Re: Role of Campus Police. Was: number of IT security staff

["Penn, Blake" <pennb () UWW EDU>]

T3i (www.t3i.com) specializes in this kind of work (digital forensics,
etc.). 

__
Blake Penn, CISSP                               
Information Security Officer            
University of Wisconsin-Whitewater      
262-472-5513
pennb () uww edu 

-----Original Message-----
From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jon E. Mitchiner
Sent: Monday, January 31, 2005 2:07 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Role of Campus Police. Was: number of IT
security staff

Are there companies that specialize in this kind of work, perhaps on a
consultant basis, when an issue arises?

I think outsourcing this may be easier, and the assessment would be
neutral and there would be no bias.  The costs may be high especially if
it goes to court/trial.

--
Jon E. Mitchiner
Special Projects Manager
ITS, Gallaudet University
(202) 651-5300
(202) 651-5477 (Fax)



Brian Kaye wrote:

> Nor do we have the experience and training to deal with crimals and/or 
> eveidence handling etc.
>
>
> .......Brian Kaye
> .......UNB
>
> On Mon, 31 Jan 2005, Sadler, Connie wrote:
>
>
>
> > Date: Mon, 31 Jan 2005 13:38:14 -0500
> > From: "Sadler, Connie" <Connie_Sadler () BROWN EDU>
> > Reply-To: The EDUCAUSE Security Discussion Group Listserv
> >    <SECURITY () LISTSERV EDUCAUSE EDU>
> > To: SECURITY () LISTSERV EDUCAUSE EDU
> > Subject: Re: [SECURITY] Role of Campus Police.  Was: number of IT
> >    security staff
> >
> > The various roles need to work together, but we cannot expect 
> > traditional Law Enforcement officials to have the depth of knowledge 
> > necessary to deal with the types of sophisticated threats we deal with

> > today. It takes IT professionals with technical backgrounds and years 
> > and years of experience to have any chance of competing with the bad 
> > guys out there. I understand your point, but also have another
comment:
> > you say you just want to be a data network manager. Do you really 
> > think you can be a good one if you don't know how to protect the 
> > assets you are responsible for? I really am of the opinion that if we 
> > can get to the point where everyone knows his or her role in the 
> > protection of information, we won't have much need for security
specialists.
> > It *will* be interesting, however, to see how the roles change as the 
> > next generation of more computer literate police officers take over.
> >
> > Connie J. Sadler, CM, CISSP, CISM, GIAC GSLC Director, IT Security, 
> > Brown University Box 1885, Providence, RI 02912 
> > Connie_Sadler () Brown edu
> > Office: 401-863-7266
> > PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB
> > PGP Fingerprint: DA5F ED84 06D7 1635 4BC7  560D 9A07 80BA 91E3 8EFB
> >
> > -----Original Message-----
> > From: The EDUCAUSE Security Discussion Group Listserv 
> > [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Antonio Quesada
> > Sent: Monday, January 31, 2005 1:30 PM
> > To: SECURITY () LISTSERV EDUCAUSE EDU
> > Subject: Re: [SECURITY] Role of Campus Police. Was: number of IT 
> > security staff
> >
> > Well, an InfoSec Officer of another institution of the University 
> > System of Georgia was kind enough to call me and tell me that she 
> > disagrees on my position that Information Security should be handled 
> > by Campus Police. Her point being that Campus Police is not trained to

> > deal with electronic crime and that information security is more than 
> > just Crime Prevention. I appreciate her reading my post, Thanks!!!!
> >
> > I would like to expand on my point and present my thoughts on the 
> > matter.
> >
> > I entirely agree on the issue of "not trained" or "not prepared", but 
> > that is not the point. The point is, they shall be "prepared". We can 
> > help them now, but all law enforcement activities belong to the
police.
> > I respect police work to the fullest, of course I do, but in all 
> > honesty, I do not want to be a police man. I want to be a Data Network

> > Manager and continue my career in this field. Years ago the police did

> > not have the training or equipment to identify/stop speeders, drug 
> > carriers, concealed weapons, etc. etc.
> >
> > I am of the firm idea that we need to separate the function of Data 
> > Network/Systems/IT/etc Management from the Security function, and this

> > latter function shall belong to a law enforcement force.
> >
> > This way those of us who want to do IT will do it, and those who wish 
> > to pursue law enforcement, electronic or not, will.
> > And also, will keep us IT guys more accountable, since we are not in 
> > charge of collecting/handling evidence.
> >
> > This may take a while to happen, but I really believe it is the way to

> > go.
> > Please feel free to flame me.
> >
> >
> > Thanks.
> >
> > Antonio Quesada
> > Network Manager, OIT
> > Gwinnett University Center
> > 1000 University Center Lane Suite B3800 Lawrenceville, GA 30043 USA
> > 678-407-5093
> >
> > **********
> > Participation and subscription information for this EDUCAUSE 
> > Discussion Group discussion list can be found at
http://www.educause.edu/groups/.
> > **********
> > Participation and subscription information for this EDUCAUSE
Discussion Group discussion list can be found at
http://www.educause.edu/groups/.
> >
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/groups/.
>

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/groups/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.