Educause Security Discussion mailing list archives

Re: Role of Campus Police. Was: number of IT security staff

From: "Jon E. Mitchiner" <jon.mitchiner () GALLAUDET EDU>
Date: Mon, 31 Jan 2005 14:13:47 -0500

I believe in order for this to be successful, this requires two units to
work together closely, the person/dept responsible for Security, and the
IT/network department.

Lets assume there is a DDOS (Distributed Denial of Service attack) being
performed (either to/from your University) and this is impacting the
network.  Does the IT team take immediate action, or will they need to
wait for the Security person to give clearance before the IT dept can
take appropriate measures?  What happens during non-business hours,
assuming there is only one security person?  This assumes, of course,
the Security person needs to perform logging, etc of the incident before
clearance is given.  Once this is documented then the IT dept can take
appropriate action.  The question is how long does this process take?

What happens if the IT department decides to change the network gear
from one company to another (e.g. Nortel to Cisco) then would this
require the security person go back to training and learn how the new
vendor works?  Would the IT department be willing to be
responsive/helpful to the security person if they were outside the
department and provide training, assistance to do logging, and so on?

Some people have brought up that the Security actions should be handled
by Campus police, while some others think that this should be handled by
the department who does audits at the University because this unit
already has access to a lot of confidential data.  Both bring up
interesting possibilities, but I believe ultimately, there should be a
person who has Security knowledge/expertise within the IT department.
If there is a potential serious issue then the internal Security person
could then contact Campus police (or the audit dept) and allow them to
make the appropriate reports.

I am curious how this will be played and resolved out in the next few years.

Jon

Antonio Quesada wrote:

Well, an InfoSec Officer of another institution of the University System
of Georgia was kind enough to call me and tell me that she disagrees on
my position that Information Security should be handled by Campus
Police. Her point being that Campus Police is not trained to deal with
electronic crime and that information security is more than just Crime
Prevention. I appreciate her reading my post, Thanks!!!!

I would like to expand on my point and present my thoughts on the
matter.

I entirely agree on the issue of "not trained" or "not prepared", but
that is not the point. The point is, they shall be "prepared". We can
help them now, but all law enforcement activities belong to the police.
I respect police work to the fullest, of course I do, but in all
honesty, I do not want to be a police man. I want to be a Data Network
Manager and continue my career in this field. Years ago the police did
not have the training or equipment to identify/stop speeders, drug
carriers, concealed weapons, etc. etc.

I am of the firm idea that we need to separate the function of Data
Network/Systems/IT/etc Management from the Security function, and this
latter function shall belong to a law enforcement force.

This way those of us who want to do IT will do it, and those who wish to
pursue law enforcement, electronic or not, will.
And also, will keep us IT guys more accountable, since we are not in
charge of collecting/handling evidence.

This may take a while to happen, but I really believe it is the way to
go.
Please feel free to flame me.


Thanks.

Antonio Quesada
Network Manager, OIT
Gwinnett University Center
1000 University Center Lane Suite B3800
Lawrenceville, GA 30043
USA
678-407-5093

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.



--
Jon E. Mitchiner
Special Projects Manager
ITS, Gallaudet University
(202) 651-5300
(202) 651-5477 (Fax)

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.

Current thread:

Re: Role of Campus Police. Was: number of IT security staff Antonio Quesada (Jan 31)
- <Possible follow-ups>
- Re: Role of Campus Police. Was: number of IT security staff Theresa M Rowe (Jan 31)
- Re: Role of Campus Police. Was: number of IT security staff Sadler, Connie (Jan 31)
- Re: Role of Campus Police. Was: number of IT security staff Samuel Liles (Jan 31)
- Re: Role of Campus Police. Was: number of IT security staff Piscitello, Frank (Jan 31)
- Re: Role of Campus Police. Was: number of IT security staff Jon E. Mitchiner (Jan 31)
- Re: Role of Campus Police. Was: number of IT security staff Tracy Mitrano (Jan 31)
- Re: Role of Campus Police. Was: number of IT security staff Steven Alexander (Jan 31)
- Re: Role of Campus Police. Was: number of IT security staff Penn, Blake (Jan 31)
- Re: Role of Campus Police. Was: number of IT security staff Brian Kaye (Jan 31)
- Re: Role of Campus Police. Was: number of IT security staff Jon E. Mitchiner (Jan 31)
- Re: Role of Campus Police. Was: number of IT security staff Penn, Blake (Jan 31)
- Re: Role of Campus Police. Was: number of IT security staff Alec Yasinsac (Jan 31)
- Re: Role of Campus Police. Was: number of IT security staff James Riden (Jan 31)
- Re: Role of Campus Police. Was: number of IT security staff Rodney Petersen (Feb 01)
- Re: Role of Campus Police. Was: number of IT security staff Georgia T. Killcrece (Feb 02)

(Thread continues...)