Data Security Initiative Progress

Post

I. Develop and document systems and practices to protect our data including Governance, Risk Management, Cyber Security, Identity and Access.

II. Implement standards as adopted and developed by the CCC Security Center:

  2018-2019 2019-2020 2020-2021
Information security policies, regulations, and business processes will be adopted, derived and aligned with the currently adopted CCC’s Information Security Standard.      

III. Utilize the tools and services offered by the CCC Security Center, including:

  2018-2019 2019-2020 2020-2021
Splunk – correlates real-time data for threat analysis.      
Tenable Security Center – provides real-time vulnerability scanning.      
Spirion – provides data loss prevention (scans for SSN, credit card numbers, etc.).      
Vulnerability Assessments.      
Security Awareness Training.      
Phishing Assessments.      

IV. Request funds, purchase and implement various industry recognized tools and services designed to support the policies and standards adopted above:

  2018-2019 2019-2020 2020-2021
Microsoft SCCM – expands the use of applicable security-related features.      
Microsoft Outlook – currently provides data loss prevention for email.      
Jamf – automates patches, upgrades, audits security events, etc. for Apple computers.      
PortalGuard – allows 2-factor authentication, single sign-on, and self-service password resets.      
Research and implement a next generation antivirus solution.      
Research the value of a network monitoring service to detect high level attacks.      
Research the value of endpoint snapshot tools for instant recovery.      
GreyHeller Application Firewall – provides various security layers for PeopleSoft data.