Information Security Audit Recommendations Campus Efforts on Compliance (Presentation) – Javier Torner stated that the team wants to send the final report to Michael Zachary by September 11th in order to meet the CSU Auditor’s deadline of September 18th. He referred to the presentation to discuss the closed/completed audit findings: Web Application Development, Incident Reporting and User Access Privileges. Javier also discussed an assessment procedure for resolving the findings for Information Security Oversight and Inventory of Protected Data. It includes a memorandum to the campus MPPs, and assessment certification of sensitive data and an assessment tool for sensitive data. These documents were distributed to the group. Javier’s team wants to send the tool out on August 19th if the Executive Committee approves.
He also asked for feedback on the language of the memorandum. Tatiana Karmanova asked for clarification on the language. Sam stated that the TAG group already has a copy of this document. Larry Rose suggested changing the language from the implied “all” to “to the best of my knowledge.” He also asked for clarification on the type of risks accepted in this memorandum. Group consensus was that the language needed to be clearer on what people are agreeing to.
Cesar Caballero asked whether there was a procedure in place to encrypt sensitive data related to their clients. Sam emphasized that the concern lies in having sensitive date in separate databases. He also added that the upcoming roll out of Identity Finder will address the issue of having sensitive data stored on computers.
Javier continued stating that there is also a plan in place to address the finding related to Information Security Governance. He added that for the Desktop Software Management finding, awareness is key and that it will help protect intellectual property. A vulnerability management program, expected to be completed in December 2015, will address the corresponding finding. Lastly, a procedure for log reviews has been incorporated in the Incident Management Standard currently under review by the ISET subcommittee for approval on September 16, 2015 at 9:00 am.
The group discussed Identity Finder and Sam stated that this tool was released to us in December and implementation is in progress. This tool will scan for social security numbers on your computer and can be used by campus departments to control areas of risk. ISET will run periodic scans and will notify users. The tool shreds documents containing the information and can also scan emails.
Identity Management System Account Creation Status- Sam has been sending emails out for users to reclaim their accounts. The 90-day deadline has been pushed back. The group requested a list of users who have not reclaimed their accounts in order to encourage them to do so. Additionally, asked Sam will share a sample email to send out. The ITS team will look at the calendar in order to establish a new deadline that will not impact the campus.
ITS Strategic Planning: Sam stated that ITS is kicking off their Strategic Planning on September 1st. They are currently conducting an environmental scan and are hoping to have a finished product by December 31st.
The ITS Division has embarked upon its strategic planning process and will redefine its vision and mission, and will develop core values, objectives and strategies. The strategic plan will be closely aligned with the University strategic plan and will be developed over a period of three months. We will gather feedback from various campus constituents to determine what objectives and strategies should drive IT Services over the next five years. We look forward to working with you on this process.
New CSUSB Identity Management System (IDMS)
CSUSB has rolled out a new Campus Wide Identity Management System(IDMS) to improve security, password management and mobile device compatibility. All students, faculty and staff with a CoyoteID, are required to reestablish (reclaim) their account with updated login credentials within the new campus IDMS.
Please login to the MyCoyote Portal and use the link inside the Portal that says Click here to activate your new account to walk through the wizard and reestablish your account.
It is important to note that ITS will not be sending emails with links to reclaim your account. More information and reminders will follow to make this process as seamless as possible. We appreciate your patience during this transition.
We appreciate all of you who have already reclaimed their account in the new IDMS in the past few months. If you are not sure if you have already reclaimed your account, please follow the steps below:
- Go to myaccount.csusb.edu
- Click on the Manage Your Account link
- If you have already reclaimed your account you will be presented with three options – Change my password, change/update security questions and change/update my alternate contact information
Joe Estes is an Analyst/Programmer in the Administrative Computing & Business Intelligence (ACBI) department of ITS. The ACBI department develops, provides support for, and manages various campus enterprise software applications on a variety of hardware platforms. ACBI provides support for all CSUSB Administrative Systems.
Joe received his bachelor’s degree in Organizational Leadership at Biola University in La Mirada, California. He has been working at CSUSB for 6 years now and he likes the direction ITS is moving with the various systems upgrades. ITS’s core focus is centered on the student’s success providing whatever support is needed.
Joe is currently working on the implementation of the Concur Travel System which went live to the entire campus September 2015 . Previously, Joe helped with developing the EtranscriptCa/DARS/PeopleSoft interface, which transfers electronic transcripts from the California Community Colleges and loads them into the DARS and PeopleSoft systems. In addition, Joe supports the Student Finance module and Financial System.
Personally, Joe spends all his spare time entertaining his three granddaughters and in December, he will be welcoming another granddaughter as well as a grandson to the family. That will keep him busy for a while but in a year or two, Joe and his wife are looking forward to taking a Hawaiian cruise. If Joe could only choose one food, BBQ tops the list for him. In addition, he enjoys watching Wyatt Earp with Kevin Costner or any of the Clint Eastwood westerns.
To Joe, CSUSB is a great place to work and he stated that his fellow ITS coworkers are the best. From the time a student applies to CSUSB to the day they graduate, ITS plays a major role and Joe enjoys being a part of it.
You must activate your account first. If you have not yet activated on the new system, you will receive an error message that says your credentials cannot be determined to be authentic, or that your account is locked.
Instructions for activating your account can be found here:
Activating Your Account on the new IDMS
To reset password:
- Go to the Self-Service Page
- Click on the Change Your Password Link
- Enter Coyote ID and Password
- Press Submit
- Enter in a new Password
- Note, your password must conform to the following:
- Be at least 8 characters
- Be no more than 32 characters
- Contain at least one digit (number)
- Contain at least one letter
- Contain at least one uppercase letter
- Contain at least one special character: !#$%&()+-/
- Also note, your account retains a history of your previously used passwords. You may not re-use your used passwords.
- Press Submit