Click here to receive your FREE subscription to Campus Technology
Opinion
The (Campus) Empire Strikes Back
7/1/2008
Ease of use and manageability. Overall, universities need solutions that are easy to deploy and manage. Many solutions on the market today are tedious to install, or else they require dedicated, trained technicians to implement and manage them. Yet, as we all know, these resources are not always available within university IT budgets. Solutions that are simple and seamless to implement lessen IT overhead while securing the network. Increasingly, and for just this reason, security vendors are adopting the appliance form factor rather than software solutions. Other techniques include unified threat management (UTM) devices that provide all-in-one capabilities to simplify management and maintenance over time.
Raising network security awareness. Universities also must focus on building user awareness regarding network security, and they need to clearly define usage guidelines and best practices. There are many communication vehicles available to universities to get the message out: From mandatory security policy training for new students, to ongoing security forums and kiosks, e-mail blasts, website alerts, campus newsletters, eLetters, and more, universities must continually engage students in the importance of network security and user policies.
Don't Forget the Forensics. Automated forensics is a particularly important tool in the war against current strains of stealth malware. Using forensics, network managers can identify the activities conducted by malware once it enters the system.
REAL-WORLD IMPLEMENTATION: University of California-Berkeley
In late 2005, the Electrical Engineering and Computer Sciences (EECS) department within UC-Berkeley launched an initiative to investigate potential network access control (NAC) solutions to unify endpoint security, user and system authentication, and network security enforcement. We had been treating the wireless network as less secure than the local area network (LAN), and with the trend toward mobility plus increasing concern about stealth malware and botnet threats, we knew our approach had to change. We wanted to bring the two networks to equal footing and NAC seemed to be the best option.
The EECS computing infrastructure supports approximately 4,000 undergraduates, graduates, faculty, and staff, leveraging an effective wireless network in addition to the departmental LAN. While the EECS network is somewhat autonomous from the larger university, EECS does monitor and receive reports on wireless devices that appear on its wireless network yet are also part of the greater campus community. Containment of these devices, however, is not within our jurisdiction.
Recommended Reading
- Get Users on Board
- Greening IT
- It's a Zinch
- Meeting up Virtually
- Online Tutorials to the Rescue
Now's the time to use online tutorials to streamline professional development and help desk management.
- Retention Rx
