Penn State University | Information Privacy and Security

home | announcements

Announcements (2) updated June 9, 2009

Operating in Least Privilege Mode. An essential initiative is underway at Penn State to help mitigate the risk of compromises and loss of PII by practicing the principal of least privilege for computers that are connected to the Internet. A report from BeyondTrust based on all vulnerabilities published in Microsoft’s 2008 Security Bulletins and Reports, indicates 92% of critical vulnerabilities can be mitigated by removing administrative privileges. ITS has developed a one page summary and full White Paper on "Operating in the Least Privilege Mode" to serve as a guide for this initiative.
PCI DSS Awareness Training (classroom-style). The session will go into detail about the PCI DSS requirements in which Penn State credit card merchants must comply. The training will benefit those working in a Card Holder Environment (CPE), including individuals who process, store or transmit Card Holder Data (CHD). This may also serve as a refresher course for those who are already familiar. As a requirement of the PCI DSS, those working in a CPE must annually complete a training program (clerks, system administrators, financial personnel, etc.). Both will be held in 120 University Support Bldg.

August 3, 2009 | 10:30 - Noon | Register

August 13, 2009 | 3:30 - 5:00 PM | Register

.....................................


HOME Announcements General Information Phase I Phase II Scanning FAQs Incident Reporting Educational Offerings Community Outreach Log In	home \| announcements Announcements (2) updated June 9, 2009 Operating in Least Privilege Mode. An essential initiative is underway at Penn State to help mitigate the risk of compromises and loss of PII by practicing the principal of least privilege for computers that are connected to the Internet. A report from BeyondTrust based on all vulnerabilities published in Microsoft’s 2008 Security Bulletins and Reports, indicates 92% of critical vulnerabilities can be mitigated by removing administrative privileges. ITS has developed a one page summary and full White Paper on "Operating in the Least Privilege Mode" to serve as a guide for this initiative. PCI DSS Awareness Training (classroom-style). The session will go into detail about the PCI DSS requirements in which Penn State credit card merchants must comply. The training will benefit those working in a Card Holder Environment (CPE), including individuals who process, store or transmit Card Holder Data (CHD). This may also serve as a refresher course for those who are already familiar. As a requirement of the PCI DSS, those working in a CPE must annually complete a training program (clerks, system administrators, financial personnel, etc.). Both will be held in 120 University Support Bldg. August 3, 2009 \| 10:30 - Noon \| Register August 13, 2009 \| 3:30 - 5:00 PM \| Register .....................................
Privacy and Legal Statements \| Copyright 2007 The Pennsylvania State University \| Contact Us