Educause Security Discussion
mailing list archives
Re: Integrating security in IT processes
From: Bob Bayn <bob.bayn () USU EDU>
Date: Wed, 14 Nov 2012 15:22:46 +0000
All public higher ed schools in Utah use the 20 critical controls to some degree or another, if only because the 20
critical controls are the basis for the annual security audit that is performed by a roving technical audit team under
the auspices of the state Board of Regents.
It remains to be seen how well that top-down endorsement of the 20 controls works to promote a penetration of the
principles into all IT processes. We are taking baby steps here.
Bob Bayn SER 301 (435)797-2396 IT Security Team
Office of Information Technology, Utah State University
three common hazardous email scams to watch out for:
1) unfamiliar transaction report from familiar business
2) attachment with no explanation in message body
3) "phishing" for your email password