pointsec for PC • Network scanning and alerting • Enhanced intrusion detection services • Secure log management services
Success stories • Oct 2006 – SSN transmission in clear-text • Feb 2007 – Use of IM client • Jul 2007 – FTP brute-force attack • Aug 2007 – Firewall misconfiguration • Dec 2007 – VNC with blank password • April 2008 – VNC server detected • June 2008 – Open Windows share • July 2008 – MySQL vulnerability