Home > Newsletters > Campus Security :: August 22, 2008

Campus Security

8/22/2008

Security Spotlight

Corralling Identity Management
By Dian Schaffhauser

The University of Texas Health Science Center at Houston recently reconstituted its IT organization to include a new team focused solely on identity management. In the course of its work the team may end up becoming a model for how identity management can help deliver business value beyond standard IT duties, such as adding new users to the network.

Campus Security News

Vulnerability Management Needed for Security, Study Says
Organizations can avoid attacks and minimize security cost overruns by practicing IT vulnerability management, according to a July study published by the Aberdeen Group. The study presents solutions for IT pros, helping them prioritize their patch management strategies for operating systems, applications, and network security frameworks.
Wayne State Deploys Q1 Labs QRadar to Manage and Secure Network
Wayne State University (WSU) has chosen Q1 Labs' QRadar to analyze, visualize, and assess their networks, all while adhering to specific compliance regulations. WSU is a research university with 33,000 graduate and undergraduate students.
KU Medical Center Installs Real-time Beacon System
The University of Kansas Medical Center has installed a new system from Alertus Technologies that notifies students, faculty, staff and visitors on campus in the case of an emergency. The primary communication tools in the new system are wall-mounted "beacons," which function as a way for the KU Medical Center Police Department to communicate with the campus in real time. The units are located in every classroom and on every floor in university buildings. If activated, the beacons display flashing red lights and sound sirens, and directions are given on the units' text boards.
Virginia Tech Tries 'Compliance Sheriff' To Improve Web Site Accessibility
Virginia Tech has selected HiSoftware's Compliance Sheriff to address management of its Web site accessibility. Compliance Sheriff is a browser-based service that crawls a Web site and compares pages against a user-defined set of criteria. The tool will compare the school's site against world-wide accessibility guidelines such as the federally-defined Section 508, which addresses how technology should be designed to enable its use by people with physical impairments, and Web Content Accessibility Guidelines (WCAG) 1.0/2.0, from the World Wide Web Consortium, which address Web content and mobile Web applications.
Microsoft, BearingPoint Team Up To Provide Risk-Based Compliance Solution
Microsoft has teamed up with BearingPoint to create the BearingPoint Enterprise Governance, Risk, and Compliance (EGRC) solution. The platform is built on Microsoft technology and capitalizes on the companies' long-standing relationship.
Collaboration Key to Security, Microsoft Says
Microsoft ratcheted up its PR and client communications efforts to demonstrate that it's serious about security. On Monday, in time for this week's Black Hat conference in Las Vegas, Microsoft's Security Response Center (MSRC) launched a new ecosystem strategy team blog outlining its more collaborative approach to software security issues.
IBM Unveils New Software Designed To Streamline eDiscovery
IBM has announced the release of new Enterprise Content Management (ECM) software specifically designed to meet the needs of clients dealing with complex legal discovery requirements. The eDiscovery solutions expand on IBM's ECM platform and are intended to give organizations greater control of digitally stored documents in an effort to reduce costs and streamline the discovery process involved in litigation.
Security Woes Up, as PHP and OSS Make the List
Software vulnerabilities are up this year, especially Web browser-based ones, according to a new report from IBM Internet Security Systems. The X-Force 2008 Mid-Year Trend Statistics Report, released in late July, defined the problem broadly. A vulnerability is anything that results "in a weakening or breakdown of the confidentiality, integrity, or accessibility of the computing system."

Upcoming Events

Sep 3-10
SANS Chicago 2008

Chicago, IL

Sep 23
CIC: Data and Decisions Workshop

Memphis, TN

Sep 28 - Oct 6
SANS Network Security 2009

Washington, DC

Oct 19-22
2008 Conference on Information Technology

Salt Palace Convention Center, Salt Lake City, Utah

Oct 31 - Nov 5
SANS Monterey 2008

Monterey, CA

Nov 1-4
CIC: 2008 Chief Academic Officers Institute

Seattle, WA

Nov 5-8
Stamats Integrated Marketing Conference: Technology, Collaboration, Results

St. Petersburg, FL

Recent Newsletters