Cyber Security
Learn about the different Security compenents and educate yourself on security practices within the Information Technology Division (ITD) provides services to the Commonwealth.
-
Announcements of current cyber security threats and how to deal with them.
-
A collection of recent news items relating to cyber security.
-
Security administration services encompass the issuance of the following: access ID's to agency personnel for ITD maintained applications and resources, SSL server certificates and RSA SecurID tokens. In addition, ITD is also responsible for the securing of Commonwealth firewalls to ensure that only authorized TCP/IP ports and protocols are allowed in and out of the different agencies and agency located DMZ's.
-
ITD's Security Education & Awareness page is a central repository for important cyber security updates, news and announcements, tips and how-to's.
-
Information Security Risk Assessment is an on-going process of discovering, correcting and preventing security problems. The risk assessment is an integral part of a risk management process designed to provide appropriate levels of security for information systems. The risk assessment will help an agency determine the acceptable level of risk and the resulting security requirements for each system. The agency must then devise, implement and monitor a set of security measures to address the level of identified risk.
-
Information on how to identify when an incident has occurred, the procedure for reporting such incidents and the proper forms to complete the reporting process, and how to implement recovery from an incident. Requests for services have a streamlined intake process to facilitate these requests.
-
Remote access for Commonwealth agencies is accomplished using the Virtual Private Network (VPN). VPN allows a remote user, external to the Massachusetts Access to Government Network (MAGNet), to securely access an agency's applications and resources within MAGNet. The VPN certificate, which is issued by Verizon, acts as an ID for the external user. The certificates are managed by Systems Security Unit in ITD.
-
ITD maintains the Commonwealth's Wide Area Network. Services provided in this area encompass: maintaining the DNS, ensuring that all TCP/IP address space used on the Commonwealth's Internal Network is properly routed on the network and if necessary on the Internet, managing agencies' network connectivity, analyzing and reporting on network elements performance to determine bandwidth utilization and establishing TCP/IP controlled access to mainframe applications.
-
Links to various Enterprise policies and standards that relate to cyber security.
