The Office of Information Technology - UTSA

This document should be rendered in an HTML format. If you are using an editor that does not show HTML documents please skip to page content, links on this page, and/or site navigation.

Information Security Office

Office of Information Technology

Welcome to the UTSA's Information Security web site. This site has been designed to provide students, faculty, staff, and computer professionals with information and awareness needed to secure their systems and data.

Report a Security Incident Online!

Links

General Computer User Technical Professional Report a Security Incident Online! Help Desk Reset Network Password UTSA Staff Webmail E-mail Anti-Spam BANNER VPN Access Software Computer Accounts IT Office Locations ITA Home Page Acceptable Use Policy Information Resource Standards

UTSA Students

Student Computing Services

1604 & DT Campus Classroom Tech Support

210.458.6735
210.458.7660

Computer Problems?

UTSA Helpdesk
210.458.5538

Student Computing Services

210.458.4557

The University of Texas at San Antonio

Information Resource Standards

Security Monitoring Standard

Purpose - Security Monitoring provides a means by which to confirm that information resource security controls are in place, are effective and are not being bypassed. One of the benefits of security monitoring is the early identification of wrongdoing or new security vulnerabilities. Early detection and monitoring can prevent possible attacks or minimize their impact on computer systems. Other benefits include Audit Compliance, Service Level Monitoring, Performance Measuring, Limiting Liability and Capacity Planning. This standard serves as a companion to the Intrusion Detection Standard and provides for the continuous monitoring that takes place at the system level.

Audience - The UTSA Security Monitoring Standard applies to all individuals who that are responsible for the installation of new information resources, the operations of existing information resources and individuals charged with information resource security.

UTSA will use automated tools to provide real-time notification of detected wrongdoing and vulnerability exploitation. Where possible, a security baseline will be developed and the tools will report exceptions. These tools will be deployed by the Office of Information Technology to monitor UTSA computers and devices for:
1. Internet traffic
2. Electronic mail traffic
3. LAN traffic, protocols and device inventory
4. Operating system security parameters
5. Rogue access points/devices
6. Installed software on servers and desktops
The following files will be checked for signs of illicit activity and vulnerability to exploitation at a frequency determined by risk:
1. Automated intrusion detection system logs
2. Firewall logs
3. User account logs
4. Network scanning logs
5. System error logs
6. Configuration files
7. Application logs
8. Data backup and recovery logs
9. Help desk trouble tickets
10. Telephone activity – Call Detail Reports
11. Network printer and fax logs
Assigned individuals will monitor the following (at least annually):
1. Password strength
2. Unauthorized network devices
3. Unauthorized personal web servers
4. Unsecured sharing of devices
5. Unauthorized modem use
6. Operating System and software licenses
For audit purposes, logs will be archived for a minimum of 90 days.
Any security issues discovered will be reported to the ISO for follow-up investigation.

Account Management	Incident Management	Password	Software Licensing
Administrative/Special Access	Information Services Privacy	Physical Access	Vendor Access
Backup and Data Recovery	Internet Use	Portable Computing	Virus Protection
Change Management	Intrusion Detection	Security Monitoring	Wireless Communication
E-Mail Management	Network Access	Security Training
File Sharing	Network Configuration	Server Hardening

©The University of Texas at San Antonio One UTSA Circle San Antonio TX 78249
Revised: 06/05/2008
Refer Comments to: oit@utsa.edu
Identity Guidelines | Policies | Emergency Preparedness | Required Links