University Business - November/December 2010 - (Page 50)
friend or foe?
By Ann McClure
edieval castles were protected by moats, fortified walls, and small villages, yet enemies sometimes still snuck through using disguises. a similar multilayered approach is needed to protect the modern campus it infrastructure. only this time the enemy is malware and viruses and the disguises are links on Facebook, twitter, and other social media sites. The viruses, malware, and phishing are the same ones users encounter through e-mail or general internet surfing, but the presentation is new. “social media sites have become a concentrated location for the bad guys,” says Marc seybold, cio of SUNY College at Old Westbury (N.Y.). in the past, hackers had to lure people to their infected sites. Now millions of computer users are congregating on Facebook. “i wouldn’t say [social media has] increased the number or variety of attacks; it’s just concentrated them,” seybold says. twitter is also regularly hit, with Urls linking to malicious websites. and Youtube videos have been altered. “at the end of the video is a link to a malicious Url. You copy that and visit it, and bang—you have a problem,” says tom Kelchner, research center manager at GFi software. No one solution can protect networks from the various threats users might encounter. instead, experts advise combining solutions that provide visibility into and control over network traffic as the way to go. “There is no silver bullet,” says Kurt Bertone, vice president of strategic alliances at Fidelis security systems. “You need firewalls, intrusion prevention, antivirus. … They all solve part of the problem.” get onto a device over the phone network. implementing network access control (Nac) allows the it department to decide which parts of the campus network various devices can visit, limiting the damage that can be caused. “You are letting people on the porch so they are out of the rain, but they aren’t in the living room,” leclerc explains. with Nac solutions, colleges and universities are successfully segmenting the network and protecting the faculty research, while also allowing students to get online for the social aspect. institutions that are failing haven’t been able to provide that access and segmentation, he says. “schools are doing what they can, but it costs money and takes time.” “we’re embracing mobile devices,” says Jonathan domen, a Bryant it network analyst. “our students will be using these tools in the business world once they are off campus.” He
as anyone in the campus it department can probably tell you, “colleges are the epicenter of computer risks like california is for earthquakes,” says Kelchner. Not only are a variety of users from all backgrounds and skill levels accessing the network, but they’re doing it from a variety of devices. “we have around 17,000 devices on our network,” says arthur Gloster iii, vice president of information services at Bryant University (r.i.). “That poses a threat through sheer numbers.” seybold, who calls mobile devices moving targets, adds, “everyone has the same problem about less trust in the end user device. The proliferation of devices opens up the possibility of attacks. in order to allow them, you have to relax your security standards.” currently, few antivirus software vendors are creating it for mobile devices, says rick leclerc, founder and director of channel engineering at Bradford Networks. More people using more devices equals more opportunities for a virus to
50 | November/December 2010
Public computers, such as at SUNY College at Old Westbury’s library, are a network access point that needs monitoring. Administrators can help students understand safe computing practices.
employs a multilayered approach, using Bradford to register the devices and confirm they’re known, and keeping them on a separate network. “we provide internet and access to some parts of the network, but we have stringent controls on them to mitigate the risk.” since mobile devices are moving targets, continuing to monitor data flowing over the network is an important part of Bryant’s security efforts, says richard siedzik, director of computer and telecommunications services. “even if you don’t allow social media on campus they will do it at home, the malware will get into the device, and then onto your network” if protections aren’t in place, notes steve shalita, vice president of marketing at Netscout systems. Nac also gives it the ability to scan a computer for upto-date virus protection before allowing it on the network,
Table of Contents for the Digital Edition of University Business - November/December 2010
University Business - November/December 2010
Behind the News
Models of Efficiency
An Edible Arrangement
Friend or Foe?
Sense of Place
University Business - November/December 2010