archive-edu.com » EDU » A » ASU.EDU

Total: 96

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".
  • Home | Get Protected
    Spotlight Secure Your Mobile Device ASU Information Security Office The Information Security Office under the authority of the Chief Information Security Officer is the department with primary oversight for information security at Arizona State University The Information Security Office ISO conducts its activities using the Information Security Program cycle for continuous improvement of ASU s information security posture and collaborates with internal departments units and external agencies as necessary Read more about ASU Information Security Office Security Advisories US CERT Current Activity The US CERT Current Activity web page is a regularly updated summary of the most frequent high impact types of security incidents currently being reported to the US CERT http www us cert gov ncas current activity Internet Crime Complaint Center IC3 The Internet Crime Complaint Center IC3 is an alliance between the National White Collar Crime Center NW3C and the Federal Bureau of Investigation FBI IC3 s mission is to address crime committed over the Internet http www ic3 gov media default aspx Microsoft Security Bulletins Microsoft security bulletins provide information news about computer vulnerabilities and security updates to keep your computer protected http technet microsoft com en US security dn481339 Apple Security Updates This document outlines security updates for Apple products http support apple com kb ht1222 Oracle Critical Patch Updates Security Alerts and Third Party Bulletin This page lists announcements of security fixes made in Critical Patch Update Advisories and Security Alerts and it is updated when new Critical Patch Update Advisories and Security Alerts are released http www oracle com technetwork topics security alerts 086861 html Protecting Against Phishing What is Phishing Phishing in a nutshell is the online version of a con job The perpertrators of phishing messages are essentially tech savvy con artists In a phishing scam these con artists send out

    Original URL path: https://getprotected.asu.edu/ (2014-10-23)
    Open archived version from archive

  • Antivirus Software | Get Protected
    Authentication Services Data Encryption Data Review Cleanup Data Storage Incident Response Password Services Risk Assessment Secure Wireless Security Review Think Campaign Vulnerability Scanning Security Regulations Federal Security Regulations Industry Regulations State Regulations Policies Policies Standards Guidelines Basics ASU Top 5 Effective Practices Identity Theft Protection Internet Security Mobile Security Physical Security Training ASU Security Training HIPAA FERPA Security Tips Videos Communities ASU Technical Advisory Group ISACA Phoenix Chapter ISC2 Phoenix Chapter ISSA Phoenix Chapter Contact Us Announcements Alerts Advisories ISO Newsletters Antivirus Software Antivirus Software Options The recommended antivirus software for various operating system platforms are Windows 8 Windows Defender Windows 7 and older Microsoft Forefront Endpoint Protection FEP 2010 ASU owned equipment only Windows 7 and older Microsoft Security Essentials Personal equipment only Mac ClamXav Linux UNIX systems ClamAV For ASU owned equipment contact your local Deskside Support group for assistance with installation and configuration The following are additional free options for personally owned equipment Anti Virus for Windows Platforms FEP for ASU Technical Personnel FEP is available for download on MyApps to members of the Technical Software Users Group If you need access but don t have it already use the MyApps Feedback mechanism to request that you be added to the group Deployment Resources The following resources should be of assistance with deployment and support Manual deployment Command line scriptable deployment Client help for end users Management Resources FEP 2010 can be used as a standalone client or managed through Group Policy and or SCCM Configuration with Group Policy Deployment via SCCM Configuration with SCCM Removing McAfee ePO Agent and VirusScan It is advisable to remove any existing antivirus software before installing FEP To remove McAfee ePO Agent from the command shell cd c program files mcafee common framework frminst remove agent frminst forceuninstall After ePO Agent

    Original URL path: https://getprotected.asu.edu/software/antivirus (2014-10-23)
    Open archived version from archive

  • Authentication Services | Get Protected
    Basics ASU Top 5 Effective Practices Identity Theft Protection Internet Security Mobile Security Physical Security Training ASU Security Training HIPAA FERPA Security Tips Videos Communities ASU Technical Advisory Group ISACA Phoenix Chapter ISC2 Phoenix Chapter ISSA Phoenix Chapter Contact Us Announcements Alerts Advisories ISO Newsletters Authentication Services ASU Provides several authentication services Two Factor Authentication ASU Webauth CAS Implementation at ASU Two Factor Authentication ASU is moving toward two factor authentication for those who have access to sensitive information and to those who can perform special administrative functions in PeopleSoft Two factor authentication is using a combination of logging into the system with your username and password and a second process using a physical device that you control to authenticate into a system This is a more secure form of protection because hackers and scammers may be able to steal your id and password and impersonate you online but would be very unlikely to have control of your second physical device typically a smartphone at the same time ASU WebAuth ASU WebAuth is an enterprise level university wide service provided by Information Technology which can be used by web developers for secure authentication to a web application using a person s ASURITE UserID and password In many cases this can free a department from having to maintain their own set of user IDs and passwords for each application or set of applications Web Auth Related Articles https asu service now com kb view do sys kb id ef89b69f6fd521004ba2cb512e3ee4da https asu service now com kb view do sys kb id e4e758636fc925004ba2cb512e3ee4d4 CAS Implementation at ASU The Central Authentication Service CAS is a single sign on protocol for the web Its purpose is to permit a user to access multiple applications while providing their credentials such as userid and password only once

    Original URL path: https://getprotected.asu.edu/services/auth (2014-10-23)
    Open archived version from archive

  • Device & Data Encryption | Get Protected
    Physical Security Training ASU Security Training HIPAA FERPA Security Tips Videos Communities ASU Technical Advisory Group ISACA Phoenix Chapter ISC2 Phoenix Chapter ISSA Phoenix Chapter Contact Us Announcements Alerts Advisories ISO Newsletters Device Data Encryption Endpoint Encryption Encryption in Transit Enterprise Systems Encryption Introduction Encryption plays a key role in keeping information safe by ensuring that it can t be obtained through theft or eavesdropping Sensitive information must be encrypted in storage and in transit meaning both where it sits and where you send it Endpoint Encryption Endpoint Encryption ensures that if your computer is stolen any sensitive information on its disk will be unavailable to the thief Encrypt your computer s hard disk using your operating system s built in disk encryption software or other encryption software suggested by UTO The following documents provide more information on how to encrypt your computer Consult your departmental technical support personnel for assistance Disk encryption basic information This document gives general information for end users Start here if you re encrypting your home computer Disk encryption technical information This document gives more detailed information for technical personnel Start here if you support ASU faculty and staff Encryption in transit Encryption in transit reduces the chance that data you access and send will be available to someone who is eavesdropping on the network Here are some general practices to follow Consult your departmental technical support personnel for assistance Use ASU ENCRYPTED wireless Upgrade at http www asu edu wifi Use the SSLVPN when accessing ASU systems from any network off campus download and installation instructions are available at http sslvpn asu edu Use encrypted protocols e g https ssh when accessing any networked system Note that electronic mail is not secure even if you get and send your email using an encrypted connection

    Original URL path: https://getprotected.asu.edu/content/device-data-encryption (2014-10-23)
    Open archived version from archive

  • Data Review & Cleanup | Get Protected
    Response Password Services Risk Assessment Secure Wireless Security Review Think Campaign Vulnerability Scanning Security Regulations Federal Security Regulations Industry Regulations State Regulations Policies Policies Standards Guidelines Basics ASU Top 5 Effective Practices Identity Theft Protection Internet Security Mobile Security Physical Security Training ASU Security Training HIPAA FERPA Security Tips Videos Communities ASU Technical Advisory Group ISACA Phoenix Chapter ISC2 Phoenix Chapter ISSA Phoenix Chapter Contact Us Announcements Alerts Advisories ISO Newsletters Main menu Home Services Antivirus Software Authentication Services Data Encryption Data Review Cleanup Data Storage Incident Response Password Services Risk Assessment Secure Wireless Security Review Think Campaign Vulnerability Scanning Security Regulations Federal Security Regulations Industry Regulations State Regulations Policies Policies Standards Guidelines Basics ASU Top 5 Effective Practices Identity Theft Protection Internet Security Mobile Security Physical Security Training ASU Security Training HIPAA FERPA Security Tips Videos Communities ASU Technical Advisory Group ISACA Phoenix Chapter ISC2 Phoenix Chapter ISSA Phoenix Chapter Contact Us Announcements Alerts Advisories ISO Newsletters Data Review Cleanup Identity Finder is a tool used to scan systems for sensitive data such as social security numbers credit card numbers and other personally identifiable information It should be used to identify and remediate any sensitive data located on end user workstations ASU Faculty Staff for more information click here Identity Finder How To Please view our recorded instructional webinar at https connect asu edu p3o7tzvcpsx If you d like assistance with reviews of your system database please contact the ISO SSL 3 0 Vulnerability POODLE SSLv3 is a known less secure protocol that has remained active for backward compatibility with older browsers that didn t support the newer TLS protocol However this week details were released about a vulnerability which allows an attacker to steal secure data in plaintext aptly named POODLE Security experts are recommending that all web

    Original URL path: https://getprotected.asu.edu/content/sensitive-data-cleanup (2014-10-23)
    Open archived version from archive

  • Data Storage | Get Protected
    Advisory Group ISACA Phoenix Chapter ISC2 Phoenix Chapter ISSA Phoenix Chapter Contact Us Announcements Alerts Advisories ISO Newsletters Main menu Home Services Antivirus Software Authentication Services Data Encryption Data Review Cleanup Data Storage Incident Response Password Services Risk Assessment Secure Wireless Security Review Think Campaign Vulnerability Scanning Security Regulations Federal Security Regulations Industry Regulations State Regulations Policies Policies Standards Guidelines Basics ASU Top 5 Effective Practices Identity Theft Protection Internet Security Mobile Security Physical Security Training ASU Security Training HIPAA FERPA Security Tips Videos Communities ASU Technical Advisory Group ISACA Phoenix Chapter ISC2 Phoenix Chapter ISSA Phoenix Chapter Contact Us Announcements Alerts Advisories ISO Newsletters Data Storage Data Storage Guidelines ASU information and applications are stored and deployed in an ever increasingly complex set of technologies This document describes the options available to ASU departments as they consider strategies for deploying services to the ASU community that meet data availability requirements while also addressing relevant statutory and regulatory policy and compliance requirements including issues of IT security and risk management privacy legal issues records management and other applicable requirements https uto sp10 asu edu sites sec isodocs isodocs asurite Documents Data 20Storage 20Guidelines 202012 20Final pdf UTO Data Storage Options This document covers service details expectations roles and responsibilities with the goal to promote a partnership between UTO and the customer and to provide a framework for incident resolution and communication https asu service now com kb view do sys kb id 031a1beb6fb8e1004ba2cb512e3ee4ef Encryption Information Encryption plays a key role in keeping information safe by ensuring that it can t be obtained through theft or eavesdropping Sensitive information should be encrypted in storage and in transit meaning both where it sits and where you send it https getprotected asu edu content device data encryption SSL 3 0 Vulnerability POODLE SSLv3

    Original URL path: https://getprotected.asu.edu/services/datastorage (2014-10-23)
    Open archived version from archive

  • Incident Response | Get Protected
    case of a security event or incident contact the Information Security Office Arizona State University takes every security event and incident seriously Reporting a suspected event or incident early on is necessary for proper evaluation and identification Depending on the severity of the issue or situation a variety of different groups may be involved in solving and remediating the risk of the issue The Information Security Office takes the initial steps in helping the reporting party identify the issue risk and severity of the situation To report an event or incident contact the ASU Help Desk at 1 855 278 5080 For events that do not require an immediate response email infosec asu edu or visit our contact page 2 Assessment Classification of the Issue Event or Incident When a potential problem has been identified the Information Security Office will analyze the situation and attempt to confirm whether it is the result of a security incident The ISO will also determine the severity of the incident Examples of incidents include the exposure or compromise of sensitive information a large scale attack or intrusion into a system or group of systems a malicious attack on an ASU hosted server or affecting service negatively or inappropriate usage of ASU resources 3 Event Follow Up In the case where the situation is not a significant security threat or is not as large an issue as originally thought the ISO will classify the reported issue as an event The ISO will provide information and instructions for the reporting group to follow A security issue may be classified as an event if upon initial review it is determined that there is little or no risk to the University community or University assets 4 Determine Incident Severity Contact Required Groups Should the situation be classified as an incident by the ISO a severity level Low Medium or High will be confirmed by the Chief Information Security Officer and or the Chief Information Officer CIO The Information Security Office will then meet with an Incident Response Team which will include appropriate representatives as determined by the nature and severity of the incident The Chief Financial Officer CFO and Provost will be notified during high severity incidents 5 Incident Containment Eradication While contacting the required groups the ISO will also coordinate with the appropriate network and systems operational teams as well as representatives from the affected department s In coordination with the ISO the networking teams will stop and isolate malicious traffic on the network while department representatives isolate infected systems for forensic analysis The ISO may notify relevant parties including the Dean Office of General Counsel VP and administrator of the system but such notification is not a prerequisite to actions necessary to protect University resources or preserve evidence In cases when it is necessary to support an active investigation or to preserve evidence the ISO may also take physical possession of any system believed to be involved in the event 6 System Restoration System restoration will

    Original URL path: https://getprotected.asu.edu/content/incident-response (2014-10-23)
    Open archived version from archive

  • Password Services | Get Protected
    Note All ASU faculty staff and students are asked to comply with the 180 Day Password Procedure What does the password strength meter mean on the password reset page The password strength meter shows how secure your password is In order to set a password you must meet the minimum requirement of 10 characters containing at least one character from 3 of the 4 possible character types a lowercase letter including a b c d e f g h i j k l m n o p q r s t u v w x y z an uppercase letter including A B C D E F G H I J K L M N O P Q R S T U V W X Y Z a number including 0 1 2 3 4 5 6 7 8 9 a special character including The most secure passwords are at least 14 characters in length and contain at least one character from each of the four character types The password strength meter does not check to make sure your password is something easy to guess like a simple word plus a 1 or Make sure your password is something that would be difficult for other people or a password cracking program to figure out How will I know when to change my password ASU s computer systems check for your last password change date Five days prior to your password expiration you will begin to get reminders to change your password when you log in If you have not changed your password prior to expiration you will automatically be prompted to change your password once you attempt to login to the system You will be redirected to the ASURITE Password Changer webpage where you can enter a new password and evaluate its strength Will I have to login to everything again after changing my password No ASU employs a single sign on system for ASURITE logins Once you ve logged into one webpage on that system you will automatically be logged into any other webpages that are part of the single sign on group This includes My ASU If you close your web browser or switch to a different web browser you will have to login again Which systems use my ASURITE UserID and password The ASURITE UserID and password are used for logging into a number of systems including UTO computing sites and classrooms UNIX servers general asu edu stats asu edu research asu edu etc My ASU ASURITE Account Management Affiliate Web WebWork SSLVPN PeopleSoft CRM Customer Relations Management Additional uses for the ASURITE login are added all the time so this is only a partial list Look for an icon of a key with the words Login ASURITE as an indication that you should use your ASURITE UserID and password How does synchronizing my passwords help prevent login problems There are several password systems that are all associated with the ASURITE UserID Synchronizing those passwords so they

    Original URL path: https://getprotected.asu.edu/content/account-password-services (2014-10-23)
    Open archived version from archive



  •