Click here to receive your FREE subscription to Campus Technology
Features
Data Privacy >> What We Can Learn From the Suits
2/3/2006
Savvy college and university administrators are engaging government and business experts to ensure data security and privacy on campus. Maybe they’re on to something.
When it comes to designing secure networks and ensuring privacy, colleges and universities can learn a lot from Uncle Sam and corporate America. After all, schools face many of the same privacy and information security challenges seen in the business and government sectors, notes Chrisan Herrod, chief security officer of the US Securities and Exchange Commission (www.sec.gov). The fact of the matter is, in the age of cyber crime and identity theft, hackers don’t discriminate among academia, the government, and corporate America. Generally speaking, colleges and universities, small businesses, and financial services firms are most frequently targeted by hackers, according to Symantec Corp.’s (www.symantec.com) Security Threat Report, which is published twice annually.
Still, academia’s open, collaborative nature provides the perfect breeding ground for hackers to test nefarious code. Small businesses, on the other hand, are easily targeted because they typically lack dedicated IT teams. And financial services firms are popular targets for hackers who are hoping to profit from their attacks, notes Symantec.
“You can’t generalize about vertical markets, though,” notes Darwin John, former CIO of the Federal Bureau of Investigation, and now a strategic advisor for Blackwell Consulting Services (www.bcsinc.com) in Chicago. “These days, everyone is a potential target for computer-related crime and identity theft.”
John points to several security trends that cut across universities, business, and government. For instance:
- No. 1 concern. Senior execs across a range of industries see security as their top concern in implementing converged IP networks, according to a joint study released in November by AT&T Inc. ( www.att.com).
- Viruses proliferate. One in every 44 e-mails received by people worldwide contained a computer virus in 2005, according to an annual security report by UK-based antivirus firm Sophos PLC (www.sophos.com).
- Spyware abounds. Roughly 80 percent of enterprise computers are infected with some kind of adware or spyware, according to Webroot Software Inc. (www.webroot.com).
- Keylogging is ‘hot.’ There are now more than 6,000 keylogging applications circulating on the Internet, up 65 percent from 2005, according to VeriSign Inc. (www.verisign.com). Keylogging software is spyware that records users’ keystrokes and sends that confidential information—including user names and passwords for financial systems—to eagerly awaiting hackers.
- Windows increasingly vulnerable? During the first half of 2005, Symantec documented more than 10,866 new Windows viruses and worms, up 48 percent compared to the second half of 2004. Each variant represents a new, distinct threat against which administrators must protect their systems and for which antivirus vendors must create a new antivirus definition.
- Gone phishing. One out of every 125 e-mail messages is now a phishing attempt, according to Symantec.
With these concerns in mind, businesses now spend roughly 5.9 percent of their IT budgets on security, according to Gartner Inc. (www.gartner.com), the Stamford, CT-based technology research firm. Yet, that figure is conservative since it only covers security-specific products (such as firewalls and antivirus software), and ignores time and effort that programmers take to design inherently secure applications from the get-go. Commercial code typically has anywhere from one to seven bugs per 1,000 lines of code, according to the National CyberSecurity Partnership’s (NCSP; www.cyberpartnership.org) Working Group on the Software Lifecycle. Despite the best efforts of the software industry, the number of vulnerabilities found in commercial applications and operating systems continues to rise. During the first half of 2005, Symantec documented 1,862 new vulnerabilities in third-party commercial software, up 46 percent from the corresponding period in 2004.
“Patching your systems before hackers exploit the vulnerabilities is a never-ending battle,” says Jill Cherveny-Keough, director of Academic Computing at New York Institute of Technology.
Recommended Reading
- Fixed-Mobile Convergence: Dartmouth Beefs Up Cell Coverage, Cuts Costs
Problems with cell phone coverage aren't uncommon on college campuses. There are two main reasons: The beefy structure of historic buildings can block cellular reception within walls, and, on more remote campuses outside cities, signal coverage can be light.
- Thompson Rivers U Deploys Unified Digital Campus for ERP
Thompson Rivers University (TRU) in British Columbia has selected SunGard Higher Education's Banner Unified Digital Campus (UDC) to integrate its ERP systems.
- DV Kitchen Web Video Publishing System Released
DVcreators.net has released DV Kitchen, a new video encoding and publishing application for Mac OS X designed specifically for creating materials to be posted on the Web.
- NEC Debuts 4 Education Projectors
NEC this week debuted four new projectors targeted toward education applications, along with a new MultiSync LCD display. The new NP-series projectors are entry-level models started at $899 but are designed to provide high light output, support for closed captioning, and built-in networking capabilities.
- Security Researchers Uncover Spring Framework Vulnerability
Software frameworks are enjoying enormous popularity these days among a range of developers. It's popularity well earned; frameworks provide powerful tools for building more flexible and less error-prone applications. They generally enhance developer productivity with out-of-the-box functionality. And they can free developers to focus on features instead of common coding tasks.
- 3PAR Server Arrays Integrate Fat-to-Thin Processing
Utility storage provider 3PAR has announced the release of the 3PAR InServ T400 and T800 Storage Servers. The new hardware is built on the company's third-generation InSpire architecture, featuring the 3PAR Gen3 ASIC with integrated fat-to-thin processing.
