Site Menu
Recent News
The Compensating Controls & Exceptions Form is up
Here are the Compensating Controls & Exception process submision forms for the UCSS.
Security Boot Camp outline up for comment
The CIO Security Group is developing an "Information Security Boot Camp" program that will be taught later this year. Comment on the proposed outline is encouraged during development. Check out the basic outline here
Check the Blackhole List
To see the current Blackhole listing click here
Report an Incident
To report a security breach or other security incident send an email to Security@osu.edu
Monthly SECWOG (Security Working Group) Meeting
Past Events
You can find our past presentations and meeting notes on our archive page.
Current Year's Events
Here is a listing of this years talks and presentations. Any resources, PDF or slide presentations are linked to each summary entry as well as located on the media page listed by type and subject.
2008
March, 5, 2008 - Security in the Digital Age: A Primer
Security Presentation at OSU Marion
Shawn Sines |
slides
Shawn met with Faculty and Staff at the Marion regional campus to discuss the impact of Information Security on the university community as well as a number of best practices and tools for developing good computer habits. Included int he presentation are links to Information Security resources and programs to help users secure their home and work computers.
February, 5, 2008 - Security in the Digital Age: A Primer
Security Presentation at OSU Newark
Shawn Sines |
slides
Shawn met with Faculty and Staff at the Newark regional campus to discuss the impact of Information Security on the university community as well as a number of best practices and tools for developing good computer habits. Included int he presentation are links to Information Security resources and programs to help users secure their home and work computers.
January 3, 2008 - SECWOG
Open Forum
Charles Morrow-Jones
Steve Romig | slides
We kick off 2008 with an update on the Security Boot Camp program, the UCSS Compensating Controls & Exceptions progress as well as a few words from Steve about Layer 2 attacks and Scanning.
2007
Here is the subscription link for the Secwog podcasts: http://streaming.osu.edu/podcast/secwog07/secwog.xml paste this into your Podcast program or into iTunes in the Subscribe to podcast dialog.
December 6, 2007 - SECWOG
The Year in Review
Charles Morrow-Jones
Steve Romig
The Last SECWOG of the year traditionally covers the security initiatives, activities and incidents of the last year with a critical eye toward what happened, what we did and how we are moving forward. 2007 brought a lot of attention to the security situation here at OSU and Chuck and Steve discussed what it meant for us all.
November 1, 2007 - SECWOG
Passive & Active Wireless Evesdropping
Kevin Finisterre | slides
This month for SECWOG we took a break from the standard and policy discussions while Kevin Finisterre demonstrated some tools and illustrated concerns regarding the safety and security of wireless networks.
October 16, 2007 - Cybersecurity Day
OSU Held its annual Cybersecurity Day earlier this month, those who missed the festivities can find recordings of the sessions and slides on the Cybersecurity day website. Click here for more details.
October 9, 2007 - Digital Union
Locking it Down: Simple Laptop Security
Shawn Sines | slides | PDF
Come learn how to secure your laptop inside and out! Topics covered include: File Management and Housekeeping Tips, Protecting your files, Setting Good passwords, and Deterring Theft & Laptop Recovery products.
Attendees are encouraged to bring their own laptops--Mac or PC--to the session to apply what they learn.
September, 7, 2007 - Digital Union
Locking it Down: Simple Laptop Security
Shawn Sines | slides | PDF
Come learn how to secure your laptop inside and out! Topics covered include: File Management and Housekeeping Tips, Protecting your files, Setting Good passwords, and Deterring Theft & Laptop Recovery products.
Attendees are encouraged to bring their own laptops--Mac or PC--to the session to apply what they learn.
July 5,2007 - SECWOG
Find_SSN Demo
Shawn Sines
Shawn gave a presentation showing the Find_SSN tool, a program that was developed by Virgina Tech to help in their SSN remediation project.
Minimum Security Standards
Brian Moeller | slides
Brian, along with CIO Susan Metros and members of the University Information Technology Partnership Committee presented the minimum computer standards policy and moderated a discussion of the questions and concerns university IT staff members and DNA's had over the new standards.
June 7,2007 - SECWOG
Director's Comments
Charles Morrow-Jones | slides
Director Charles Morrow-Jones discusses the many projects ongoing at the university including the Computer Security Standards and the Institutional Data Policy.
May 3, 2007 - SECWOG
EFS - What does that Checkbox do?
Rob Skoog | slides | PDF
This month Rob Skoog stepped from the crowd to share his experiences with EFS encryption on windows. He discussed file shares, how EFs works a bit and what some of the caveats should be before implementing them.
Open discussion
The topic of this month's open discussion surrounded the recent data exposure and the PGP Whole Disk Encryption purchase.
Unfortunately the podcast is incomplete and does not contain all of the conversation. We are working to resolve this situation to get the Podcast recordings back on track for next meeting.
May 3, 2007 - Student Data Users Forum
Student Data: Roles and Responsibilities
Shawn Sines | slides | PDF
Shawn gave this presentation to the assembled student data user group concerning basic security, security concerns and resources.
April 5, 2007 - SECWOG
Director's Comments
Charles Morrow-Jones | slides
Security Director Charles Morrow-Jones updates on the GeoTrust SSL certificate purchase process, upcoming security initiatives as well as the recent data exposures and House Bill 104 Lessons Learned.
Encryption under XP and OS X
Shawn Sines | slides
Shawn Sines speaks about the grass roots encryption push as a result of Provost Barbara Snyder's recent letter. The slides here are meant as an education resource for training and introducing the concept of folder based disk encryption to end users and less technical staff.
Forensic Show & Tell
Steve Romig
Steve Romig continued his demonstration of the many forensic analysis and data tools that he uses in the process of an incident investigation. Movies with narration will be posted to our media page in the near future for each application.
Podcast note: The podcast for April is incomplete and of poor quality so I am not putting it on the site.
March 1, 2007 - SECWOG
Director's Comment
Charles Morrow-Jones | slides
Security Director Charles Morrow-Jones updates us on security related projects like the GeoTrust SSL agreement and Two-factor Authentication.
Appscan demo
Seth Hall
Seth demonstrates the new web application scanner purchased by the security group to detect vulnerabilities in public web applications in the university domain.
Outreach and RDP
Shawn Sines
Shawn continues to preach outreach and touches on the recent Windows Remote Desktop discussion.
SANS Internet Storm Center Forcast
Jim Clausing
Jim discussed recent happenings at the Internet Storm center.
RSA brief
Brian talked about the RSA SecurID solution.
February 1, 2007 - SECWOG
Incident Response tips
Steve Romig | PDF | slides
Steve talks about the Incident response procedures and offers some information to aid in streamlining the process of discovery and evaluation of your systems in a response situation.
Information Security Webpage update
Shawn Sines | slides
Shawn speaks about the changes to the Information Security web page, discusses the upcoming podcasting and training resources and asks for user input on resources the Information Security group can create to help DNAs.
January 4, 2007 - SECWOG
No SECWOG meeting this month.
