Managing Restricted Data at UC Berkeley

1
Managing Restricted Data at UC Berkeley

• Allison Henry, Infrastructure Services,
  akhenry_at_berkeley.edu
• Vahid Nadi, Application Services,
  vnadi_at_berkeley.edu
• Information Services and Technology, UC Berkeley

2
Agenda

• Strategy for Restricted Data Management
• Restricted Data Management Application user
  walkthrough
• Restricted Data Management Application
  administrator walkthrough
• Technical details
• Future directions and Q and A

3
Strategy for data security

• Find and inventory data
• Consolidate/remove restricted data
• Register in the Restricted Data Management (RDM)
  application
• Secure the host machines
• Safeguard the restricted data

4
RDM Application benefits

• Inventory of data repositories
• Resource for departmental IT staff
• Identify areas for consolidation and removal
• Reporting for CIO, deans, directors
• Development of security plans
• Compliance with IT security policies
• Indentify area where additional resources are
  needed
• IP address priority watch list
• Best allocation of network security resources
• Identify unencrypted restricted data
  transmissions
• Identify vulnerabilities before they are
  exploited
• Network log retention for post-breach
  investigation

5
RDM Security Services Overview

• Sensitive data search tools
• Proventsure software suite
• Spider, regular expressions
• Desktop encryption with key management
• EFS (Active Directory), Pointsec for PC
• Network scanning and alerting
• Enhanced intrusion detection services
• Secure log management services

6
(No Transcript)
7
Success stories

• Oct 2006 SSN transmission in clear-text
• Feb 2007 Use of IM client
• Jul 2007 FTP brute-force attack
• Aug 2007 Firewall misconfiguration
• Dec 2007 VNC with blank password
• April 2008 VNC server detected
• June 2008 Open Windows share
• July 2008 MySQL vulnerability