Centralized System Administration and Security Management in a Decentralized Computing Environment

Tuesday, April 16 | 4:45PM–5:30PM | Salon A
Session Type: Professional Development
This session illustrates two methods for centrally managing security events, beginning with malicious events or with vulnerability data. First, UGA has implemented a central SIEM, which greatly enhances the ability to monitor IT-related security events from various security devices (firewalls, authentication servers, etc.) that the individual devices might have overlooked. InfoSec grants departments access to view events for their networks in exchange for them logging security events to the SIEM. Second, UNC Chapel Hill created an approach whereby servers that contain sensitive information are scanned for vulnerabilities on a monthly cycle. A system administrator must then remediate the vulnerabilities before the end of the scanning cycle. If the vulnerabilities cannot be properly addressed within 90 days, a unit must outsource sysadmin functions to a qualified entity.

Presenters

  • Stan Waddell

    Chief Information Officer, Carnegie Mellon University
  • Christopher Workman

    Associate Director, University of Georgia