Educause Security Discussion mailing list archives

Re: GWU and content monitoring

From: Gary Golomb <coach () GWU EDU>
Date: Tue, 18 Jul 2006 18:28:18 -0400


I hope they'll share their experiences. :)


Lol... If it's not too late, we're going to be putting forth a synopsis
for a talk about this for VAscan. We did a somewhat similar talk last
year about a host-to-host audit of ~200 servers searching for
confidential data, compromises, and security configurations. Over the
past year, we've expanded that to network-focused solutions, and are
kicking off the auditing of ~500 desktops for confidential data,
compromises, and security configurations. Interestingly enough the
desktop audit project is far more difficult since it needs to run on a
desktop-class machines, in the middle of the day, in a fraction the
amount of time, and at a lower priority (CPU-wise) so it doesn't impact
the user's experience (unlike server scans which can run in the middle
of the night). A number of processes/applications have been developed as
part of these processes, and I believe they will be hitting the street
in the not-so-distant future... (I have contact information for some
people that I've ta
lked with offlist. If you have similar audit projects underway and would
like to take part in application beta testing, let me know!)

-gary

------
Gary Golomb
Computer Forensics Engineer
ISS/Network Systems Security
801 22nd St NW Rm B204A
Washington, DC 20052

coach () gwu edu
http://home.gwu.edu/~coach



----- Original Message -----
From: Gary Flynn <flynngn () JMU EDU>
Date: Tuesday, July 18, 2006 5:20 pm
Subject: Re: [SECURITY] GWU and content monitoring
To: SECURITY () LISTSERV EDUCAUSE EDU

Jeff Brainard wrote:

Fyi… wanted to share what George Washington  University is doing

for

content monitoring to address regulations (ie. FERPA) that impact 
education sector, as well as in general protect sensitive info

(ie.

student records) on their network.

 

http://www.reconnex.net/news/articles/pr_07.18.06.asp



I hope they'll share their experiences. :)



-- 
Gary Flynn
Security Engineer
James Madison University
www.jmu.edu/computing/security

Current thread:

GWU and content monitoring Jeff Brainard (Jul 18)
- <Possible follow-ups>
- Re: GWU and content monitoring Gary Flynn (Jul 18)
- Re: GWU and content monitoring Gary Golomb (Jul 18)
- Re: GWU and content monitoring Gerry Sneeringer (Jul 19)
- Re: GWU and content monitoring Roger Safian (Jul 19)
- Re: GWU and content monitoring Gary Golomb (Jul 19)
- Re: GWU and content monitoring Randy Marchany (Jul 23)