Prisma Cloud Security

Prisma Cloud Security is a free service for cloud account owners. Prisma integrates with AWS accounts to provide a clear view of assets. It can be used to compare current configurations to secure baselines or industry and government standards.

When a resource is non-compliant, Prisma will produce a highly actionable alert. The alert will indicate the problem, what compliance standards are affected (if any), and provide step-by-step instructions for fixing it. This allows owners and managers to easily maintain a secure posture for their accounts, even in the middle of deployment.

Prisma is now available for AWS account owners. Search for Prisma in the Answers KnowledgeBase to learn about requesting access and for additional information. 

Cybersecurity, Large Language Model (LLM) Code Review

When a Large Learning Model (LLM) code review is requested, the Cybersecurity team will typically start by discussing these questions with lead and senior software developers who contributed to the development of the LLM.

Using GitHub Actions with the Campus Firewall

This document provides the developer with resources to learn about what GitHub Actions and Runners are, how to set up the features, and how to use them effectively.

Storing Secrets on Amazon Web Services (AWS)

Correctly using AWS Secrets Manager helps fulfill an IT Professional’s responsibility to comply with Illinois Cybersecurity standards.

Device Wiping and Disposal

How to be security compliant for Electronic Data, Disk, SSD, or Other Storage Device Disposal.

Cybersecurity Mobile Integration

Mobile Integration Testing provides an automated means to check iterations of an application for flow-breaking changes.

CIS Benchmarks and Assessor

The Center for Internet Security has benchmarks for securing Linux, Windows, Cloud Providers, Mobile Devices, Networking Equipment, more. IT professionals create an account with your NetID.

Zeek

Tool that passively monitors the network at the border.

WorkSpace One

Facilitates management of endpoints including Windows and MacOS.

University Box Health Data Folder (BHDF)

University units can securely store Personal Health Data (PHI) and other types of data governed by HIPAA.

SSL Certificate Issuance

This service manages SSL certificate requests and processes them through the university Certificate Authority vendor, Sectigo.

Qualys

Vulnerability management tool used by the cybersecurity team and Qualys users to assess risk to systems and networks.

MECM

Facilitates management of endpoints including Windows and MacOS.

Munki

Facilitates management of endpoints including Windows and MacOS.

IP2Fire

IT Pro tool used to identify the firewall group of an IP or network.

Duo Mobile Application

Mobile Device Security

Mobile devices help us connect, work, shop, and play—and to enable that, they hold a lot of personal information. Get tips to better protect your device and yourself.

Data Classification Flowchart

If you’re not sure what kind of data you work with, check the flowchart. Data-Classification-Flowchart.pdf

Third Party Risk Management

As part of Third-Party Risk Management, GRC will review the privacy and security compliance posture of all contracts and purchases related to university data.

Our aim is to serve as a “concierge” service to help you navigate the myriad of compliance requirements that might apply to your project.

• If your project will result in a purchase that will store, collect, access, create, manage, process, or transmit university data, engage the GRC process at the beginning of the project to help avoid implementation delays.
• To begin, fill out the Initial Risk Assessment (http://go.illinois.edu/vendorrisk) to provide information about your project.

Vendor cooperation is by far the primary determining factor as to how long a review takes. You may be able to speed things up by taking an active role to ensure your vendor is responsive to the needs of the process.

Vulnerability Response

Quick identification of at-risk systems or services with responsible notification to the owners of those services.

Firewall

Monitors incoming and outgoing network traffic and decides whether to allow or block.

Several firewall plans are provided to serve a variety of needs. The group model allows departments to benefit from the protection of the firewalls that are already in place at the entrance and exit of the campus network, while also allowing Technology Services to maintain a manageable and flexible rule set on the campus firewalls

CrowdStrike

Designed to mitigate real-time cybersecurity threats and incidents, give visibility and security capability.

Best Practices with AWS Lambda

AWS Lambda can help development teams associated with the University of Illinois to more easily comply with Illinois Cybersecurity standards.

Example Development Standards

A starting point to guide discussion of Cybersecurity development practices, and to help draft a document internal to a team.

Logging Practices for Application Developers

Properly logging security events helps comply with Illinois Cybersecurity standards.

API Code Review Discussion Questions

Cybersecurity code review will typically start with Open Web Application Security Project (OWASP) API Security Top Ten inspired questions.

Cybersecurity Training

Cybersecurity training helps raise awareness and build good cyber-safety habits. Login using your university credentials to access assigned and optional cybersecurity training.

Privacy Threshold Assessment

Box High Risk Folders

Box High Risk Data Folder (BHRDF) is capable of securely storing approved types of High Risk Data.