Question FIDP-04
Have you implemented an Intrusion Detection System (network-based)?
| Weight | 25 |
| High Risk | Yes |
| Required | Yes |
| Compliant Answer | Yes |
Standard Guidance
EDUCAUSE provides no guidance here
Answering "NO"
Describe your plan to implement a Intrusion Detection System in your environment.
Answering "YES"
Describe the currently implemented IDS.
Reason for Question
It is important to have detective capabilities in an information system to protect institutional data. Because this is somewhat expected in information systems, vendors without IDSs implemented should raise concerns. Compensating controls need future evaluation, if provided by the vendor.
Follow-Up Inquiries
A security program with limited resources for event detection is not effective. Inquiries should include training for staff, reasoning behind not using IDS technologies, and how systems are monitored. Additional questions about a SIEM and other tool may be appropriate.
HECVAT Pro Advice
[Add expert insights and best practices]
Implementation Tips
[Add practical steps for SME SaaS vendors]
FAQ
[Add common questions related to this HECVAT item]
Resources
[Add links to relevant articles or tools]