How are Restricted Data applications and systems monitored?

Information Security and Policy (ISP) takes privacy issues very seriously, and we use the same approach for balancing security and privacy for restricted data hosts as for all hosts on campus. Monitoring of systems occurs through two methods, monitoring of network traffic crossing the campus border and vulnerability scanning of hosts on the campus network. The methods used to do this are similar for all hosts on the campus network.

The enhanced services for restricted data hosts are:

  • More frequent scanning -- network vulnerability scans for RDM registered hosts occur nightly
  • A greater range of intrusion detection signatures are reviewed with notifications sent to the security contact
  • Elevated responses to alerts – ISP staff are alerted immediately and will attempt to reach an administrator as soon as possible.
  • Longer retention of network data for future analysis if a breach is confirmed -- this can help to confirm if a hacker was able to access the restricted data during the breach incident