UCAR Security Training Update - PowerPoint PPT Presentation

1 / 9
About This Presentation
Title:

UCAR Security Training Update

Description:

UCAR Security Training Update. Aaron Andersen. for. Peter Burkholder. 12 March ... Securing Unix/Linux, Securing MacOSX, Securing Windows, Service Hardening ... – PowerPoint PPT presentation

Number of Views:24
Avg rating:3.0/5.0
Slides: 10
Provided by: cisl6
Category:

less

Transcript and Presenter's Notes

Title: UCAR Security Training Update


1
UCAR Security Training Update
  • Aaron Andersen
  • for
  • Peter Burkholder
  • 12 March 2007

2
Overview
  • Hired Peter Burkholder as casual to complete
    training assessment and modules
  • Peter made excellent progress but was hired by a
    firm in Maryland
  • Plan is to complete the training and will likely
    fly him back to give the first required training
    here in April.

3
Training Update
  • CSAC required on-site security training for
    designated sysadmins in early 2006
  • Eight hours of training annually
  • Improve quality of security and system
    administration practices at UCAR

4
Needs assessment
  • Keep training focussed on pragmatic needs and
    specific to UCAR practices
  • Peter Burkholder has analyzed training
    implications of CSAC policies and done an initial
    survey of the 112 designated sysadmin (vs. 54
    SAs by job title)
  • Formed an advisory group of sysadmins to provide
    content feedback and guidance

5
Survey Highlights
  • Many small site SAs (41lt 5 systems), and these
    systems are a mix of platforms
  • Small sites SAs self-assess as OK at security
  • Comments
  • As long as I follow established procedures, I
    feel confident in the security of our systems.
  • I gave myself a 5 Outstanding based on the fact
    that I promply upgrade my system to deal with
    security issues as soon as they are identified by
    UCAR experts and they make me aware of the need
    for an upgrade. I am not personally a security
    expert.
  • Certainly my process of installing/applying
    security updates is not as timely as I'd like.
    For the most part, updates still need to be
    manually/individually applied on Mac systems.
  • Anybody who says "Outstanding" is lying -)

6
Training Structure
  • 5 modules of 2-3 hours each
  • UCAR Security Essentials will be required
  • Choose among the following courses to meet or
    exceed 8 hours
  • Securing Unix/Linux, Securing MacOSX, Securing
    Windows, Service Hardening

7
UCAR Security Essentials
  • First course, targeted April 2007
  • Guiding principles in UCAR InfoSec
  • UCAR security incident response
  • UCAR security infrastructure (network, passwords)
  • Law and Ethics for sysadmins

8
Other Courses
  • Given the number of people managing a few
    machines, focus on specifics of system hardening,
    with intro infrastructure tools
  • Securing Unix/Linux Securing MacOSX -- May
    2007?
  • Hardening Services -- June 2007?
  • Securing Windows Additional expertise needed
    may (outsource)

9
Windows Training
  • Jason Fossen
  • http//www.enclaveconsulting.com/
  • Randy Franklin Smith
  • http//www.ultimatewindowssecurity.com/
  • Mark Minasi
  • http//www.minasi.com/
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "UCAR Security Training Update" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!