The next installment of the “Security Series” offered by Security Operations and Services and ITS Training Services will be held on Wednesday, April 30, 2014 from 3:30 to 4:30 pm both face-to-face in 508 Rider Building, University Park, and via a Meeting@PennState desktop videoconference. This session, entitled “Unrestricted Secure Computing,” will be presented by Greg Madden, John Tyndall and Ed Smiley and is intended for a technical audience.
Each session of the Security Series in 2014 intended for a technical audience will involve the theme of the Minimum Security Baseline (MSB). The MSB ties in with the data categorization initiative that will soon be University-wide. There are a total of ten categories in the MSB and a Security Series session will be offered around each one.
IT departments have historically enforced security on end-user computers through a combination of (a) software agents that restrict what the computer can do; (b) software agents that mandate particular actions on the part of the user; (c) software agents that report various pieces of information back to IT; (d) software agents that regularly check for and apply updates; and (e) policy restrictions that tell the computer user the various ways in which they are not allowed to use their machine. From a user perspective, this can be summarized as: IT takes a perfectly good computer and refuses to let you use it until they load it up with bloatware and tell you what you aren’t allowed to do.
In this presentation we attempt to provide a framework by which IT can overcome these historical tendencies while still maintaining the security that we must necessarily have in order to protect the proprietary and sensitive data in use by our campuses, colleges, and departments. We recognize the primacy of importance of data protection (as opposed to device protection). We discuss the various agents that are installed on end-user computers and suggest means by which those agents might be removed (bloatware reduction). We discuss frameworks currently in place for data protection (Sharepoint, Citrix) that might be utilized to begin removing usage restrictions from our end-user computers (restriction reduction). Finally, we propose a model in which both the software agents and the usage restrictions take place at the network level rather than at the level of the end-user computer, thereby freeing the computer from the clutches of IT and releasing it into the wild to be used to its fullest by the end user.
Attendees will learn about computer security, data security, computer usage restrictions, software agents that enforce computer usage restrictions, IT security policies, the origin of IT security policies, the importance of securing data as opposed to securing hardware, and proposals for moving IT security away from the era of usage restrictions and into a new era of unrestricted secure computing.
To register to attend in person, please visit http://portal.outreach.psu.edu/search/publicCourseSectionDetails.do?method=load§ionId=844719&paCode=PA0002#
To register to attend via Meeting@Penn State, please visit http://portal.outreach.psu.edu/search/publicCourseSectionDetails.do?method=load§ionId=844810&paCode=PA0002#
Recordings of the previous “Security Series” workshops can be viewed at http://www.psu.edu/dept/tlt/connect_recordings/link_script.html (scroll down towards the bottom of the page).