Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Network IPS Information Security Policy

From: Gary Dobbins <dobbins () ND EDU>
Date: Fri, 13 Nov 2009 16:21:07 -0500
Well put.  Likewise here it takes the high-level approval before anyone inspects some*one*'s traffic or system in the 
absence of clear and present hostile activity.  No one can or will attempt to view or recognize contents "just 
because," or within the guise of scanning for malware.




-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Basgen, Brian
Sent: Friday, November 13, 2009 3:13 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Network IPS Information Security Policy


  We did not feel the need to create a Policy, but I've enclosed
our "IPS review procedures" document.

  Randy, to your question, we have policy with similar language to
what Gary just posted. The key point here is that we have both the
right and obligation to monitor network traffic, we will not
inspect the traffic of any particular individual without following
a very particular set of procedures.

~~~~~~~~~~~~~~~~~~
Brian Basgen
Information Security
Pima Community College
Office: 520-206-4873
Previous By Date Next
Previous By Thread Next

Current thread: