Topics Map > Employee Handbook > IT Resources > Cybersecurity Practices
ETS - Division of Extension - Cybersecurity Practices
As part of the University of Wisconsin System and a division within the University of Wisconsin – Madison, the Division of Extension aligns its cybersecurity practices with the policies of UW – System and UW – Madison. Extension attempts to leverage existing infrastructure, technical expertise, and licensed software in their practices wherever possible.
Asset Inventory & Vulnerability Tracking
DoIT Departmental Support
Computers that are managed through DoIT’s Departmental Support service are automatically included in campus inventory. They are also managed to ensure machines are current with software and security updates and patches. The following locations and staff are covered under DoIT Departmental Support:
- The Pyle Center
- Extension Building
- Milwaukee County
- Upham Woods (late 2020)
- Area Extension Directors
County Based Staff
Asset inventory and security upgrades/patches for staff located in a county Extension office are the responsibility of the county IT department and are not accounted for by ETS or UW-Madison asset inventory efforts. It is also the responsibility of the county IT service to provide proper end-point management and security of county-owned devices.
This group includes program managers who are working remotely. In these instances, ETS has configured the laptops with UW-Madison Cybersecurity software Qualys and Advanced Malware Protection (AMP) which allows them to be included in the campus asset inventory. UW-Madison Cybersecurity also monitors these computers for any vulnerabilities and suspicious activity. Any incidents are reported to ETS. ETS then works with the program manager to update or resolve the incident.
ETS maintains a spreadsheet of Cybersecurity incidents to both track and record incident details. ETS also uses DoIT’s ticket tracking system to share, escalate and track incidents between Extension and DoIT.
Extension follows UW-Madison and UW System policy for classifying and storing data. Please see UW-Madison - IT - Data Classification Policy for data classifications used below.
ETS makes the following recommendations for the use of UW-Madison cloud storage:
Authentication and Access
Wherever possible, Extension will leverage UW-Madison's infrastructure to provide secure authentication and access to online applications that are provided at the divisional level by ETS. This currently includes:
Applications currently provided at the divisional level by ETS that leverage UW-Madison infrastructure include:
- Knack.com (Planning and Recording portal, Staff Directory etc.)