IT Security and Privacy
News items of interest to UC Berkeley system and network security administrators.
New departmental security contact registration application
The campus Departmental Security Contact Policy requires each department to appoint a security contact who can be notified in the event of a computer or network security incident. SNS has available a new web-based application that allows these security contacts to view, update, and maintain their own list of IP addresses and contact information. August 29, 2008.
Encryption services from IST
Pointsec for PC and Encrypting File System (EFS) are two free encryption services now offered by SNS for campus faculty and staff who must store restricted campus data on their local workstations instead of on secure, centralized file servers. May 14, 2008.
SNS announces the Aggressive IP Distribution (AID) list to help protect campus computers
IST's System and Network Security (SNS) group now offers the AID list, a service that identifies Internet IP address locations from which SNS has seen aggressive attacks being launched towards campus hosts. May 5, 2008.
Spear phishing scams targeting universities
This latest round of phishing emails claim to be sent from the university's email administrators, requesting verification of email accounts. CalMail and SNS have received reports of attempts targeting UC Berkeley. Note that the CalMail team will never ask for your password. If you receive an email you are not sure about, do not reply to it. Instead, forward it to CalMail consulting, consult@berkeley.edu, or SNS, security@berkeley.edu. February 20, 2008.
New security tools and services from SNS
IST-SNS has recently developed some new security tools and services to help the campus with system and data security needs. Offerings include a new and improved tool for finding restricted data stored on local computers, management services for Symantec Client Security software, and encryption services including key management and data recovery. February 14, 2008.
Updates to the Restricted Data Management (RDM) application
The RDM application for registering campus systems that store or host restricted data has been enhanced to include: tracking the approximate number of records for each type of restricted data; uploading encryption key data for secure storage within the application; and better tracking for internal IST staff of restricted data stored on IST hosted systems. February 14, 2008.
Introducing AppScan Enterprise to UC Berkeley
SNS has purchased IBM's AppScan Enterprise (ASE), a web-based multi-user application vulnerability testing and reporting solution, to examine all web applications collecting, storing, or utilizing restricted data for vulnerabilities to web application attack vectors. All web applications registered with IST's Restricted Data Management system will automatically be scanned with ASE. IST-Web Applications will be working with SNS to develop training and remediation services for the campus so that problems can be fixed as soon as they are identified. February 5, 2008.
Research and advisory services from Burton Group
The Office of the CIO and the campus Information Technology Architecture Committee (ITAC) are pleased to announce the availability of three research and advisory services from Burton Group, an organization that provides in-depth, vendor-independent research and advisory services focused on enterprise IT infrastructure technologies: Application Platform Strategies, Collaboration and Content Strategies, and Identity and Privacy Strategies. These services are available to all UC Berkeley employees. January 24, 2008.
Socrates server — SSH access from off-campus will discontinue
Effective November 1, 2007, Socrates will no longer be accessible via SSH, SFTP, and SCP from off-campus IP addresses. If you are currently logging in from a non ".berkeley.edu" host, you will need to install the campus Cisco VPN client on your computer, which allows secure campus network connections. September 27, 2007.
Symantec Client Security software updates
The campuswide site license for the Symantec host-based security software (antivirus and firewall) has been renewed for another year. Expected changes to the software in the coming year include a new version of the Symantec Client Security suite with central management features, and a new major release of the client security software for Windows. September 20, 2007.
