Information security is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. At Georgia Tech, the OIT Information Security team protects the Institute's users and resources from potential attack. In cooperation with OIT, TSO works to further protect CoC users and resources from the same. Keith Watson is the College's Information Security Manager and is the official liaison to OIT with regard to Information Security.
Institute Computing and Networking Policies
Georgia Tech maintains a set of Institute-Level policies, standards and procedures that are intended to provide guidance regarding what resources should be secured, how they should be secured, and why they should be secured. The purpose of these policies, standards and procedures is not to inhibit the primary missions of the Institute, but rather to protect its resources and users. Any person who uses the Institute's information technology resources consents to the provisions of several policies and agrees to comply with all of the terms and conditions, and with all applicable state and federal laws and regulations. Policies and procedures of note include:
- Computer & Network Usage and Security Policy (CNUSP)
- Computer & Network Security Procedures
- GT Data Access Policy (DAP)
- Or, visit OIT's web page to see All Security-Related IT Policies
In addition, TSO develops IT policies and procedures local to CoC to further protect the College:
Incident Management & Reporting
When OIT or TSO discovers that an intruder has gained unauthorized access to a computer system, we analyze the situation, determine the breadth of the compromise, take corrective action and provide reports for our leadership if necessary. The work involves employing sound computer forensics methods with the aim of identifying, preserving, recovering, analyzing and presenting facts and opinions about the incident. TSO works together with CoC users to manage incidents that involve their computers or data, and in turn act as liaison to OIT/IS to assure that resolution is achieved.
System & Network Logging
System and network logging is the process of automatically recording events, typically using the base operating system features, in order to provide an audit trail that can be used to understand the activity of a system or application. TSO managed systems are configured to automatically log events both locally and to central log servers.
Network Scanning & Analysis
To assess the security of desktops, laptops and servers, Georgia Tech uses a vulnerability management solution called QualysGuard. This system provides delegated administration to Units (e.g. CoC) for classifying assets, scanning network space, remediating issues, and reporting on vulnerability trends within a Unit or the Institute. This systematic examination of hosts on the CoC network helps TSO determine the adequacy of security measures, identify security deficiencies, provide data from which to predict the effectiveness of proposed information security measures, and confirm the adequacy of such measures after implementation.