Vulnerability Management Service SC
Service | Vulnerability Management Service | ||||||||||||||||||||
Service Manager | Ben Hartung, Manager of Residential Technology and Security Systems | ||||||||||||||||||||
Department | Information Security Office | ||||||||||||||||||||
Contact | McGinnies Hall Rm 154 ResNet Office, (716) 673-3668, ResNet at Fredonia | ||||||||||||||||||||
Service Owner | AVP/CIO - Stephen Rieks | ||||||||||||||||||||
Description | The Vulnerability Management Service, utilizing Nexpose’, is a service that scans and assesses network connected devices to determine vulnerabilities and remediation plans to mitigate risks. It provides a unified security and compliance assessment for the campus physical, virtual, mobile, and cloud environments which improves the performance of the campus security program by giving a complete risk and compliance posture. The service is a component of the State University of New York Security Operations Center. The service includes the following:
| ||||||||||||||||||||
Service Users |
| ||||||||||||||||||||
User Services |
| ||||||||||||||||||||
Business Services | The services are only provided to the current list of service users due to security protocol and staffing limitation. | ||||||||||||||||||||
Technical Services | The services listed include all of the primary technical services. | ||||||||||||||||||||
Requirements | The requirements for using this service included the following:
| ||||||||||||||||||||
Rates / Cost of Use | The cost of the service is split between university division based on the field device utilization percentage (e.g. residential vs. academic). There are licensing costs for servers and system users. The service cost is currently covered under SUNY SOC PIA. | ||||||||||||||||||||
Getting Started | Tracker Customer Portal - ITS Incident Management System | ||||||||||||||||||||
Availability | Hours: Monday - Friday 8:30am - 5:00pm Summer: Monday - Friday 8:00 am - 4:00 pm Emergencies - 24/7 based on the availability of support staff | ||||||||||||||||||||
Getting Help | By email: ResNet at Fredonia By phone: (716) 673-3668 In person: 154 McGinnies (Near the loading dock rear entrance) All requests for assistance are completed using Tracker Customer Portal. | ||||||||||||||||||||
SLA Notes |
| ||||||||||||||||||||
Business Procedures | Systems FredShare | ||||||||||||||||||||
Change Procedures | Changes to the service (transition, additions, and discontinuations) must be reviewed by TAC and approved by the Service Manager (CIO) and Cabinet. Changes to the configurations, software, hardware or business procedures are reviewed monthly by the campus Security Systems Team. | ||||||||||||||||||||
Assigned Primary Support | |||||||||||||||||||||
Assigned Secondary Support | |||||||||||||||||||||
RACI Chart | Name: Vulnerability Management Service Description: see above
| ||||||||||||||||||||
Date Last Modified |