Re: SECURITY Digest - 12 Apr 2021 to 14 Apr 2021 (#2021-84)

[Jesse F Moore <moorej1 () UW EDU>]

I would love to hear others story's or use cases for supporting Windows Remote workforce (Staff/Faculty) with 3rd party 
software updates.

Options?

  1.  Every Patch weekend have users get on VPN, so they access our network at maintained windows to get update from 
SCCM/MECM.
  2.  Staff/faculty could get on VPN one-time to access network to get Ninite exe from a GPO/Share and it installs and 
autoupdates from then on out with a base set of applications for Staff/Faculty. (https://ninite.com/)
  3.  ??? <Insert your experience, dreams, accomplishments here>


Looking forward to hearing success and war stories,

Jesse Moore (he/him/his<https://www.mypronouns.org/>)
Office of the CISO | Sr. Cybersecurity Advisor
moorej1 () uw edu | cellphone: 425-628-9070
University of Washington Bothell
--------------------------------------------------------
https://ciso.uw.edu/
https://www.washington.edu/admin/rules/policies/
NOTE:If this record is not needed for any retention policies/laws please delete. This email (send/responded) is a 
Public Record. The university's public records are available for public inspection, except as otherwise provided by 
law. RCW 42.56.070(8)<https://apps.leg.wa.gov/rcw/default.aspx?cite=42.56.070>


________________________________
From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of SECURITY 
automatic digest system <LISTSERV () LISTSERV EDUCAUSE EDU>
Sent: Wednesday, April 14, 2021 2:00 PM
To: SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: SECURITY Digest - 12 Apr 2021 to 14 Apr 2021 (#2021-84)

There are 2 messages totalling 629 lines in this issue.

Topics of the day:

  1. Student Privacy at the U.S. Department of Education
  2. Trusted CI Engagement Applications Period Is Open for Early 2021

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

----------------------------------------------------------------------

Date:    Wed, 14 Apr 2021 12:14:37 +0000
From:    Brian Kelly <bkelly () EDUCAUSE EDU>
Subject: Student Privacy at the U.S. Department of Education

Sharing on behalf of the Student Privacy Policy Office of the U.S. Department of Education and the Privacy Technical 
Assistance Center (PTAC). Please consider joining their listserv linked below.


************************************************************************



The Student Privacy Policy Office (SPPO) of the U.S. Department of Education is committed to protecting student 
privacy. We administer and enforce student privacy laws such as the Family Educational Rights and Privacy Act (FERPA) 
and the Protection of Pupil Rights Amendment (PPRA). The Privacy Technical Assistance Center (PTAC), a component of 
SPPO, provides technical assistance and on-site training to help schools, school districts and state education agencies 
safeguard information about students. To keep up to date on the latest in the ever-changing landscape of student 
privacy, please join our Student Privacy 
listserv<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpublic.govdelivery.com%2Faccounts%2FUSED%2Fsubscriber%2Fnew%3Ftopic_id%3DUSED_195&data=04%7C01%7C%7Cfb2f0d220fcb414bc65708d8feaf5925%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C1%7C637539376385682471%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Z%2BPsDyI8uBGmRKzmEFS%2BfaKb3e7DMkgjyciO3rla0Po%3D&reserved=0>.



In the most recent update, we emphasized resources related to student privacy, virtual learning, and the COVID-19 
pandemic, including the September 2020 blog post by SPPO Director Kevin Herms on disclosing information about COVID-19 
cases. We also highlighted a new section of our Student Privacy 
website<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fstudentprivacy.ed.gov%2F&data=04%7C01%7C%7Cfb2f0d220fcb414bc65708d8feaf5925%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C1%7C637539376385682471%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Dtb1%2BDLUL%2BlBF8uYJlKUc%2F2ZUJXOyz3EiHoCB%2F8vGkc%3D&reserved=0>
 containing a curated selection of data security resources and shared summaries from a sampling of our recent 
engagements and presentations.

**********************************************


Brian Kelly, CISSP, CISM, CEH

Director, Cybersecurity Program

EDUCAUSE
Uncommon Thinking for the Common Good

Follow HEISC on 
LinkedIn<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fshowcase%2Fhigher-education-information-security-council-heisc-%2F&data=02%7C01%7C%7C7197d41189e4414981ae08d69dc9670a%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C636869885680898966&sdata=%2FYvU%2BLTYHbPmcyL1AoksiKTSdMeFQ93qASFmTp8Emmo%3D&reserved=0>
 | Twitter: @HEISCouncil | bkelly () educause edu<mailto:bkelly () educause edu>

direct: 720.406.6757 | mobile 475.449.6440 | educause.edu<http://www.educause.edu/>

1150 18th Street, NW, Suite 900 Washington, DC 20036


**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

------------------------------

Date:    Wed, 14 Apr 2021 15:32:10 +0000
From:    "Welch, Von" <vwelch () IU EDU>
Subject: Re: Trusted CI Engagement Applications Period Is Open for Early 2021

The deadline for Engagement Applications to Trusted CI, see below, has been extended to April 23rd. If you have a 
research or science project that is considering applying, I’m happy to discuss.

Thank you,

Von

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Welch, Von 
<vwelch () IU EDU>
Date: Friday, March 5, 2021 at 10:24 AM
To: SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [External] [SECURITY] FW: Trusted CI Engagement Applications Period Is Open for Early 2021
This message was sent from a non-IU address. Please exercise caution when clicking links or opening attachments from 
external sources.

All,

An opportunity for science projects to apply (deadline April 2nd) for assistance with their cybersecurity-related 
challenges from the NSF Cybersecurity Center of Excellence. Applications in collaboration with a local information 
security office are seen positively. Happy to field any questions.

A common FAQ: Non-NSF projects are welcome to apply, but stressing relevant of the challenge to NSF projects is 
encouraged. A NIH- or DoD-focused challenge will need justification.

Thanks for sharing as you see best,

Von

--
Von Welch
AVP for Information Security / informationsecurity.iu.edu
Director and PI, NSF Cybersecurity Center of Excellence / trustedci.org


From: Cimmer, Diana <dborecky () iu edu>
Date: Thursday, February 25, 2021 at 1:29 PM
To: announcements () trustedci org <announcements () trustedci org>
Subject: [ctsc-announce-l] Trusted CI Engagement Applications Period Is Open for Early 2021
Dear Colleagues,

The Trusted CI engagement application period is open for engagements taking place in the second half of 2021 (July-Dec 
2021). Applications are due April 2, 2021. (Slots are limited and in demand so this is a firm deadline!) To learn more 
about the process and criteria and to complete an application, visit our site at https://trustedci.org/application.

During Trusted CI’s first 5 years, we’ve conducted more than 35 one-on-one engagements with NSF-funded projects, Large 
Facilities, and major science service providers representing the full range of NSF science missions. (See 
https://trustedci.org/engagedcommunities/.) We support a variety of engagement types including:


1.       Assistance in developing, improving, or evaluating an information security program.

2.       Software assurance-focused efforts.

3.       Identity management; technology or architectural evaluation.

4.       Training for staff.

5.       And more.

As the NSF Cybersecurity Center of Excellence, Trusted CI’s mission is to provide the NSF community a coherent 
understanding of cybersecurity’s role in producing trustworthy science and the information and know-how required to 
achieve and maintain effective cybersecurity programs.



Diana Cimmer


**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

------------------------------

End of SECURITY Digest - 12 Apr 2021 to 14 Apr 2021 (#2021-84)
**************************************************************

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community