Charter and Mission

The Web Security Team is a matrix organization within ITS whose charter is to define, develop, and deploy the web security measures and best practices required to minimize the threat of malicious attempts to breach or compromise the integrity of UWG information that is provided through our web presence. This scope includes web sites, web applications, and the databases that support those components.

Approach

In order to accomplish our mission we have formed two groups: the Web Security Advisory Group and the Web Security Working Group. The advisory group establishes goals, objectives, and priorities for the working group and oversees the work being done. The working group consists of individuals from Web Development, Networking, and Systems Administration who have considerable knowledge in the security field. The advisory group will meet once each semester to monitor progress and adjust the roadmap based on progress and status.

Objectives

• Develop, document, and deploy a comprehensive set of strategies, tactics, policies, and procedures for improving and maintaining web security.
• Implement OWASP standards and other best practices to ensure there is a solid foundation on which to build.
• Monitor and report on current trends, including the most recent risks as they arise.
• Identify and implement robust tool sets to monitor and stay in-front of active threats.