How are Protected Data applications and systems monitored?

The Information Security Office (ISO) takes privacy issues very seriously, and we use the same approach for balancing security and privacy for protected data hosts as for all hosts on campus. Monitoring of systems occurs through two methods, monitoring of network traffic crossing the campus border and vulnerability scanning of hosts on the campus network. The methods used to do this are similar for all hosts on the campus network.

The enhanced services for protected data hosts are:

  • More frequent scanning -- network vulnerability scans for NetReg registered hosts occur nightly
  • A greater range of intrusion detection signatures are reviewed with notifications sent to the security contact
  • Elevated responses to alerts – ISO staff are alerted immediately and will attempt to reach an administrator as soon as possible.
  • Longer retention of network data for future analysis if a breach is confirmed -- this can help to confirm if an attacker was able to access the protected data during the breach incident