President's Report - FY10 Q4
- ITSS Accomplishments
- ITSS Issues and Trends
FY10 Q3
Tim McGovern's email to Elaine Aufiero and Patricia Sheppard (dated
...
4/8/2010)
...
SUBJECT:
...
ITSS
...
Q3
...
Narratives
Attached is a brief snapshot of our work....let
...
me
...
know
...
if
...
I
...
can
...
clarify
...
anything.
...
Tim's
...
attachment
...
for
...
this
...
email:
...
Q3
...
Highlights
...
for
...
IT
...
Security
...
(such
...
as
...
it's
...
defined)
...
•
...
INCIDENT
...
RESPONSE
...
&
...
SPECIAL
...
REQUESTS
...
•
...
MIT
...
Portugal,
...
'nuff
...
said.
...
•
...
Continued
...
to
...
provide
...
daily
...
trouble
...
ticket
...
support
...
to
...
other
...
areas
...
in
...
IS&T
...
and
...
to
...
the
...
MIT
...
community
...
at
...
large
...
for
...
security,
...
policy,
...
information
...
protection,
...
and
...
encryption.
...
Situation
...
quite
...
messy
...
during
...
the
...
Q,
...
but
...
getting
...
better
...
after
...
a
...
bunch
...
of
...
effort
...
in
...
OIS,
...
CSS/DS,
...
etc.
...
•
...
Continued
...
to
...
act
...
as
...
first
...
step
...
in
...
response
...
to
...
issues
...
related
...
to
...
Type
...
D
...
PCI
...
merchants
...
•
...
Extensive
...
technical
...
support
...
to
...
OGC
...
wrt
...
a
...
MAJOR
...
dispute
...
between
...
MIT
...
and
...
a
...
large,
...
generous
...
financial
...
institution
...
(on
...
the
...
order
...
of
...
3
...
weeks
...
of
...
effort
...
just
...
in
...
this
...
quarter;
...
this
...
dispute
...
started
...
in
...
September
...
2009,
...
and
...
we've
...
been
...
providing
...
help
...
since
...
the
...
get-go)
...
•
...
In
...
general,
...
tickets
...
(as
...
an
...
approximator
...
for
...
work)
...
volume
...
held
...
steady.
...
⁃
...
DMCA
...
notices
...
were
...
down
...
somewhat
...
(vs.
...
year
...
ago,
...
same
...
quarter),
...
as
...
TOR
...
activity
...
was
...
curtailed
...
from
...
a
...
year
...
ago.
...
⁃
...
Security
...
tickets
...
were
...
also
...
down
...
(ditto),
...
almost
...
entirely
...
due
...
to
...
the
...
loss
...
of
...
our
...
network
...
traffic
...
feed
...
to
...
our
...
sensors.
...
Note:
...
this
...
is
...
just
...
asking
...
for
...
more
...
trouble
...
down
...
the
...
road
...
as
...
many,
...
many
...
machines
...
that
...
are
...
infected
...
continue
...
on
...
unnoticed.
...
⁃
...
Infoprotect
...
saw
...
an
...
uptick,
...
as
...
we
...
took
...
in
...
18
...
new
...
data
...
incidents
...
just
...
this
...
quarter
...
– a
...
number
...
of
...
incidents
...
from
...
calendar
...
year
...
2009
...
that
...
didn't
...
get
...
full
...
forensics
...
have
...
been
...
closed
...
without
...
producing
...
findings.
...
Regrettably,
...
we've
...
been
...
so
...
inundated
...
with
...
getting
...
these
...
new
...
incidents
...
into
...
our
...
imaging
...
infrastructure,
...
we
...
haven't
...
been
...
able
...
to
...
process
...
many
...
for
...
actual
...
risk
...
assessment.
...
•
...
AWARENESS
...
•
...
Co-led
...
multiple
...
IAP
...
and
...
department
...
level
...
courses
...
on
...
Handling
...
Sensitive
...
Data.
...
Partnering
...
with
...
Audit/PII
...
Program.
...
•
...
Presented
...
at
...
Essentials
...
of
...
Management
...
workshop
...
run
...
by
...
HR
...
on
...
the
...
Current
...
State
...
of
...
IT
...
Security
...
at
...
MIT.
...
•
...
INFORMATION
...
PROTECTION,
...
RISK
...
MANAGEMENT
...
&
...
COMPLIANCE
...
•
...
Completed
...
the
...
writing
...
of
...
MIT's
...
WISP
...
in
...
compliance
...
with
...
Massachusetts
...
Law.
...
Communication
...
and
...
outreach
...
to
...
the
...
community
...
around
...
the
...
requirements
...
included
...
in
...
the
...
WISP
...
begun
...
and
...
will
...
continue
...
into
...
Q4.
...
•
...
Continued
...
support
...
for
...
PGP,
...
and
...
at
...
quarter's
...
end,
...
PGP
...
Rollout
...
was
...
ordained
...
a
...
project.
...
•
...
Initiated
...
vendor
...
discussion
...
and
...
strategy
...
development
...
for
...
Identity
...
Finder
...
product.
...
Work
...
will
...
continue
...
into
...
Q4.
...
•
...
Spoke
...
at
...
NERCOMP
...
on
...
evolving
...
collaborative
...
data
...
incident
...
response
...
strategies
...
•
...
Initiated
...
vendor
...
discussion
...
and
...
product
...
review
...
of
...
McAfee
...
products
...
•
...
Refined
...
Incident
...
Response
...
strategy
...
for
...
data
...
incidents
...
•
...
Received,
...
evaluated
...
and
...
rolled
...
out
...
newest
...
version
...
of
...
PGP
...
Whole
...
Disk
...
Encryption
...
software
...
– necessary
...
for
...
Mac
...
OS
...
upgrades
...
to
...
Snow
...
Leopard.
...
•
...
Attempted
...
to
...
broker
...
deal
...
for
...
PGP
...
with
...
Sloan
...
-
...
Sloan
...
cancelled
...
deal
...
•
...
Continued
...
to
...
work
...
with
...
DUE
...
and
...
Student
...
Financial
...
Services
...
on
...
implementation
...
of
...
new
...
minimum
...
security
...
standards
...
in
...
SFS
...
to
...
reduce
...
the
...
risk
...
of
...
further
...
data
...
incidents
...
•
...
Convened
...
working
...
group
...
on
...
p2p
...
provisions
...
of
...
HEOA;
...
compliance
...
data
...
is
...
July
...
1,
...
2010.
...
We'll
...
never
...
make
...
it
...
!
...
•
...
POLICY
...
•
...
Almost
...
managed
...
to
...
complete
...
the
...
revision
...
of
...
Rule
...
6
...
of
...
MITnet
...
Rules;
...
should
...
get
...
done
...
in
...
April,
...
2010.
...
•
...
INSIDE
...
COLLABORATIONS
...
•
...
Continued
...
work
...
within
...
the
...
Identity
...
Management
...
Taskforce
...
(under
...
ISDA
...
tutelage).
...
•
...
Began
...
meeting
...
regularly
...
with
...
Service
...
Desk
...
to
...
provide
...
better
...
security-related
...
services
...
to
...
users
...
and
...
find
...
areas
...
for
...
collaboration.
...
•
...
Teamed
...
up
...
with
...
IS&T
...
communications
...
to
...
include
...
security
...
news
...
into
...
the
...
design
...
of
...
the
...
new
...
online
...
IS&T
...
News
...
page.
...
•
...
OUTSIDE
...
RELATIONSHIPS
...
&
...
PROFESSIONAL
...
DEVELOPMENT
...
•
...
Attended
...
RSA
...
2010
...
Conference
...
– major
...
all-industry
...
IT
...
security
...
policy,
...
tools
...
and
...
technology
...
meeting.
...
•
...
Participated
...
in
...
IvyPlus
...
IT
...
Security
...
Officers
...
meeting
...
@
...
Harvard
...
•
...
Attended
...
NERCOMP
...
workshop
...
on
...
Cyber
...
Security
...
Awareness.
...
•
...
MAJOR
...
OPERATIONAL
...
ISSUES
...
•
...
No
...
network
...
traffic
...
being
...
provided
...
to
...
our
...
sensors
...
for
...
incident
...
detection,
...
forensics
...
work,
...
etc.
...
•
...
No
...
registration/authentication
...
of
...
NG
...
wireless
...
⁃
...
Note:
...
this
...
makes
...
incident
...
response
...
impossible
...
in
...
an
...
increasing
...
number
...
of
...
cases
...
(roughly
...
1/3
...
of
...
all
...
DMCA
...
complaints
...
cannot
...
be
...
followed
...
up
...
on)
...
•
...
No
...
netflow
...
data
...
from
...
MIT
...
critical
...
infrastructure
...
(e.g.
...
OC11
...
datacenter,
...
W91
...
datacenter,
...
etc.).
...
⁃
...
Note:
...
this
...
makes
...
it
...
hard
...
for
...
us
...
to
...
assess
...
what
...
risks
...
might
...
exist
...
in
...
these
...
areas
...
of
...
our
...
infrastructure;
...
we
...
assume
...
that
...
SAIS,
...
OIS
...
or
...
ISDA
...
teams
...
are
...
taking
...
good
...
care
...
of
...
this.
...
FY10 Q2
Timothy McGovern’s email to Elaine Aufiero and cc: css-managers@mit.edu
...
(dated
...
1/11/2010)
...
SUBJECT:
...
Re:
...
REMINDER
...
-
...
2010
...
Q2
...
Reporting
...
Due
...
Today
...
!
...
Addition
...
to
...
narrative
...
from
...
ITSS'
...
point
...
of
...
view:
...
Continued
...
to
...
handle
...
many
...
potential
...
data
...
incidents,
...
both
...
major
...
and
...
minor.
...
No
...
confirmed
...
positive
...
data
...
breaches
...
in
...
Q2.
...
Continued
...
work
...
in
...
many
...
data
...
security
...
initiatives,
...
some
...
of
...
which
...
are
...
coming
...
to
...
fruition
...
as
...
we
...
speak:
...
1)
...
PCI
...
compliance
...
incident
...
response
...
(will
...
complete
...
in
...
Q3),
...
and
...
2)
...
final
...
stages
...
of
...
a
...
written
...
information
...
security
...
program
...
for
...
compliance
...
with
...
Massachusetts'
...
Data
...
Breach
...
Law
...
(will
...
complete
...
in
...
Q3).
...
– Tim
---------------
...
-
...
Tim
...
McGovern
...
Manager,
...
IT
...
Security
...
Services
...
Client
...
Support
...
Services,
...
IS&T,
...
MIT
...
(617)
...
253-0505
...
__________________________________________________________________________________________________
...
_
FY10 Q1
Need to input this information.