- Governance and Compliance
- Policies and Standards
-
Products and Services
- Applications
- Communications
- Data Center
- Desktop
- Network
- Professional Services
-
Security
- Application Security and Mainframe Access
- Enterprise Vulnerability
- Hard Drive Encryption
- Hosted Firewall Solution
- Identity Access Management
- Intrusion Detection Prevention
- Security Certificate Management
- Security Incident Response and Forensics
- Security Information Event Management (SIEM)
- Threat Management
- VPN Access
- Business Continuity
- Standard Products
- Web
- Support
-
Products and Services
- Applications
- Communications
- Data Center
- Desktop
- Network
- Professional Services
-
Security
- Application Security and Mainframe Access
- Enterprise Vulnerability
- Hard Drive Encryption
- Hosted Firewall Solution
- Identity Access Management
- Intrusion Detection Prevention
- Security Certificate Management
- Security Incident Response and Forensics
- Security Information Event Management (SIEM)
- Threat Management
- VPN Access
- Business Continuity
- Standard Products
- Web
Security Incident Response and Forensics
Stop unwanted activity, limit damage and prevent recurrence.
Overview
Government is highly dependent on computers and networks for day-to-day operations. This dependency makes government entities susceptible and vulnerable to both damaging events and computer intrusion (incidents). The frequency and severity of these incidents can be reduced, but it is impossible to create a security program that prevents all incidents from occurring.
Security incident management and computer and data forensics seek to determine the cause, the scope and the impact of theses incidents. The goal is to stop unwanted activity, limit damage and prevent recurrence. Information security incidents include everything from a lost or stolen laptop to rampant computer virus infection to defacement of State websites to other events that could cause prolonged system outages.
These services also provide actionable plans to stop unwanted activity, reduce impact, and provide support in preventing recurrence.
The security incident management and forensic services overlap and intertwine, but can be performed separate from each other.
Features & Benefits
Features
- Management of security incident case assignments and the security investigation process.
- Mobilization/activation of emergency and general security incident response activities.
- Investigations of email, employee Internet access, network access, system access, etc.
- Reporting on all associated activity included in the scope of an investigation; centralized logging and management of security incident reporting.
- Management of third party forensics, where applicable.
Benefits
- Improved ability to identify and isolate incidents, thereby limiting damage to state systems and data.
- Fewer cross-agency infections.
- Reduced cost through the sharing of staff and expensive forensic investigation tools.
- Coordinated response to information security incidents, including assessment, triage, containment and preservation of evidence.
Getting Started
This is a utility service provided to the executive branch. For more information about using this service, contact your account manager.
If you are experiencing a security incident and need assistance, please login to the MN.IT Service Desk.
Contact your Account Manager Ordering information
© Copyright 2011 Office of Enterprise Technology - State of Minnesota