Infinite Menus, Copyright 2006, OpenCube Inc. All Rights Reserved.
KUWEB
Documentation
Repository
Security

This chapter produces the security mechanism guidelines that should followed by KU web sites administrators.
The security of information systems in Kuwait University is a basic precondition for its stability and unthreatened growth. KU network protection has become a hot topic as a result of increasing attacks by hackers and the ever more complex, so-called combined threats to KU network. The dynamic development of technologies, globally interconnected systems and comprehensive communication through the Internet represent a high risk of information leaks and misuse of vulnerable points.
The security of information systems focuses in particular on the protection of information, prevention and detection of non-authorized activities of computer users as well as focuses on the protection of users' privacy.

New web server security procedure:
  1. Visit KU Security site http://security.kuniv.edu
  2. Click on the link “Security Form”
  3. Fill in the form with contact info, server IP, server operating system, and requested ports then submit the form.
  4. Form details will be received via email to KUCIS IT Security Section.
  5. Web server administrator will be instructed to install the updated antivirus software and connect the server to WSUS (Windows Server Update Services) to get the latest critical updates.
  6. Vulnerability (security holes) scan will be conducted on web server.
  7. Vulnerability report will be forwarded to web server administrator to fix the present vulnerabilities and close unnecessary ports.
  8. Once fixed, scan is done on server to check for vulnerabilities.
  9. Incase of zero vulnerability, requested ports will be opened.
Procedure for maintaining security on existing web server:
  1. Vulnerability scan is conducted on KU web servers periodically.
  2. Vulnerability reports will be forwarded to web server administrator to fix problems present and close unnecessary ports.
  3. Contact person will report back to KUCIS security section to rescan the web server to reach the zero vulnerability point.
  4. Incase of vulnerabilities still present, KUCIS Security section will take action to close open ports until vulnerabilities are completely fixed.

Please refer to this link http://security.kuniv.edu/policy/Default.htm to check the following:

    • Kuwait University Computer and Network Security Policy
    • Policy on Acceptable Use of Electronic Resources (Usage Policy).

KU PORTAL| SITE MAP | CONTACTS DIRECTORYHOME
Copyright © 2007, Kuwait University