Brown University's Computing and Information Services organization, as well as many others at Brown, have been adversely affected by the increase in number and the severity of malicious threats that have impacted the global computing community. These threats are delivered in many forms: malicious code (viruses, worms, trojans) and exploitation of undiscovered and unpatched software vulnerabilities (hacking), phishing, and improperly configured software or servers. In addition to loss or slowing of services and loss or theft of data, Brown University may be liable for damage to organizations that results from negligence in administrating Brown's networked devices.
Further, abuse of services for the distribution of unauthorized commercial email (improperly but commonly referred to as "spam") and unauthorized use and distribution of copyrighted material continues to expose Brown University to potential penalties as well.
CIS is working with the Brown community to implement reasonable IT policies and procedures to secure computing and information services and to adequately protect the data security, confidentiality, and accessibility of our networked information without significantly compromising intellectual freedom.
Responsibilities of CIRT
- Identify categories of malicious activity that threaten Brown University's computing infrastructure. These categories are constantly evolving. They include, but are not limited to, the following:
- Denial of Service attacks
- Rapidly spreading or highly virulent malicious code (viruses, worms, trojans)
- Unauthorized utilization of services by Brown community members or others
- Unauthorized access to protected computing and information services by Brown community members or others
- Technical support for investigations approved by authorized Brown representatives, on behalf of the University
- Mitigation of unauthorized wireless access points
- Spam outbreaks
- Compromised accounts
- Researchers responding to incidents related to credit card data
- Ongoing threats not yet defined
- Coordinate appropriate responses to counter malicious threats.
- Develop group-level response procedures so that there is archival documentation and clear understanding of roles across CIS and non-CIS groups.
- Periodically review processes utilized for Incident Response and make recommendations for improvements to the CIRT Director, as appropriate.
- Be aware of developing security issues affecting computing and information services.
The CIRT is composed of representatives (and their alternates) from several major groups within CIS:
|CIRT Director||David Sherry (Chief Information Security Officer)|
|Director of Infrastructure Services||Linnea Wolfe|
|Network Technology||Kevin DaSilva, Elvis Seth, Tim Wells, Doug Wilkinson|
|Desktop Systems & Services||Steven McKay, Peter Tirrell|
|IT Service Center||Michele Blanchette, Jeff Clark, Kathy Dorion, Daisy Medeiros|
|Windows Systems||Adam Chiodini, Tony Jaworski, Robert Mattei, Michael Rosendale|
|Unix Systems||David Andrade, Paulo Baptista, Thomas DuVally, John Larsen, Robert Morse|
|Operations/Admin||Paul Kelleher, David Rollins|
|Admin Systems||Dave Clark, John Dick|
|Network Security||Robert Fletcher|
|Information Security Communications||Pat Falcon|
Type of Incident
|Email-Borne Malware||Robert Morse|
|Malware other than Email-Borne||Peter Tirell|
|Network Issues||Tim Wells|
|Power Issues||David Rollins|
Questions or comments to: ITPolicy@brown.edu
Effective Date: August 30, 2004
Last Reviewed: March, 2014
Next Scheduled Review: March, 2016