Archives For Project Awareness

Fall Projects – 2014

John Knights —  September 5, 2014

The Information Security Office (ISO) will be working with others within Technology Services and across Wentworth to continue our efforts to improve the information security posture. Below are a couple of initiatives and projects we will be working on this Fall.

National Cyber Security Awareness Month

October is the 11th Annual NCSAM. As a NCSAM Champion, we will be providing cyber security awareness materials throughout the month to our entire community via Twitter, the Information Security Blog, and ISO website.

In conjunction with NCSAM, we will be launching the Information Security & Compliance Training Program for staff and faculty.

Identity & Access Management

This fall, we will launch a multi-year project to improve the overall approach to identity and access management. The IAM project will both increase the protection of institutional data and information systems and improve the overall end-user experience when logging into the various systems and services available to the Wentworth community.

For more information on these and other initiatives, make sure to visit our ISO website.

Summer Projects – 2014

John Knights —  September 5, 2014

Along with the rest of Technology Services, the Information Security Office (ISO) has been busy working on projects to improve the overall information security posture at Wentworth. As we start the new academic year, we want to share some of what we have been working on.

Data Management

Over the course of the summer, members of the Information Security Compliance Committee (ISCC) have worked to put together a set of policy documents to set the requirements for improving data governance and security. Once approved these policies we will send out a notice as well as publish them on the Technology Services Policy Page.

In addition to the policies, the ISO has worked with other members from Technology Services to provide all staff and faculty with a data loss prevention tool, Identity Finder. This tool is available to all staff and faculty for use on their institutional Windows or Mac-based desktops and laptops. For more information, please visit our Data Loss Prevention “Top Topics” page or go straight to the Identity Finder Tool page for instructions on obtaining, installing and using Identity Finder.

Information Security Awareness & Compliance Training Program

In an effort to improve awareness of information security and regulatory compliance requirements, we have worked with the ISCC and our training video service provider WeComply to provide our staff and faculty with a set of comprehensive educational videos on various topics (Information Security, Data Privacy, FERPA, and others). Visit the ISO’s Training page for more information on the program launching this October.

 

It is the Information Security Office’s goal to keep the Institute’s data and information systems as secure and safe as possible when online. We want students, staff, faculty, and Wentworth guests to feel comfortable connecting to our networks. One way we are working to improve our network’s security is through the implementation of Network Access Control (NAC) devices to ensure only students, staff, faculty, and Wentworth guests are utilizing our network resources. This will optimize our network for the community and maintain a dynamic inventory of all devices connected at all times. The aim is to improve our visibility and monitoring capabilities to improve our network security initiatives, as well as satisfying State and Federal regulations requirements for us to do so.

The implementation should be rather transparent to individuals that connect to LeopardSecure, as the only change is the addition of the appliances which work in the background. The only anticipated and expected noticeable aspect of this implementation will involve the individuals connecting to LeopardGuest.

For individuals connecting to the LeopardGuest wireless network, which is made available to guests visiting the Wentworth campus, there will now be a Guest Registration Page. What that will look like and how it will work will be posted on the NAC project page.

The Guest Registration page will only ask for an individual’s name, email, and phone number. Once the registration is complete, all a user will be required to do is enter the numbers provided through a text message (SMS message) to complete the registration and validate their device for use on the network.

If you have any questions about this project, how we plan to roll it out, or just about NACs in general, please reach out to us via email at infosecurity@wit.edu.