Topics Map > Employee Handbook > IT Resources > Cybersecurity Practices

ETS - Division of Extension - Cybersecurity Practices

As part of the University of Wisconsin System and a division within the University of Wisconsin – Madison, the Division of Extension aligns its cybersecurity practices with the policies of UW – System and UW – Madison. Extension attempts to leverage existing infrastructure, technical expertise, and licensed software in their practices wherever possible.

Asset Inventory & Vulnerability Tracking

DoIT Departmental Support

Computers that are managed through DoIT’s Departmental Support service are automatically included in campus inventory.  They are also managed to ensure machines are current with software and security updates and patches. The following locations and staff are covered under DoIT Departmental Support:

  • The Pyle Center
  • Extension Building
  • Milwaukee County
  • Upham Woods (late 2020)
  • Area Extension Directors

County Based Staff

Asset inventory and security upgrades/patches for staff located in a county Extension office are the responsibility of the county IT department and are not accounted for by ETS or UW-Madison asset inventory efforts. It is also the responsibility of the county IT service to provide proper end-point management and security of county-owned devices.

Off-Campus Administrators

This group includes program managers who are working remotely. In these instances, ETS has configured the laptops with UW-Madison Cybersecurity software Qualys and Advanced Malware Protection (AMP) which allows them to be included in the campus asset inventory. UW-Madison Cybersecurity also monitors these computers for any vulnerabilities and suspicious activity. Any incidents are reported to ETS. ETS then works with the program manager to update or resolve the incident.

Incident Tracking

ETS maintains a spreadsheet of Cybersecurity incidents to both track and record incident details. ETS also uses DoIT’s ticket tracking system to share, escalate and track incidents between Extension and DoIT.

Data Security

Data Storage

Extension follows UW-Madison and UW System policy for classifying and storing data. Please see UW-Madison - IT - Data Classification Policy for data classifications used below.

ETS makes the following recommendations for the use of UW-Madison cloud storage:

Video Conferencing

ETS makes the following recommendations for the use of internet-based video conferencing:

Authentication and Access

Wherever possible, Extension will leverage UW-Madison's infrastructure to provide secure authentication and access to online applications that are provided at the divisional level by ETS. This currently includes:

Applications

Applications currently provided at the divisional level by ETS that leverage UW-Madison infrastructure include:

  • WordPress
  • Knack.com (Planning and Recording portal, Staff Directory etc.)




Keywords:Cybersecurity Practices DoIT ETS Asset Inventory Vulnerability Tracking Data Security Authentication Access   Doc ID:106393
Owner:Nathaniel S.Group:Extension Employee Handbook
Created:2020-10-06 09:19 CDTUpdated:2020-10-06 11:39 CDT
Sites:Extension Employee Handbook
Feedback:  0   0