An important aspect of this office’s duties is to keep LSU network as secure as possible. IT Security and Policy office proactively scans the entire LSU network using Verizon Business Vulnerability management solution using nCircle. The scan probes each computer for vulnerability. Each vulnerability found increases a machine’s vulnerability score. Some vulnerabilities are more severe than others, and those vulnerabilities have a higher incremental value. High vulnerability scores are of particular concern.

A list of machines with a high vulnerability score (specifically a score of 50,000 and above) has been compiled and respective departments will be notified to pay special attention to these machines. Departments will have a grace period of 7 business days from the report date in order to apply appropriate patches and measures to reduce the vulnerability level of the machine. Please note that if a machine still has a high (*critical) vulnerability score, the machine's network port will be disabled after 7 business days. The report provided to each department will also contain a list of hosts with medium and low vulnerability scores. The department will have 31 calendar days to attend to these hosts and try to reduce the vulnerability level.

 If you have any questions regarding these scans, please contact us at lsu-itsecurity@lsu.edu.