EDUCAUSE Security Workshops Funded by NSF

[Rodney Petersen <rpetersen () EDUCAUSE EDU>]

In an earlier posting I mentioned the security workshops being organized
by EDUCAUSE and funded by the National Science Foundation.  The
workshops were also identified in the draft National Strategy as a
program (existing effort in cybersecurity) undertaken by the higher
education community.  The workshops are part of an overall strategy to
engage the higher education community on a number of topics related to
improving computer and network security in higher education.  We have
not broadly advertised or shared details about the workshops previously
because participation was by invitation only.  However, we are
generating web sites for each of the workshops and will be sharing more
information about the outcomes with the Security Discussion Group as it
becomes available.

Below is a brief summary of the four workshops.  Please let me know if
you have any further questions.

Rodney Petersen
Security Task Force Coordinator
EDUCAUSE


EDUCAUSE SECURITY WORKSHOPS FUNDED BY THE NATIONAL SCIENCE FOUNDATION

Security Architecture and Policy
August 20-21, 2002
Big Ten Conference Center
Chicago, IL

Purpose:

The purpose of the workshop is to draw upon the experience and expertise
of IT security officers, technology architects, and policy
administrators from higher education, industry, and government to
identify problems, issues, and opportunities for improving computer and
network security in higher education.

Outcomes:

1.      Identify and document problems and current issues
2.      Identify strategy to assess extent of problem and measure progress
3.      Identify and document solutions and effective practices - from higher
education and other sectors
4.      Outline a preliminary action agenda, including opportunities for
collaboration and resource sharing among higher education institutions
and other sectors


Higher Education Values and Principles
August 27, 2002
Columbia University
New York City, NY

Purpose:

To articulate the core values of higher education, including
similarities and differences across size and type of institution, and
ensuing principles that should guide the overall strategy to improve the
security of college and university computers and networks.

Outcomes:

1.      Recognize similarities and differences among colleges and
universities in the United States, including mission, size, type, and
other factors.
2.      Articulate core values of higher education, especially values that
may be impacted by efforts to improve IT security.
3.      Establish a set of overarching principles that should guide any
campus effort to establish security plans or policies.


Security for the Research Community
October 22-23, 2002
Washington, D.C.

Purpose:

There is growing external pressure and internal concern about the need
to create secure computing environments to support research activities
of faculty and students.  The need is especially important when
researchers collect or have access to sensitive data, connect to remote
computer systems, and rely upon others for system operation or computer
support.  There is an emerging need to identify issues and establish
appropriate policies and plans that are likely to contain common
elements across research institutions.  The results will be shared with
participants of summit and executed as part of the implementation.

Outcomes:

1.      Identify and document current issues, including emerging regulations
of federal funding entities
2.      Examine model programs, policies, and practices
3.      Outline a preliminary action agenda, including strategies for
influencing future regulations, ensuring compliance, and improving
security in research environments


Higher Education IT Security Summit
November 19-20, 2002
Washington, D.C.

Purpose:

There is a need for broad and executive-level education and support in
order to develop an effective, coordinated strategy for computer and
network security for higher education.  EDUCAUSE will design and
facilitate a summit of higher education administrators and appropriate
experts to raise awareness and create an opportunity for shared
responsibility.

Outcomes:

1.      Engage experts and stimulate papers and discussions to form the basis
for documenting findings and recommendations
2.      Increase awareness among participants and encourage spread of
knowledge to home institutions, professional colleagues, and educational
associations
3.      Generate ideas for an action agenda
4.      Publish proceedings from Summit to web site and distribute summaries
and appropriate information to all colleges and universities

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/memdir/cg/.