Click here to receive your FREE subscription to Campus Technology
on Campus
Article
8 Spots for Tightening Security
on Campus
1/21/2004
"There are good tools out there, but they're very expensive."
The problem peaked in September at the law school, when a widely spread virus was attacking Microsoft operating systems and unsuspecting students returned to campus with infected laptops. Now, the problem is down to three or four laptops a week, she says.
Requiring students to register their network cards in order to get access outside the campus on the university's network helps, she says - students can then be tracked down through a database and contacted if necessary through their network IDs.
6. Set and Enforce Testing Standards
As you continue to develop, integrate, and enforce working security policies for your organization, cooperation and communication among various groups on campus are key. Among other things, this becomes important in setting and enforcing testing standards for how new software is deployed. In examining how an SQL server was compromised, a case study from the University of Memphis highlights the importance of policies for making sure that testing is conducted in keeping with agreed-upon security policies. As the authors of the case study conclude in one of their findings after the security breach was closed, agreeing on what tests are required before deployment into the production environment is paramount:
"Equilibrium between experimentation and security standards must be established. It may not be appropriate to deploy an application into a production environment unless appropriate security testing has been performed… Service administrators must understand the importance of securing, and keeping secure, the production environments upon which services depend."
7. Review Data Retention Policies
With the enactment of the USA Patriot Act in 2001 ("Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001"), data retention has become a security hot spot.
Setting record-retention policies, never easy, has become even more difficult. According to Fred Beshears, senior strategist at Educational Technology Services at the University of California-Berkeley, FERPA, an older government mandate to protect student records, conflicts with the Patriot Act, which allows for governmental access to student records in some cases. In short, Beshears says, "You get into all these gnarly problems on [privacy]."
For an in-depth discussion of the conflicts of privacy and security on today's campus, and some insights into the issue, read the in-depth discussion by Kent Wada, information technology security and policy coordinator at the University of California-Los Angeles.
Among other things, Wada notes that in the face of the Patriot Act and other legislation, security concerns regarding e-mail become more difficult than ever and probably need to be reviewed and reassessed. "The balancing act is to keep relevant data only as long as it is legitimately needed, and no longer, lest it become a liability."
Recommended Reading
- Cedarville U Sets Up SonicWall Firewalls
Cedarville University in southwestern Ohio has implemented SonicWALL firewalls to provide high-speed gateway firewall protection for its 3,000 students.
- Data Breach Strikes U North Dakota Alumni Association
The alumni association for the University of North Dakota has gone public with a data breach that occurred when a laptop belonging to a software vendor was stolen from a vehicle. The computer contained the names of 84,000 university alumni, donors, and others, according to coverage by the Grand Forks Herald.
- Tips for Selecting a Campus CRM tool
As competition for students increases, colleges and universities are looking more and more to customer (or constituent) relationship management software for help in remaining competitive.
- Intercast Networks Goes into Beta with Kazam Video Service at Internet2 Universities
Intercast Networks has redesigned Kazam, its student Internet TV and video service based on the company's VideoXpress platform. Following a spring semester alpha trial at Columbia and Purdue University, the company redesigned Kazam's interface based on student feedback and added additional content that caters to a student audience.
- Michigan State Managing MRI Images from Africa with Acuo Tech DICOM Services Grid
Doctors at Michigan State University have begun using the Digital Imaging and Communications in Medicine (DICOM) Services Grid from Acuo Technologies to transport and manage magnetic resonance imaging (MRI) results from a hospital in Malawi, Africa in order to monitor the impact of malaria on children.
- IIT Delhi Delivers Services with Ingres Open Source
Administrators at the Indian Institute of Technology Delhi (IIT Delhi) have gone public with their installation of open source database management software from Ingres. IIT Delhi, one of seven leading institutes of technology in India, adopted Ingres Database to support administration functions such as grading, finance, human resources, procurement, and hospital administration.
