IRT Tech Tip Tuesdays: Here’s an update on information security
From Information Resources and Technologies
It seems that computer security related news stories are hitting the headlines more and more frequently of late. The most common stories have been about stolen laptops with confidential information on them, or major security breaches that compromise thousands of credit card numbers. These security threats affect not just corporate America and government agencies, but universities as well. The apparent trend in security related news stories match a report we recently received from security consultants about the most common security breaches in higher education over the last two years. See the graph below for a breakdown of the most common security breaches.
Higher Education Security Breaches 2005-2006
Source: Privacy Rights Clearinghouse, “A Chronology of Data Breaches.”
To help protect IRT systems and university data against these threats, IRT would like to announce that we are making a concerted effort to increase community awareness about information security topics as well as increasing our efforts to continually improve our systems and processes.
As part of this effort, IRT has created a team from within the division that will be devoted to information security, comprised of the following staff members:
- Chris Gregg, Director of Information Security
- Erik Nelson, Manager of Network Systems
- Tony DelVecchio, Manager of Network Security
While the team just formed over the winter, they are already diving into a number of projects designed to improve and consolidate IRT security practices and systems.
- In April, the team completed a successful security audit with an outside vendor. The audit did not reveal any critical vulnerabilities in the university’s key systems, but it did generate a list of action items for the team to work on in the near future.
- Currently, the team is working on a project to enhance the Clean Access network authentication tool in use on the wireless network and the residence networks. The enhancements to Clean Access should improve security in these networks, and help maximize their effectiveness for our faculty, staff, and students who use them.
- In June, the team will help implement a new system monitoring tool that will allow IRT staff to be better informed about how systems are performing and alert them if a system has a problem.
- The team is also developing an IRT security plan that will be a part of the more global IRT plan that is being developed by the University Technology Advisory Committee (UTAC), and announced last September in Bulletin Today.
Over the coming weeks and months you can expect to hear more from IRT about ways that you can help keep confidential university information private and secure. Keeping our systems and data secure will take a combination of policies, effective technology systems, and awareness by our community members about safe computing practices.
For more information on network and information security topics, please visit the IRT security Web site: http://www.stthomas.edu/irt/support/security/default.html.