UNIVERSITY of GLASGOW

IT Services
Home > Services A-Z > IT Services > For IT support staff > Events > Past events > 2004/2005 > ITS security team

Events

Introducing the security team 13th, October 2004

Chris Edward's Presentation notes

Notes from discussion

The following people contributed to the post-presentation discussion:

Mr Rajnish Bhaskar, Technical officer
IT Education Unit
( P2P - what systems are demonstrably OK)

Mark Temple, IT Officer
AIMS IT & Data Protection Office
Raised the point that all PCs that are identified as having run peer to peer services should be "flattened", even when there is no evidence of viral infection. The logic behind this is that 1) it will ensure that any copyright material that has been downloaded will be destroyed 2) any password logging apps/backdoors that have crept in as a result of the user "sharing" their drive(s) will be destroyed, and 3) it will teach the user a lesson.
As ever, it is the IT support staff who will have to spend time rebuilding the PC because of the user's negligence, but the rebuild (together with a letter to the person's HoD) will press home the point that this type of behaviour is unacceptable.

Kenny Stevenson, Computer Manager
Mechanical Engineering
(are we fully equipped to deal with threats etc etc )

Michael McCabe, Computer Manager
Faculty of Social Sciences
(enforcing consequences for staff who break regulations etc)
(policy required - how to handle incidents)
(lots of staff say they have not seen any policy - perhaps gentle reminder re current regulations should be issued)

David Martin, Programmer
Physics & Astronomy
1. Good security is impossible without the active participation of Senior Management. Only they can resource security measures, only they can ensure all staff are aware of their role in security, only they can ensure that policy actually gets implemented. They need to ensure that modest security inconveniences are regarded as a worthwhile cost to protect the University's livelihood.

2. Has there ever been an attack on a particular resource in the University ?
Most of the talk about security incidents, real or imagined, has focused on random attacks. We worry about succumbing to internet wide attacks by hackers hoping to steal our resources - cpu time, disk and network
bandwidth. The cost to the University is primarily associated with the time to cleanup the mess.

My question was intended to raise the issue of attacks specifically targeted at us - someone wishing us harm, someone wishing to gain unauthorised access to our data. Do we suffer incidents where students get unauthorised access to unsat exams or databases of exam marks? Are industrial secrets beings stolen? Do political activists try to disrupt our work? Do foreign governments try to monitor their nationals on our campus?

Frank Mechan, Systems Administrator
MIS
Comments followed on from David' Martin's re security being a matter for Senior Management, not just those in IT.

Raised the point that it is likely that such people are not going to wade through the regulations on the use of the network. It may be useful to have an overview document that can be pitched at the level of Senior Management. This could be complimentary to the idea of a seminar raised by Ian Brennan.

Ian Brennan, Head of Internal Audit
(gave overview - agree with all said - attended today and was hopeful of feeling more re-assured but not. Meets regularly with Chris and Rolly - but need to get message over regarding real consequences and explain to Sen Management. IL suggested another similar meeting but aimed at Senior Management

picked up point in CE presentation re 60 P2P incidents Sept 04 - how many flattened and rebuilt

John McClure, Computing Manager
Psychology
Asked whether, given that presumably this problem (worms, viruses, hackers) affects other academic
institutions, what action these places were taking and whether any of their strategies were particularly effective?

Linda McCormick, Director
Computing Service
Gave figures re other Russell Group Unis

Kenny Stevenson, Computer Manager
Mechanical Engineering
What are main threats

Suzanne Young, Computer Programmer
Medicine - Cancer Science and Molecular Pathology
asked a question regarding building SSD

John McClure, Computer Manager
Psychology
Asked whether the proportion of attacks was disproportionately skewed towards particular
machines or machine types.

Kenny Stevenson, Computer Manager
Mechanical Engineering
back to point about more advice to IT Staff - ISS etc - central point to gather and inform re best practice


Those who responded to questions included:

Chris Edwards
Mark Partridge
Rolly Gilmour
Linda McCormick
Ian Brennan