Topics Map > Operational Support Resources > 4.5 Educational Technology Support > 4.5.1 Cybersecurity Practices

ETS - Division of Extension - Cybersecurity Practices

As part of the University of Wisconsin System and a division within the University of Wisconsin – Madison, the Division of Extension aligns its cybersecurity practices with the policies of UW – System and UW – Madison. Extension attempts to leverage existing infrastructure, technical expertise, and licensed software in their practices wherever possible.

Asset Inventory & Vulnerability Tracking

DoIT Departmental Support

Computers that are managed through DoIT’s Departmental Support service are automatically included in campus inventory. They are also managed to ensure machines are current with software and security updates and patches. The following locations and staff are covered under DoIT Departmental Support:

The Pyle Center
Extension Building
Milwaukee County
Upham Woods (late 2020)
Area Extension Directors

County Based Staff

Asset inventory and security upgrades/patches for staff located in a county Extension office are the responsibility of the county IT department and are not accounted for by ETS or UW-Madison asset inventory efforts. It is also the responsibility of the county IT service to provide proper end-point management and security of county-owned devices.

Off-Campus Administrators

This group includes program managers who are working remotely. In these instances, ETS has configured the laptops with UW-Madison Cybersecurity software Qualys and Advanced Malware Protection (AMP) which allows them to be included in the campus asset inventory. UW-Madison Cybersecurity also monitors these computers for any vulnerabilities and suspicious activity. Any incidents are reported to ETS. ETS then works with the program manager to update or resolve the incident.

Incident Tracking

ETS maintains a spreadsheet of Cybersecurity incidents to both track and record incident details. ETS also uses DoIT’s ticket tracking system to share, escalate and track incidents between Extension and DoIT.

Data Security

Data Storage

Extension follows UW-Madison and UW System policy for classifying and storing data. Please see UW-Madison - IT - Data Classification Policy for data classifications used below.

ETS makes the following recommendations for the use of UW-Madison cloud storage:

Google Drive: Public, internal
Microsoft One Drive: Public, internal, sensitive
Box: Public, internal, sensitive, restricted

Video Conferencing

ETS makes the following recommendations for the use of internet-based video conferencing:

Zoom: Public, internal
WebEx: Public, sensitive, restricted
Microsoft Teams: Internal, sensitive

Authentication and Access

Wherever possible, Extension will leverage UW-Madison's infrastructure to provide secure authentication and access to online applications that are provided at the divisional level by ETS. This currently includes:

Applications

Applications currently provided at the divisional level by ETS that leverage UW-Madison infrastructure include:

WordPress
Knack.com (Planning and Recording portal, Staff Directory etc.)

Keywords	Cybersecurity Practices DoIT ETS Asset Inventory Vulnerability Tracking Data Security Authentication Access Suggest keywords	Doc ID	106393
Owner	Tony R.	Group	Extension Handbook
Created	2020-10-06 08:19:47	Updated	2024-02-01 09:22:38
Sites	Extension Handbook
Feedback	0 0 Comment Suggest a new document