Information Security Office Home Page

July 23, 2010: The Payment Card Industry Data Security Standards resources webpage has recently been updated. It now includes presentations from the PCI summit held in March, along with resources mentioned during that meeting and referenced in other meetings and PCI discussions. Please contact Scott St. Aubin or John Ladwig with any questions that aren't addressed in these pages.

May 20, 2010: The ISRS security forms will be removed from the ITS website on 7/1/10. After this date, the expectation is that any ISRS security requests will be processed via the Security Administration Application and NOT via sending/faxing in the paper security forms to the Office of the Chancellor's Security Unit. Please make sure your college/university has all approval managers setup by this date. For more information, see the Security Administration Application documentation page.

April 8, 2010: We are pleased to announce that six new courses are available.

DESK311 - Malware Investigations and Removal - Malware forms, Infection, Propagation, Response, Investigation, Recovery, Removal
ENCR 220 - Advanced Check Point FDE Administration - Preboot, WIL, recovery, boot CD/Bart PE, SSO, temps, location awareness
ENCR 310 - Check Point Media Encryption with Port Protection - ME server, firewall, groups, profiles, ME client, backup, Security Guard
NETW 211 - Hardening Network Devices - Principles, Limiting services, Hardening with ACLs, Configuration Mgmt, Auditing and Testing
SERV 231 - Centralized Logging & Monitoring - Strategies, Tools, Windows auditing, MOM, Syslog, Event monitoring, Nagios, GFI
SERV 311 - Virtualization - Benefits and precautions, Components and technologies, Architecture, Platforms and Implementation

Log into MnSite to participate in these courses, or any of the other ten courses currently available to IT staff and other interested parties in MnSCU. If you are not in the OoC, your username is the first part of your email address up to @. If you are in the OoC, it's your Novell username. See the Information Security Training website for more information and a course catalog.

October 25, 2009: TEEX Cyber Security Training (formerly Act Online), a collaborative project backed by FEMA/DHS, provides a unique combination of expertise and capabilities to deliver training on information security-related topics. Their program uses a comprehensive approach to prepare professionals in identifying assets, recognizing vulnerabilities, prioritizing assets and implementing protection measures in technology infrastructure. Click the link above to register for free and participate in their wide course offerings.