Educause Security Discussion mailing list archives
Azure/O365 roles for InfoSec staff
From: José A. Domínguez <jad () UOREGON EDU>
Date: Wed, 6 May 2020 22:49:05 -0700
Hello everyone. I wanted to understand what other institutions are doing regarding Information Security roles for cloud services like Azure/O365, AWS, Google cloud. My initial interest if for Azure/O365. I have built a crosswalk of security-related roles which has been attached to this message. Let me help set things in the right context. Our Information Security Office (ISO) reports directly to the CIO and it has two main groups: Information Security Services - ISS - Incident Response - Vulnerability Management - Threat Defense - Monitoring, Alerting, Intel Sharing - Investigations - Tools & resource management - CSOC Information Security Compliance - ISC - Policies, standards, guidelines - Assessments - Awareness & Training - Application security - Process security - Risk & Compliance (DFARs, GLBA, GDPR, HIPAA, FERPA, NIST, PCI) - Cybersecurity Metrics program Our Identity Management team is part of a different group within the organization and they also manage Active Directory services and the Azure/O365 services. What we are trying to figure out is what kind of roles are being assigned to the different ISO staff members. We are also curious as to what are the current Microsoft portals that you use for your day to day operations? What kind of licenses are assigned to your user community and your Infosec staff. We are setting up a SIEM connector for Arcsight to help collect some data and want to make sure we are doing this in a consistent and sane manner. I have added a list of helpful URLs we have been using but if you know of others please share them too. How do things work at your your organizations. What does your InfoSec function interacts with other groups? How about roles and responsibilities. You can reply within this thread or to me directly. Whether you reply directly to me or within the thread, please let me know if the information can be used on a comparisons' table. All data and sources will be anonymized. Thank you everyone, José. ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Attachment:
Role Groups in O365.pdf
Description:
Attachment:
Portals and Admin Centers Links.pdf
Description:
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Azure/O365 roles for InfoSec staff José A . Domínguez (May 06)
- Re: Azure/O365 roles for InfoSec staff Jim A. Bole (May 07)