...
System Criticality | Data Classification | |||
|---|---|---|---|---|
Sensitive | Confidential | Internal | Public | |
Mission Critical | Level 3 High | Level 3 | Level 3 | Level 3 |
Core | Level 3 | Level 2 | Level 2 | Level 2 |
Business Critical | Level 3 | Level 2 | Level 2 | Level 1 |
Operational | Level 3 | Level 2 | Level 1 | Level 1 |
...
Governance: University-Owned Device Standard, Secure Server Standard, Log Retention Standard [draft]
Security Control | High | Moderate | Low |
|---|---|---|---|
Anti-virus installed and running Real-Time scanning |
|
|
|
Send logs to Security Event Management (SIEM) system (Splunk) |
| ☑ | ☑ |
Automate alerting on logging failures |
| ☑ | ⬜ |
...