Educause Security Discussion mailing list archives

Re: computer security vision for next 3-5 years

From: Ozzie Paez <ozpaez () SPRYNET COM>
Date: Wed, 13 Jan 2010 16:07:56 -0700

An additional issue will be to secure clients used in Internet delivered lessons.  Those clients will come in many 
flavors and will use a variety of AV, firewalls and integrated security suites.  Thus, as Universities move an 
increasing number of courses on line and support more off-campus students, there will be business pressure to allow 
more client configurations, which in turn will add to their security concerns,

Ozzie Paez
SSE/SAIC
303-332-5363

 

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Dexter 
Caldwell
Sent: Wednesday, January 13, 2010 3:19 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] computer security vision for next 3-5 years

 

Add to that the potential spread of viruses for the Apple platforms.

 

I have to say though that I think what may become clearer in the next few years is the success of the cloud model and 
the implications for security and security agreements across enterprises such that responsibility for compliance and 
discovery responsiblities and is clarified across enterprise boundaries.  As a result there may be more interest in 
federated identify management as previously closed enterprises open more of there services to the web or subscribe to 
web-based services that use internal authentication mechanisms.

 

Dexter Caldwell

Furman Universtiy

 

The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> writes:

Given the current state of virtualization, we will probably start seeing a

lot more virtualization and security technology/attacks emerging.

 

I am going to take some wild guesses, but I would suspect that AV companies

will start writing AV for the hypervisor so as to be able to scan the hosts

without worry for rootkits and other malicious hooks.  Obviously there will

be attack directed to the hypervisor, its API's etc.  AV companies may even

take the approach of do scheduled offline scanning by rebooting the hosts

(virtual or real) into live AV processes.

 

More and more appliances such as IDS, IPS, FW, etc., will run virtualized or

use virtual components.  For those who like the 'cloud' terminology, we

might see a boom in attacks and security measures when resources become more

and more decentralized.

 

Smart device will be become more and more attractive to hackers and security

companies.

Smart appliances such as TV with embedded flash players will become new

targets and a new venue for making money.

 

My two cents.

 

-----Original Message-----

From: The EDUCAUSE Security Constituent Group Listserv

[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Youngquist, Jason R.

Sent: Tuesday, January 12, 2010 11:25 AM

To: SECURITY () LISTSERV EDUCAUSE EDU

Subject: [SECURITY] computer security vision for next 3-5 years

 

My boss asked me this morning to come up with a computer security vision for

the next 3-5 years.  Since it is already 2010, I thought I'd get some input

from the community on what would you like to see happen to computer security

in higher education, how will your job change (if any), and how can we as

computer security professionals in higher education institutions best

protect against the growing threats?

 

If you've seen any blogs/articles on computer security trends in higher

education, please forward them my way.

 

Here's what I've come up with so far:

 

*       Social Engineering will still be the easiest way to get confidential

information.

*       Multi-factor security will be prevalent.  

*       More data breach regulations.

*       PDAs and smart phones will be encrypted due to the sensitive email/

information that they store and how easily they are stolen.

*       Anti-virus software will be still used, but application

white-listing will become more prevalent.

 

Some links:

http://media.techtarget.com/searchFinancialSecurity/downloads/FISD09_MainBal

lroom_Session8_StateofComputerSecurity_Ranum.pdf

http://www.sans.org/security-resources/10_security_trends.pdf





Appreciate any thoughts you can provide.

Jason Youngquist

Information Technology Security Engineer, Security+

Technology Services

Columbia College

1001 Rogers Street, Columbia, MO  65216

(573) 875-7334

jryoungquist () ccis edu

http://www.ccis.edu

Current thread:

Re: computer security vision for next 3-5 years, (continued)
- Re: computer security vision for next 3-5 years Valdis Kletnieks (Jan 12)
- Re: computer security vision for next 3-5 years Chris Kidd (Jan 12)
- Re: computer security vision for next 3-5 years Patrick Laughran (Jan 13)
- Re: computer security vision for next 3-5 years St Clair, Jim (Jan 13)
- Re: computer security vision for next 3-5 years Di Fabio, Andrea (Jan 13)
- Re: computer security vision for next 3-5 years Brad Judy (Jan 13)
- Re: computer security vision for next 3-5 years Michael Sinatra (Jan 13)
- Re: computer security vision for next 3-5 years Ozzie Paez (Jan 13)
- Re: computer security vision for next 3-5 years McCrary, Barbara (Jan 13)
- Re: computer security vision for next 3-5 years Dexter Caldwell (Jan 13)
- Re: computer security vision for next 3-5 years Ozzie Paez (Jan 13)