Big things are on the horizon next year for the California Community Colleges (CCC) Information Security Center. We have three new services that will be rolled out for use by all of the colleges, systemwide.
Unlimited SSL Certs
As part of your InCommon membership, you will have access to create as many SSL Certificates as you need. You will no longer need to decide which web servers are important enough to install official SSL certificates on. You can — and should — install SSL certificates on all servers that have logins.
These certficates are issued by Commodo, one of the largest SSL certificate providers, and work with all internet browsers and web servers. Certificates are available for code signing as well, if your college does any custom applications. This is a good solution if your college is also looking into implementing user certificates to sign and encrypt files and emails.
Next on the list is a log aggregation tool called Splunk. This tool puts all your logs into one central place. It can receive the logs from all your information security devices such as firewalls and intrusion detection systems. It can log when all of the users log in to their computers, and any errors that come up. You can then search and analyze all this data.
This helps find anomalous behavior that could indicate that someone has compromised or is trying to compromise your security. For example, it can alert you if a user tries to log in to a server that they would have no reason to access, or log in at a strange time. Having all this information in one central place immensely adds to the visibility of the things happening on all of your devices.
Lastly, we are introducing Tenable Security Center. This product does vulnerability and configuration management. It will scan the important servers, computers and network devices on your network. It can then alert you to possible vulnerabilities on your systems. It can tell you if your devices need to be patched and what the severity is of the patches needed.
For example, the Heartbleed vulnerability was discovered last year and it affected lots of services. This tool would scan your network and give you a list of all the devices that needed to be fixed.
It can also be used to monitor the configuration of your devices. For example, you have a server that you have set up to be especially secure. Security center can alert you if for some reason the security controls you have implemented are changed. Say you have a firewall rule that only allows clients to talk to the web service on a computer. If for some reason all the services on the server become available, security center can let you know.
Winter IT Workshops
Be sure to join us at the winter Information Security and Accessibility Workshops on Jan. 9 and 10, 2017, at Evergreen Valley College in San Jose, where you can learn more about these services as well as other great information security and accessibility topics. Both workshops are free to attend, but registration is required.
Jeff Holden is Chief Information Security Officer of
the California Community Colleges Information Security Center