Goal 1: Maintain Security of ITS Enterprise Systems

Transcription

1 INFORMATION TECHNOLOGY SERVICES University Technology Administration, Infrastructure and Support Open Systems Infrastructure Calendar Year 2019 Overview The primary mission of Open Systems Infrastructure is: to manage all central enterprise storage, backup, and recovery services for the University to provide central file storage services to departments and users to provide virtual machine services to University departments to provide virtual application services to University departments to provide hardware and operating system support for all central Unix and Linux enterprise systems to provide web hosting services, mail listserv services, and file transfer services for the University to administer the service and system monitoring service for enterprise ITS systems and services to support the University s Disaster Recovery systems Goal 1: Maintain Security of ITS Enterprise Systems Continue maintenance information communication for FSU ITS/ERP including regular meetings and documentation. Continue regular credentialed Nexpose scans of hosts and work with application teams to mitigate/remedy identified issues, especially those outside of the core operating system (including hosts within the Disaster Recovery arena). Complete monthly scans of all RHEL systems and share reports with ISPO. Examine additional perspectives on MEAS credentialed scans to identify verified exploitable security issues and CvSS scores from report results. Develop a good working knowledge of the Kenna Security tool new to ISPO and contribute to methods of use for IOS assets. 1

2 Develop a good working knowledge of Splunk and how the tool can contribute to trouble shooting security issues. Develop a good working knowledge of Insights and how this RHEL tool examines and reports on RHEL security issues. Initiate Oracle database specific Nexpose scans of ITS Oracle databases. Coordinate with ISPO to perform Personally Identifiable Information (PII) scans for ITS systems. In 2019, anticipate regular meetings with ISPO SOC staff and IOS Enterprise Security. Continue to assist Middleware in reviewing ihealth results of qkview file evaluation of all F5 instances monthly with MW to identify security issues to be addressed. With respect to application security updates, assist application owners in awareness of needed updates. Continue working with ITS senior management on firming security goals and prioritization for ITS systems through documentation and recommendations. Prepare for cloud security considerations as FSU ITS builds its cloud presence. Continue to examine Privileged Access Management (PAM) applications and make recommendation for FSU ITS/ERP implementation. Implement Multi-Factor Authentication (MFA) for remote access to key critical ITS systems and applications. Provide communication outreach to FSU Department customers of MEAS systems on post vulnerability scans and remediation follow up similar to FSU Department customers of LEAS systems. In 2019 plan for an updated joint Unix/Microsoft presentation is planned for the ITS Managers on ITS Vulnerability Status & Review. Continue and complete information gathering and documentation of the Vulnerability Management Process for IOS. As Sophos replaces ClamAV as the on-demand anti-virus scanning tool for RHEL systems, perform ClamAV cleanup and removal from those systems. Complete conversion from ClamAV to Sophos on existing RHEL6 and RHEL7 hosts including the enabling of on-access file scanning for the RHEL7 hosts. Lock down generic/shared shell accounts and require users to login as themselves and then sudo to the shared account. Expand existing shell account management system to include review of sudo rules/access. Implement automated network security reviews of hosts (iptables/firewalld rules) by moving the management of iptables/firewalld to Ansible. Implement regular review and cleanup of network ACL/firewall rules for our systems. Perform regular operating system patching quarterly for all of our hosts. Adhere to the new ITS Vulnerability Management Program guidelines. Incorporate standard security benchmark standards (such as CIS, NIST, or other) into standard RHEL operating system builds. Implement a Splunk deployment system to allow for more standardized and efficient central management of Splunk log forwarding. Implement more secure, more complex shell account password rules for all of our Linux hosts. Migrate existing RHEL system build/customization scripts to Ansible. Continue to review Red Hat Insights reports and implement recommended actions to optimize system performance, stability, availability, and security. Continue to monitor and maintain compliance with PCI standards for impacted systems. 2

3 Continue to work with the operating system teams to implement Multi-Factor Authentication (MFA) for virtual machine infrastructure. Implement automated system hardening, reporting and remediation tools for virtual machines deployed within the ITS enterprise environment, utilizing the capabilities of vrops (vrealize Operations Suite). Work with the Information Security and Privacy Office to implement policies and procedures in regard to the protection and use of data stored within enterprise systems. This includes adhering to the new ITS Vulnerability Management Program guidelines. Goal 2: Ensure Operational Stability, Reliability, and Performance for ITS Enterprise Systems Continue rebuilding RHEL6 systems on RHEL7 in preparation for RHEL6 End of Life in Continue to create Splunk dashboards and reports to improve system monitoring and alerts for performance and security. Work with application owners to implement automated stop/start of applications when a server is booted or shut down. This allows for more streamlined patching processes and more resilient hosts/services. Complete the deployment of the IDPA (Integrated Data Protection Appliance) solution. Test the additional capabilities of our IDPA solution, including using Cloud Tier to extend the storage of the IDPA, as well as testing the cloud disaster recovery options to recover virtual machines and Oracle databases. Research and deploy, where possible, tools for virtual machine monitoring, application discovery, and predictive troubleshooting analytics. Research and deploy updated data protection and recovery strategies for ITS supported cloud infrastructure. Goal 3: Enhance Service Offerings and Improve Customer Experience Continue to implement Ansible to enhance automation in the environment. Extend the use of Ansible into more of the operating system patching, and server provisioning and deployment processes as well as virtual machine deployments. 3

4 Continue to introduce more public cloud-based virtual services for customers. Continue to support staff development/training efforts to ensure that staff are in the best position to provide value to internal and external customers. Research opportunities to utilize container technologies. Upgrade Mailman to version 3. Work with application owners and F5 administrators to implement F5 probes that monitor server files, allowing application owners or system administrators to trigger removal of a server from the F5 pool before planned maintenance begins. This will enhance customer experience by minimizing service disruption when individual servers are removed from the server pool for maintenance. Integrate existing on-premise virtual machine services that are offered as a private cloud with public cloud services, providing more options to meet different customer needs. Offer virtual machine services to select ITS customers from the Shaw building on campus, allowing the use of ITS VM services for applications requiring co-location in Shaw. Continue working with the College of Engineering to assist with the transition of their systems to the ITS Virtual Machine service. Work with all external customers of ITS Virtual Machine service to clarify roles and responsibilities. Work on future plans and enhancements (compliance retention, long term retention/archiving, cloud tiering, ability to store regulated data) for ITS enterprise file service. Perform needs assessment for DevOps environment within ITS. Goal 4: Support the University s Disaster Recovery Plan Continue to provide support for all of the systems and storage at the DR site. Keep the DR site up to date with patching and security updates as needed. Keep data synchronization for DR hosts up to date. Participate in DR testing and validation activities. Participate in planning for next phase/iteration of DR site and any changes in scope that result from the Business Impact Analysis scheduled to be done this fiscal year. Participate in planning and implementation of next generation DR site using public cloud services with changes in scope that resulted from the new Business Impact Analysis. Prepare for the planned vacating of the Atlanta Data Center. 4

5 Goal 5: Implement secure research computing environment in support of NIST requirements Maintain secure cloud computing environment to provide infrastructure needs for research contracts that have NIST compliance requirements. Ensure continued availability and security of NIST computing environment. Goal 6: Support ITS Initiatives to Operate According to ITIL Framework Adhere to established CRM case management guidelines. Continue to follow standardized change management practices. Use ServiceNow for change and project management. Perform effective long term planning for infrastructure to provide enhanced visibility for larger infrastructure refresh project needs. Track time by project/service to provide supporting information for chargeback and service evaluation. FSU Strategic Goals reference(s): Strategic Goals reference(s): FSU Strategic Goals (Click Here for More) Goal I: Deepening Our Distinctive Commitment to Continuous Innovation Goal II: Amplifying Excellence Across our Academic and Research Programs Goal III: Realizing the Full Potential of Diversity and Inclusion Goal IV: Ensuring Student Success on Campus and Beyond Goal V: Preparing our Graduates for 21st Century Careers Goal VI: Investing Strategically in Our Institution and Reputation 5