Summary
This article contains information regarding Tenable Nessus agent hosts, including an outline of data elements collected by Tenable Nessus agents, and serves as a privacy policy and justification for deployment. This article is for users and administrators of servers or endpoints that store, process, or transmit sensitive or restricted information.
Content
USNH systems regularly store, process, or transmit sensitive information. This information is necessary for the institution to identify and enroll students, keep track of their health records, accept payment for services, and conduct research for both private and public entities. It is the responsibility of all USNH employees to act as stewards for the information entrusted to them. The USNH Networking and Cybersecurity department provides cybersecurity services for all USNH institutions with the goal to protect the data, systems, and services that USNH provides.
In computing, a software vulnerability is a weakness that can be exploited by a malicious party to gain access to data, systems, or privileges to which that malicious party is not entitled. This unlawful access to computing systems or data can lead to severe consequences for USNH. The consequences can be monetary, in the form of fines from regulating bodies. USNH might also face additional legal and monetary risk from litigation from damaged parties. Consequences can also be reputational, where the reputation of USNH as a responsible steward of research data, personally identifiable information (PII), health care information, or other sensitive information is damaged.
Given the amount and nature of the data stored, processed, or transmitted at USNH, it is necessary for USNH to maintain a vulnerability management program. This program is designed to limit the risk of software vulnerabilities by detecting and reporting on them so that appropriate mitigation can occur.
Tenable Nessus Implementation Details
Tenable Nessus provides a necessary software vulnerability detection and reporting capability for USNH Networking and Cybersecurity. The agent is designed to collect information about installed applications and their versions, key operating system details, including the patches that have been installed, as well as critical forensic information to be used in investigating compromises or breaches.
Tenable Nessus is not designed nor configured to collect or inspect any of the following:
- The full contents of any file on the system, on mounted drives, or on accessible network shares
- The web browsing history or search history for any user on the system
- The contents of email messages, chat messages, text messages, or any other correspondence between the user of the system and any other user, whether local or through the Internet
- The contents of proprietary or custom application source code
- Screen captures
- Keystrokes
- Usage or activity information beyond what is outlined below.
Tenable Nessus agents are configured to collect the following information:
- Basic system information
- Host name
- Operating system version
- Manufacturer and model
- Ethernet and wireless card manufacturer
- Last boot time
- Mounted devices
- Time zone
- File system information (no file contents, paths and/or file names only)
- Downloads folder file names
- Frequently opened executable files and links
- Recently accessed file names for certain applications that store this information in the system registry, e.g.:
- 7-Zip
- Adobe
- Microsoft Office
- Microsoft Paint
- Recycle Bin file names
- Installed applications and the associated version number
- Installed operating system patches
- Local user accounts
- Local Administrators group membership
- Network information
- Address Resolution Protocol (ARP) table
- Domain Name System (DNS) cache
- Contents of the Windows Hosts file
- Open TCP and UDP ports and the names of processes with these ports open
- Service information
- Server Message Block (SMB) shares
- Filenames stored on SMB shares containing possibly copyrighted material
Further readings
Policies on IT resources
USNH Privacy Policy
Cybersecurity Policies & Standards - Search for the "Endpoint Management Standard"
USNH Information Classification Policy
Need additional help?
Visit the Technology Help Desk Support page to locate your local campus contact information or to submit an online technology support request. For password issues you must call or visit the Help Desk in person.