Educause Security Discussion mailing list archives
Re: Whitelisting chaos
From: Michael Schalip <MSchalip () SALUD UNM EDU>
Date: Tue, 4 Sep 2018 13:58:59 +0000
Tracked through both service requests (ticket system) and change management (integrated with ticket system). Track - initial review - some changes require a "2-person" rule - audit periodically - and review "periodically", (some were done every 30 days - some every 90 days - some annually - depended on what it was accessing, and how often it was being utilized.) M From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Thomas Carter Sent: Friday, August 31, 2018 10:44 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Whitelisting chaos [[-- External - This message has been sent from outside the University --]] Everyone everywhere wants everything they ever interact with whitelisted in the firewall or email filters (this may be a bit of hyperbole). How do you handle these requests? How do you keep up with them all, who requested them, etc? Do they have an expiration time or are they reviewed to see if they are still valid? What's your secret to minimizing the mess that this can easily become? Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 www.austincollege.edu<http://www.austincollege.edu/>
Current thread:
- Whitelisting chaos Thomas Carter (Aug 31)
- Re: Whitelisting chaos Jason Todd (Aug 31)
- Re: Whitelisting chaos Michael Young (Sep 04)
- Re: Whitelisting chaos Michael Schalip (Sep 04)
- Re: Whitelisting chaos Jason Todd (Aug 31)