Overview
The scope of this service offering includes (but is not limited to); network security, system security, application security, and threat monitoring and management:
- Administration and monitoring of Anti-Virus software (e.g. Symantec and Microsoft Defender) including follow-up as needed based on the analysis of actionable information from reports generated by these systems
- Administration and monitoring of Intrusion Detection System (IDS), Intrusion Prevention System (IPS), firewall, event application logs, and other security system applications and system integrations including and follow-up as needed based on the analysis of actionable information from reports generated by these systems.
- Secure Internet Gateway (SIG) administration, monitoring, analysis, and follow-up as needed based on actionable information from reports generated by the system (a.k.a. Cisco Umbrella).
- Spam filtering and E-mail security administration, monitoring, analysis, and follow-up as needed based on actionable information from reports generated by the system (a.k.a. Mimecast).
- Security Information and Event Management (SIEM) administration, monitoring, analysis, and follow-up as needed based on actionable information from reports generated by the system (a.k.a. Microsoft Sentinel).
- Periodic scanning of technological infrastructure in order to identify exploitable vulnerabilities and then determine an appropriate course of action based on an analysis of the results.
Eligibility
All Faculty, Staff and Students are eligible for this service.
Prerequisites
None
Features and Benefits
- Multiple levels of defense against Internet-based threats to information and cybersecurity.
- Added protection from spam, phishing attempts, malware, and zero-day attacks.
- Real-time threat monitoring and analysis across a variety of applications and systems.
- The ability to aggregate and correlate relevant data from multiple sources, identify deviations from the norm, and take appropriate action in order to detect, prevent, or respond more quickly to security vulnerabilities, threats, and breaches.
- Information and tools needed in order to aggregate information over time for compliance reporting, troubleshooting incidents, and forensic analysis in the event of security breaches.
Requesting the Service
Click on “Request Assistance” from this web page in order to provide us with some basic information about your unmet or anticipated need and then submit your request.
Related Documentation
- Information Security Program for Framingham State University
- Information Security Risk Management Policy
- Policy on Cybersecurity and Risk Management
- Safeguards for End-Point Devices
- Safeguards for Systems and Network infrastructure
Fulfillment Target
Response from someone within Information Technology Services (ITS) will be determined by the urgency of the incident or request, but the time to respond is normally 3 days with resolution within 5 days.