Click here to receive your FREE subscription to Campus Technology
Special Annual Awards
2008 Campus Technology Innovators: Network Security
8/1/2008
TECHNOLOGY AREA: NETWORK SECURITY
Innovator: Ohio Dominican University
After a security breach, and before a network revamp, smart university administrators and technologists forget what they've built to date-- on purpose.
A security breach certainly can make technologists reevaluate the way they organize a network, and that's exactly what happened last year at Ohio Dominican University. On the heels of one such breach, Data Network Manager and project lead Bob Zimmerman and technology gurus at ODU undertook a from-the-ground-up comprehensive review of the university's information security posture and openly discarded all preconceived or biased views of the institution's existing strategy. With each vendor partner, the technologists painstakingly analyzed failures and inefficiencies. They left no stone unturned. The result: a brand-new approach to information security.
According to CIO Mike Young, the goal of the exercise was simple: to achieve a holistic, "preeminent" information security program that would lock down school data in a multi-layered approach that empowered the true requirements to drive the selection of tools.
"We were able to turn a very negative situation into a positive, collaborative experience," says Young, who notes that the transformation took roughly 11 months. "We seized the opportunity to formulate a brand-new approach to security that would not limit our options based on previous investments and expenditures."
The process of revolutionizing security at ODU hinged on the variety of vendor partners that came in to evaluate different aspects of the network. With representatives from consultancy P3 Strategic, ODU technologists spent the first few months of the process reflecting on the event that had occurred, and analyzing the forensics of the security breach. During this process, Zimmerman and his colleagues were conscious to not focus on blame; instead, they sought to understand present and future threats.
Next, the IT staffers worked with Jacadis consultants to develop short- and long-term security strategies including remediation, security awareness training, network monitoring tools, and quarterly penetration tests. ODU also worked with Acunetix, which detects and patches web vulnerabilities. Finally, ODU contracted consultants from TriGeo for on-demand event management, and turned to Qualys and Bradford Networks, to automate vulnerability management and cleanse user PCs as they are logged on to the campus network. Software from Anixis provided password policy enforcement.
Recommended Reading
- 2008 Campus Technology Innovators: Enhanced Learning/ Assessment
- 2008 Campus Technology Innovators: High-Performance Computing
- 2008 Campus Technology Innovators: Interactive, Remote Learning
- 2008 Campus Technology Innovators: Mobile Learning
- 2008 Campus Technology Innovators: Social Networking for Admissions
- 2008 Campus Technology Innovators: Student Advising Technology
