Educause Security Discussion mailing list archives
Re: Outsourcing Forensics
From: Daniel R Jones <Dan.Jones () COLORADO EDU>
Date: Tue, 29 Aug 2006 08:47:22 -0600
As part of our incident response process we require external forensics if there is an incident involving "private data" (in our data classification scheme examples would be SSN, card holder information). There are several reasons for this: - if something does need to go to court we want the external expert, - using an external firm helps eliminate the possibility of internal staff being pressured deliver findings that are not supported by data, - in the case of card holder information you do not really have the choice but to use a PCIDSS certified forensics firm. In addition to making sure your processes define how a potential data breach would be handled I would also recommend that you have a policy requiring immediate notice to your equivalent of a security office whenever there is an incident involving sensitive data. Dan Jones Campus IT Security Office University of Colorado at Boulder ________________________________________ From: Bret R Blackman [mailto:bblackma () MAIL UNOMAHA EDU] Sent: Monday, August 28, 2006 1:12 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Outsourcing Forensics How many outsource their forensic work to a U.S. firm when there is an incident involving confidential information on their campuses? Bret R. Blackman University of Nebraska at Omaha Director of Administrative Information Services Information Technology Services, EAB 110 bblackma () mail unomaha edu
Current thread:
- Outsourcing Forensics Bret R Blackman (Aug 28)
- <Possible follow-ups>
- Re: Outsourcing Forensics Mclaughlin, Kevin L (mclaugkl) (Aug 28)
- Re: Outsourcing Forensics Jay Tumas (Aug 28)
- Re: Outsourcing Forensics Drews, Jane E (Aug 28)
- Re: Outsourcing Forensics Delaney, Cherry L. (Aug 28)
- Re: Outsourcing Forensics Gary Flynn (Aug 28)
- Re: Outsourcing Forensics Russell Fulton (Aug 29)
- Re: Outsourcing Forensics Cam Beasley (Aug 29)
- Re: Outsourcing Forensics Samuel Liles (Aug 29)
- Re: Outsourcing Forensics Ken Connelly (Aug 29)
- Re: Outsourcing Forensics Daniel R Jones (Aug 29)
- Re: Outsourcing Forensics Jim Dillon (Aug 29)
- Re: Outsourcing Forensics Gary Flynn (Aug 29)
- Re: Outsourcing Forensics Mclaughlin, Kevin L (mclaugkl) (Aug 29)
- Re: Outsourcing Forensics Jim Dillon (Aug 29)