Tightening IT security on campus
With the number of data breaches and cases of identity theft on college campuses on the rise, the need to build more robust IT security is paramount.
At Arkansas State University, the threat of identity theft is just as real as it is anywhere else, prompting IT staff to meet the challenge head on. Arkansas State maintains a 24/7, open Wi-Fi network that serves anywhere from 1,000 to 45,000 devices connected to a network, wirelessly or otherwise, at any one time.
In an interview with the Arkansas State Herald, Henry Torres, chief information officer of Information and Technology Services at Arkansas State, explains that creating Internet access on campus consists of two components: network and hardware. As a public institution, the university’s network is open, which can add subtle challenges to network security that a closed network doesn’t deal with.
Open networks are an ideal target for fraudsters, but the nature of a university setting requires an open network structure. Herein lies the challenge of building more robust IT security.
Then there’s the hardware component that consists of computers that operate within the network. Protecting the information that travels in and out of the network requires IT staff to install firewalls to track and block attacks.
For instance, ASU’s IT staff stops a transmission automatically if the system catches anything resembling a Social Security number. This transmission is then quarantined and the sender receives a message stating the reason and asking for further verification.
Students using the university network should always be cautious when providing sensitive identity information or credit card and Social Security numbers. As with a number of other universities, ASU previously used Social Security numbers for identification purposes, but now students, faculty and staff are issued a university ID number.
Social Security numbers lie at the heart of identity theft, so shifting identification to student ID numbers is vital. At ASU, Torres insists that the numbers aren’t used for anything in our systems anymore. University-issued ID numbers adds an extra layer of security for student’s information.
Another common form of fraud is phishing emails, an attack that ASU has dealt with in the past. Designed to look like an ordinary email, phishing emails entice a person to click a link or provide personal identity information in order to steal it.
To avoid confusion on this front, the university’s IT staff send regular email notifications to inform students what to look for and to be aware of what official university emails look like.
One of the more significant challenges for a university’s IT staff is a common occurrence across all university’s, expansion.
At ASU, there are plans to add a hotel and restaurant management school with a functioning hotel on campus, as well as talks of adding a medical school in Mexico. Expansions of that magnitude present additional IT security challenges, prompting ASU’s IT staff to update its firewalls.
IT security continues to evolve, and as with everything else on a college campus, is a learning experience. But as students make the jump from standard desktop computers and laptops to tablets and smartphones for network access, and fraudsters develop new tactics to game the system, the need for more robust IT security becomes vital.