Educause Security Discussion mailing list archives
Re: SECURITY Digest - 12 Apr 2021 to 14 Apr 2021 (#2021-84)
From: Jesse F Moore <moorej1 () UW EDU>
Date: Wed, 14 Apr 2021 22:18:30 +0000
I would love to hear others story's or use cases for supporting Windows Remote workforce (Staff/Faculty) with 3rd party software updates. Options? 1. Every Patch weekend have users get on VPN, so they access our network at maintained windows to get update from SCCM/MECM. 2. Staff/faculty could get on VPN one-time to access network to get Ninite exe from a GPO/Share and it installs and autoupdates from then on out with a base set of applications for Staff/Faculty. (https://ninite.com/) 3. ??? <Insert your experience, dreams, accomplishments here> Looking forward to hearing success and war stories, Jesse Moore (he/him/his<https://www.mypronouns.org/>) Office of the CISO | Sr. Cybersecurity Advisor moorej1 () uw edu | cellphone: 425-628-9070 University of Washington Bothell -------------------------------------------------------- https://ciso.uw.edu/ https://www.washington.edu/admin/rules/policies/ NOTE:If this record is not needed for any retention policies/laws please delete. This email (send/responded) is a Public Record. The university's public records are available for public inspection, except as otherwise provided by law. RCW 42.56.070(8)<https://apps.leg.wa.gov/rcw/default.aspx?cite=42.56.070> ________________________________ From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of SECURITY automatic digest system <LISTSERV () LISTSERV EDUCAUSE EDU> Sent: Wednesday, April 14, 2021 2:00 PM To: SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU> Subject: SECURITY Digest - 12 Apr 2021 to 14 Apr 2021 (#2021-84) There are 2 messages totalling 629 lines in this issue. Topics of the day: 1. Student Privacy at the U.S. Department of Education 2. Trusted CI Engagement Applications Period Is Open for Early 2021 ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ---------------------------------------------------------------------- Date: Wed, 14 Apr 2021 12:14:37 +0000 From: Brian Kelly <bkelly () EDUCAUSE EDU> Subject: Student Privacy at the U.S. Department of Education Sharing on behalf of the Student Privacy Policy Office of the U.S. Department of Education and the Privacy Technical Assistance Center (PTAC). Please consider joining their listserv linked below. ************************************************************************ The Student Privacy Policy Office (SPPO) of the U.S. Department of Education is committed to protecting student privacy. We administer and enforce student privacy laws such as the Family Educational Rights and Privacy Act (FERPA) and the Protection of Pupil Rights Amendment (PPRA). The Privacy Technical Assistance Center (PTAC), a component of SPPO, provides technical assistance and on-site training to help schools, school districts and state education agencies safeguard information about students. To keep up to date on the latest in the ever-changing landscape of student privacy, please join our Student Privacy listserv<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpublic.govdelivery.com%2Faccounts%2FUSED%2Fsubscriber%2Fnew%3Ftopic_id%3DUSED_195&data=04%7C01%7C%7Cfb2f0d220fcb414bc65708d8feaf5925%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C1%7C637539376385682471%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Z%2BPsDyI8uBGmRKzmEFS%2BfaKb3e7DMkgjyciO3rla0Po%3D&reserved=0>. In the most recent update, we emphasized resources related to student privacy, virtual learning, and the COVID-19 pandemic, including the September 2020 blog post by SPPO Director Kevin Herms on disclosing information about COVID-19 cases. We also highlighted a new section of our Student Privacy website<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fstudentprivacy.ed.gov%2F&data=04%7C01%7C%7Cfb2f0d220fcb414bc65708d8feaf5925%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C1%7C637539376385682471%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Dtb1%2BDLUL%2BlBF8uYJlKUc%2F2ZUJXOyz3EiHoCB%2F8vGkc%3D&reserved=0> containing a curated selection of data security resources and shared summaries from a sampling of our recent engagements and presentations. ********************************************** Brian Kelly, CISSP, CISM, CEH Director, Cybersecurity Program EDUCAUSE Uncommon Thinking for the Common Good Follow HEISC on LinkedIn<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fshowcase%2Fhigher-education-information-security-council-heisc-%2F&data=02%7C01%7C%7C7197d41189e4414981ae08d69dc9670a%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C636869885680898966&sdata=%2FYvU%2BLTYHbPmcyL1AoksiKTSdMeFQ93qASFmTp8Emmo%3D&reserved=0> | Twitter: @HEISCouncil | bkelly () educause edu<mailto:bkelly () educause edu> direct: 720.406.6757 | mobile 475.449.6440 | educause.edu<http://www.educause.edu/> 1150 18th Street, NW, Suite 900 Washington, DC 20036 ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ------------------------------ Date: Wed, 14 Apr 2021 15:32:10 +0000 From: "Welch, Von" <vwelch () IU EDU> Subject: Re: Trusted CI Engagement Applications Period Is Open for Early 2021 The deadline for Engagement Applications to Trusted CI, see below, has been extended to April 23rd. If you have a research or science project that is considering applying, I’m happy to discuss. Thank you, Von From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Welch, Von <vwelch () IU EDU> Date: Friday, March 5, 2021 at 10:24 AM To: SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU> Subject: [External] [SECURITY] FW: Trusted CI Engagement Applications Period Is Open for Early 2021 This message was sent from a non-IU address. Please exercise caution when clicking links or opening attachments from external sources. All, An opportunity for science projects to apply (deadline April 2nd) for assistance with their cybersecurity-related challenges from the NSF Cybersecurity Center of Excellence. Applications in collaboration with a local information security office are seen positively. Happy to field any questions. A common FAQ: Non-NSF projects are welcome to apply, but stressing relevant of the challenge to NSF projects is encouraged. A NIH- or DoD-focused challenge will need justification. Thanks for sharing as you see best, Von -- Von Welch AVP for Information Security / informationsecurity.iu.edu Director and PI, NSF Cybersecurity Center of Excellence / trustedci.org From: Cimmer, Diana <dborecky () iu edu> Date: Thursday, February 25, 2021 at 1:29 PM To: announcements () trustedci org <announcements () trustedci org> Subject: [ctsc-announce-l] Trusted CI Engagement Applications Period Is Open for Early 2021 Dear Colleagues, The Trusted CI engagement application period is open for engagements taking place in the second half of 2021 (July-Dec 2021). Applications are due April 2, 2021. (Slots are limited and in demand so this is a firm deadline!) To learn more about the process and criteria and to complete an application, visit our site at https://trustedci.org/application. During Trusted CI’s first 5 years, we’ve conducted more than 35 one-on-one engagements with NSF-funded projects, Large Facilities, and major science service providers representing the full range of NSF science missions. (See https://trustedci.org/engagedcommunities/.) We support a variety of engagement types including: 1. Assistance in developing, improving, or evaluating an information security program. 2. Software assurance-focused efforts. 3. Identity management; technology or architectural evaluation. 4. Training for staff. 5. And more. As the NSF Cybersecurity Center of Excellence, Trusted CI’s mission is to provide the NSF community a coherent understanding of cybersecurity’s role in producing trustworthy science and the information and know-how required to achieve and maintain effective cybersecurity programs. Diana Cimmer ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ------------------------------ End of SECURITY Digest - 12 Apr 2021 to 14 Apr 2021 (#2021-84) ************************************************************** ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Re: SECURITY Digest - 12 Apr 2021 to 14 Apr 2021 (#2021-84) Jesse F Moore (Apr 14)
- Re: SECURITY Digest - 12 Apr 2021 to 14 Apr 2021 (#2021-84) Marshall, Michael (Apr 16)