Middlebury

 

Services

Education

  • CBT: InfoSec offers a computer based training program on information security.
  • RoadShows: roadshows are available on request and can be offered either remotely or through the Security Team.

Architecture

  • Security Surveys: When evaluating new technologies the InfoSec department and the LIS Security Team offer a SaaS survey on the InfoSec website to help assess the security readiness of the product.
  • Design: The InfoSec department is available to participate in discussions on network or system design to help ensure the end result is secure and meets compliance with standards.
  • Network Segmentation
  • Security Enclaves
  • System Hardening
  • Needs Assessments: InfoSec continuously seeks to identify new solutions to address security needs and provide resources to address security concerns.
    • BYOD
    • Secure File Sharing
    • 2-Factor Authentication

Technology

  • Encryption: In an effort to address the need to transport data while traveling, InfoSec offers a selection of different encryption solutions for the end user.
  • USB Drives
  • Anti-Virus: InfoSec offers anti-virus to the entire campus, both in a managed capacity for College systems and unmanaged for personal systems.
  • Vulnerability Management: InfoSec offers a vulnerability management solution for the server infrastructure which can be employed and tuned to help assess and mitigate risk.

Governance

  • Policy: InfoSec has helped to identify, develop and implement security based policy which impacts the entire institution.
    • Network Monitoring
    • Incident Response
    • Data Classification
    • PCI
  • Auditing: Auditing services are available from the InfoSec department. These can be leveraged for penetration testing of systems or for sensitive data searches on file shares.
    • Metasploit
    • StealthSeek
  • Risk Assessment: InfoSec can be employed to help facilitate and orchestrate risk assessment efforts.
    • Is it secure?
    • Is it reliable?
    • Is it recoverable?