Educause Security Discussion mailing list archives
Re: SECURITY Digest - 7 May 2021 to 9 May 2021 (#2021-99)
From: Jesse F Moore <moorej1 () UW EDU>
Date: Mon, 10 May 2021 16:41:39 +0000
Hi Emilie, I have heard of others using this product: https://www.policypak.com/policies/least-privilege-manager/ (allows a setting for Admin use for a period then removes access automagically) What I have seen others using are such things as CyberArk (https://www.cyberark.com/) or Thycotics Secret Server (https://thycotic.com/products/secret-server/) to provide a time based (and reporting) access to accounts and when the time is up no more access. [https://www.cyberark.com/wp-content/uploads/2020/12/cybv2-checkmark-orange.svg]<https://www.cyberark.com/> Identity Security and Access Management Leader | CyberArk<https://www.cyberark.com/> Get the most complete Identity Security and Access Management Solutions that enable secure access across any device, anywhere, at just the right time. www.cyberark.com Good Luck, this is a struggle especially with low budgets. Jesse Moore (he/him/his<https://www.mypronouns.org/>) Office of the CISO | Sr. Cybersecurity Advisor University of Washington Bothell -------------------------------------------------------- https://ciso.uw.edu/ https://www.washington.edu/admin/rules/policies/ NOTE: Facial recognition laws that just went into effect in WA. "SB 6280, which addresses public and private facial recognition use. The bill requires facial recognition training and bias testing and mandates that local and state government agencies disclose use of facial recognition" ________________________________ From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of SECURITY automatic digest system <LISTSERV () LISTSERV EDUCAUSE EDU> Sent: Sunday, May 9, 2021 2:00 PM To: SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU> Subject: SECURITY Digest - 7 May 2021 to 9 May 2021 (#2021-99) There is 1 message totalling 509 lines in this issue. Topics of the day: 1. Local Admin Access ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ---------------------------------------------------------------------- Date: Sun, 9 May 2021 15:41:55 +0000 From: "Madl, Michael" <michael.madl () INDWES EDU> Subject: Re: Local Admin Access Emilie, The majority of users @ IWU do not have admin access. The MAC users [special group] tend to fight over having this access and the success rate for restriction is 50/50. We are slowly working towards compliance. The key is establishing university policy that is signed off by our Executive council. Without that, any policy/initiative tends to have zero teeth. Explaining the security benefits sometimes falls on deaf ears when it comes to faculty but I would say, for the most part, folks are on board after walking through the reasoning behind it. Not much detail [apologies] but just passing on my experience. MICHAEL MADL CISSP | CEH | CCIE #10062 | ITIL v3 | VCP6-DVC INFORMATION SECURITY OFFICER UNIVERSITY INFORMATION TECHNOLOGY INDIANA WESLEYAN UNIVERSITY 4201 SOUTH WASHINGTON STREET MARION, IN 46953 [signature_1118859215]<https://twitter.com/InfosecurityIwu> [signature_423031255] [signature_762320758] <https://www.linkedin.com/in/michaelmadl/> DO NOT provide your username, password, or any personal information requested by any email. IWU WILL NEVER ask you for your username or password via email. DO NOT CLICK links or attachments unless you are positive the content is safe. CONFIDENTIALITY NOTICE: This email, including applicable attachments, may include legally protected information. If you are not the intended recipient of this message, you may not disclose, print, copy, save, or disseminate this information. If you have received this email in error, please notify the sender by replying to this message and immediately delete this message. From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Emilie Kunze <ekunze () AUSTINCC EDU> Reply-To: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> Date: Wednesday, April 7, 2021 at 1:04 PM To: "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Local Admin Access **This message originated from outside the Indiana Wesleyan University email system ** We are curious how other institutions handle local admin access for faculty/staff? Thank you, Emilie [Image removed by sender.]<https://austincc.edu/> Emilie Kunze IT Security Analyst Sr. Acting Information Security Officer Office of Information Technology ekunze () austincc edu<mailto:ekunze () austincc edu> | o 512-223-1157 ACC Information Security<https://it.austincc.edu/departments/information-security/> [Image removed by sender.] <https://www.facebook.com/accinfosec/> [Image removed by sender.] <https://twitter.com/ACCInfoSec> CONFIDENTIAL NOTICE This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to which it is addressed. Any review, dissemination, or copying of this communication by anyone other than the intended recipient is strictly prohibited. If you are not the intended recipient, please contact the sender by reply e-mail, delete and destroy all copies of the original message. ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/co ------------------------------ End of SECURITY Digest - 7 May 2021 to 9 May 2021 (#2021-99) ************************************************************ ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Re: SECURITY Digest - 7 May 2021 to 9 May 2021 (#2021-99) Jesse F Moore (May 10)