Educause Security Discussion mailing list archives
Re: Security Investigations
From: Kevin McKenzie <pappy () CLEMSON EDU>
Date: Tue, 19 Aug 2008 09:27:01 -0400
Our Office of IT Security and Privacy(OISP) handles the technical aspect of computer investigations. We do the leg work for many of the departments on campus. How we have set it up is as follows, and hopefully it protects everyone. We will respond to 5 entities on campus: Human Resources, Internal Auditors, General Counsel, Law Enforcement, and Office of Student Conduct. If a department suspects something, we have them run it through the appropriate office(file a formal complaint) and let that office come to us and ask for assistance. This way we cut down on the 'hunches' and 'wild goose chases' when someone "thinks they suspect something, or has a grudge and is looking for something to catch someone". Once they file a formal complaint with one of those 5 mentioned areas, and those areas as a matter of responding to the complaint requests assistance from us (OISP). This keeps us from spending all our time doing dirty work for departments on campus who are looking for a reason to get someone in trouble per se. Students are dealt with through the Office of Student Conduct. If we get legal papers to do something from an entity off campus, then we run it through General Counsel, collect the data and let them release it to the external entity. It also keeps those that are let's say influential friends of OISP from asking, he can you look at this and see if there is anything to it. We would respond with you need to file a report with the xyz office and we will follow up with them. Many times, issues with employees are a lack of good managers and those managers want to find something on the employee that they can use. We use to get complaints like " It think so and so are looking at web pages they shouldn't be instead of doing their work, can you monitor and check for me?". We would ask if the manager had seen anything suggesting it, and the answer would be no, but they suspect it, blah, blah, blah...well if you have enough to file a complaint then do it and we would follow up.most of the time they don't cause they have no basis for their complaint..they were looking to us to find the smoking gun for them instead of addressing the employee and maybe something like productivity or something..again one example.I have many more.. Kevin McKenzie Director of Security Integration Office of Information Security and Privacy Clemson Computing and Information Technology Clemson University pappy () clemson edu From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Brenda B Gombosky Sent: Monday, August 18, 2008 4:26 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Security Investigations Who in your institutions - Security Team or what area - does investigations requested via HR or Legal etc. such as email - Open Records request and other types? Thanks in advance! Brenda B. Gombosky, CISSP, CISM, CHSP Director, Enterprise Security, Information Technology University of Louisville Miller IT Center, Room 109 Louisville, KY 40292 (502)852-5037 (502)419-6689 Brenda B. Gombosky, CISSP, CISM, CHSP Director, Enterprise Security, Information Technology University of Louisville Miller IT Center, Room 109 Louisville, KY 40292 (502)852-5037 (502)419-6689
Current thread:
- Security Investigations Brenda B Gombosky (Aug 18)
- <Possible follow-ups>
- Re: Security Investigations Mike Iglesias (Aug 18)
- Re: Security Investigations Joel Rosenblatt (Aug 18)
- Re: Security Investigations Gary Flynn (Aug 19)
- Re: Security Investigations Payne, Shirley (scp8b) (Aug 19)
- Re: Security Investigations Kevin McKenzie (Aug 19)
- Re: Security Investigations Steve Schuster (Aug 19)
- Re: Security Investigations David, Elaine (Aug 19)
- Re: Security Investigations Adam Schumacher (Aug 19)
- Re: Security Investigations Mclaughlin, Kevin (mclaugkl) (Aug 19)
- Re: Security Investigations Chuck McCants (Aug 19)