Campus computer networks are better protected than they were five years ago, college and university IT administrators said in a newly released survey, but they warned that the viruses student computers can bring to a network still linger as a threat to expensive servers, other hardware, and software.
The Association for Information Communications Technology Professionals in Higher Education (ACUTA) surveyed computer officials in higher education at the organization’s annual conference in Atlanta this month. The survey found that eight out of 10 IT officials believe their campus infrastructure is safer than it was in 2004, with 6 percent saying they feel less secure.
Still, nearly half of respondents said their campus’s cyber security has been compromised in the last year alone, exposing at least some student information (though 70 percent of these incidents were characterized as minor). About 80 computer administrators completed the survey, an ACUTA spokeswoman said.
Campus IT departments have invested in programs that detect harmful viruses and botnets–groups of compromised computers that can cause damage to university hardware–but only 18 percent of ACUTA survey respondents said their schools use enhanced logins, which require faculty and students to identify icons or type letters from a graphic before they are given access to the campus network.
Some schools have bought thumb-print scanners for student identification, adding another layer to the login process.
Matt Arthur, ACUTA’s president-elect and director of incident response at Washington University in St. Louis, said higher education has been criticized this decade for often using students’ Social Security numbers for identification purposes, making a key piece of personal information vulnerable to malicious hackers.
“I definitely think that it’s taken universities a while” to transition from using students’ personal information to other methods of identification, such as passwords and thumb scanning, Arthur said. “To move away from that took a really large effort. It’s a long, slow process … and now we have decent identification measurements in place.”
Arthur said Washington University’s cyber security is monitored by employees who check the school’s intrusion detection system for any signs of network interference. The university has focused on sniffing out botnets before they do serious damage to IT equipment. Arthur said botnets often lie dormant for days or weeks before the hacker who planted the virus does damage, but new software allows the campus’s security team to find the botnets before they are activated.
“We do proactive work to watch for those [botnets] that call out for their hosts,” he said, adding that university computers infected with a botnet are usually rebuilt before they are usable again.
Arthur said his IT department uses Snort, an open-source intrusion detection program gaining traction among universities and businesses looking for more reliable data protection. Snort has more than 225,000 users worldwide, according to its web site. Snort users can share what they have found to be the most effective ways to detect incoming viruses and botnets, because the product is open source and available to anyone who can download it on the Snort web site.
Intrusion detection software, Arthur said, “has evolved to the point where it’s almost a necessity.”
He also said the installation of programs that force student laptops to register themselves with campus networks has marked a major step in monitoring who is using the network throughout the day.
At Washington University, if a student’s computer does not meet minimal security requirements–and therefore is a risk for transferring a virus into the school’s network–the computer is barred from network connection until the problems are solved, Arthur said.
“We want to make sure their computer, when it comes on to our network, is virus free,” said Arthur, who added that student hackers were not a primary concern on his school’s campus.