January 20, 2008
The Case Tier I Information baseline security configurations are in final draft phase. The listing can be found at the Information Technology Policy Site under "Standard network host configurations for Tier I information".
These controls are the baseline suite for all information tiers, and are the most risk tolerant. As information sensitivity increases, (Tier III is the highest) the controls add increasing depth to assure information confidentiality. Tier II and III controls are built upon these Tier I controls, and thus Tier I controls apply to all networked hosts in the Case environment.
The implementation phase will begin with all new hosts registered in the network, and administrators will be contacted for random audits of hosts in their areas. A majority of the managed environments meet these standards at present.
Additional assistance and guidance in host configuration for students, faculty, and staff will be available at the Case Help Desk at http://help.case.edu.
Comments and questions on the controls will be taken by sending an email to firstname.lastname@example.org.
Posted by Thomas Siu at 04:45 PM