From coit-security at lists.onenet.net Thu Aug 17 14:29:09 2017 From: coit-security at lists.onenet.net (CoIT Security) Date: Thu, 17 Aug 2017 19:29:09 +0000 Subject: [CoIT-Security] CoIT Cyber Risk Message-ID: Cyber Risk Committee, I would like to host a conference call to update you on some information from COIT and also begin discussing the possibility of building a state wide Higher Ed Training and Awareness program for our campuses. I'd like to know what people are already doing and/or what you plan to do. Nothing? In-house developed? Off the Shelf package? Mandatory or not? Etc. (Feel free to send me an email with this information ahead of time). Here is a doodle poll to find a time that works for a call. I think we may only run 30-45 minutes, but blocked time for an hour. Once we pick a time, I will send it out to the full COIT group for anyone else that wants to participate. https://doodle.com/poll/c529cefisveitb6k Thank you, Anna Vakulick Associate Vice President OU Information Technology 405.325.8586 | http://www.ou.edu/ouit | avakulick at ou.edu -------------- next part -------------- An HTML attachment was scrubbed... URL: From coit-security at lists.onenet.net Mon Aug 21 10:08:21 2017 From: coit-security at lists.onenet.net (CoIT Security) Date: Mon, 21 Aug 2017 15:08:21 +0000 Subject: [CoIT-Security] PCI Compliant POS Terminals Message-ID: Good Morning Cyber-Security Colleagues, Has anyone implemented network based Credit Card terminals on campus? We are receiving increased requests for network based terminals, so we are researching what options are compatible with our state and merchant bank PCI requirements. Does anyone has experience with this? If so, I'd appreciate hearing about your experience and/or thoughts about heading this direction. Thanks, Dan Dan Moore, MBA Executive Director of Information Technology/CIO Southeastern Oklahoma State University 425 W. University Boulevard Durant, OK 74701-0609 580.745.2006 Fax: 580.745.2007 www.SE.edu -------------- next part -------------- An HTML attachment was scrubbed... URL: From coit-security at lists.onenet.net Mon Aug 21 11:17:44 2017 From: coit-security at lists.onenet.net (CoIT Security) Date: Mon, 21 Aug 2017 16:17:44 +0000 Subject: [CoIT-Security] PCI Compliant POS Terminals In-Reply-To: References: Message-ID: Dan, The last terminal we got from the state about six months or so ago supports both an Ethernet connection and/or an analog phone line. We specifically asked about IP-capable terminals and the model we were given that is approved by the state is the First Data FD130. We have, at this time, decided to remain on the analog phone line. I don't think it would take much to convert over to an Ethernet connection, I just haven't had the opportunity to create a new virtual router, VLAN, and firewall interface for it so that it's separated from the rest of our network traffic. If ordered through the Treasurer's Office, it should come preconfigured with all of the merchant information. They are also chip enabled. [https://www.redlandscc.edu/RCC.png] Curtis R. Brabham, Jr. Chief Technology Officer Campus & Information Security Redlands Community College https://www.redlandscc.edu/ Curtis.Brabham at redlandscc.edu Office: 405.422.1449 Fax: 405.422.1449 1300 South Country Club Road El Reno, OK 73036-5304 From: CoIT-Security [mailto:coit-security-bounces at lists.onenet.net] On Behalf Of CoIT Security Sent: Monday, August 21, 2017 10:08 AM To: coit-security at lists.onenet.net Subject: [CoIT-Security] PCI Compliant POS Terminals Good Morning Cyber-Security Colleagues, Has anyone implemented network based Credit Card terminals on campus? We are receiving increased requests for network based terminals, so we are researching what options are compatible with our state and merchant bank PCI requirements. Does anyone has experience with this? If so, I'd appreciate hearing about your experience and/or thoughts about heading this direction. Thanks, Dan Dan Moore, MBA Executive Director of Information Technology/CIO Southeastern Oklahoma State University 425 W. University Boulevard Durant, OK 74701-0609 580.745.2006 Fax: 580.745.2007 www.SE.edu Redlands Community College provides a learner-centered environment committed to academic excellence strengthened through service and civic engagement. **CONFIDENTIALITY** - This e-mail (including any attachments) may contain confidential, proprietary, and/or privileged information and is intended only for the individual(s) addressed in the message. If you are not the named addressee, you should not disseminate, distribute, or copy this e-mail. If you are not the intended recipient, please notify the sender immediately by return e-mail, and delete this message and any attachments from your system. Any unauthorized disclosure or use of this information is prohibited. Information contained herein may be subject to the Privacy Act of 1974, Family Educational Rights and Privacy Act of 1974 (FERPA), and/or the Health Insurance Portability and Accountability Act of 1996 (HIPAA). -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 1632 bytes Desc: image001.png URL: From coit-security at lists.onenet.net Mon Aug 21 11:59:20 2017 From: coit-security at lists.onenet.net (CoIT Security) Date: Mon, 21 Aug 2017 16:59:20 +0000 Subject: [CoIT-Security] PCI Compliant POS Terminals In-Reply-To: References: Message-ID: Good to see that model comes with "Easy support of both IP and dial-up with Secure Sockets Layer (SSL) encryption" From: CoIT-Security [mailto:coit-security-bounces at lists.onenet.net] On Behalf Of CoIT Security Sent: Monday, August 21, 2017 11:18 AM To: 'coit-security at lists.onenet.net' Subject: Re: [CoIT-Security] PCI Compliant POS Terminals Dan, The last terminal we got from the state about six months or so ago supports both an Ethernet connection and/or an analog phone line. We specifically asked about IP-capable terminals and the model we were given that is approved by the state is the First Data FD130. We have, at this time, decided to remain on the analog phone line. I don't think it would take much to convert over to an Ethernet connection, I just haven't had the opportunity to create a new virtual router, VLAN, and firewall interface for it so that it's separated from the rest of our network traffic. If ordered through the Treasurer's Office, it should come preconfigured with all of the merchant information. They are also chip enabled. [https://www.redlandscc.edu/RCC.png] Curtis R. Brabham, Jr. Chief Technology Officer Campus & Information Security Redlands Community College https://www.redlandscc.edu/ Curtis.Brabham at redlandscc.edu Office: 405.422.1449 Fax: 405.422.1449 1300 South Country Club Road El Reno, OK 73036-5304 From: CoIT-Security [mailto:coit-security-bounces at lists.onenet.net] On Behalf Of CoIT Security Sent: Monday, August 21, 2017 10:08 AM To: coit-security at lists.onenet.net Subject: [CoIT-Security] PCI Compliant POS Terminals Good Morning Cyber-Security Colleagues, Has anyone implemented network based Credit Card terminals on campus? We are receiving increased requests for network based terminals, so we are researching what options are compatible with our state and merchant bank PCI requirements. Does anyone has experience with this? If so, I'd appreciate hearing about your experience and/or thoughts about heading this direction. Thanks, Dan Dan Moore, MBA Executive Director of Information Technology/CIO Southeastern Oklahoma State University 425 W. University Boulevard Durant, OK 74701-0609 580.745.2006 Fax: 580.745.2007 www.SE.edu Redlands Community College provides a learner-centered environment committed to academic excellence strengthened through service and civic engagement. **CONFIDENTIALITY** - This e-mail (including any attachments) may contain confidential, proprietary, and/or privileged information and is intended only for the individual(s) addressed in the message. If you are not the named addressee, you should not disseminate, distribute, or copy this e-mail. If you are not the intended recipient, please notify the sender immediately by return e-mail, and delete this message and any attachments from your system. Any unauthorized disclosure or use of this information is prohibited. Information contained herein may be subject to the Privacy Act of 1974, Family Educational Rights and Privacy Act of 1974 (FERPA), and/or the Health Insurance Portability and Accountability Act of 1996 (HIPAA). -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 1632 bytes Desc: image001.png URL: From coit-security at lists.onenet.net Wed Aug 23 10:37:26 2017 From: coit-security at lists.onenet.net (CoIT Security) Date: Wed, 23 Aug 2017 15:37:26 +0000 Subject: [CoIT-Security] CoIT Security Conference Call Message-ID: This will be a conference call. Feel free to forward to a team member if you would like them to attend. We have two agenda items: 1. Update from CoIT on Security activities 2. Discuss possibility of building/sharing a training and awareness program for state Higher Ed Anna Vakulick Associate Vice President OU Information Technology 405.325.8586 | http://www.ou.edu/ouit | avakulick at ou.edu -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/calendar Size: 2421 bytes Desc: not available URL: