ITS News 2011

Network Security

Marcus Walton

Overview

IT's Network Services Team (NST) oversees the SMU community's efforts to protect its computing and information assets and to comply with information-related laws, regulations, and policies.

Priorities

The NST's approach to security is more proactive than reactive, although we naturally give priority response to incidents that have institution-level impact or that require university-wide coordination.

Our current focus is securing systems that affect a majority of the university, including central administrative systems and the campus data network.  The NST gives special priority to systems containing data classified as Prohibited or Restricted.

IT security is up to all of us.  By learning and following good security practices, each individual helps protect the entire university community. By working together, we ensure the security of our personal information, accounts, and computers, as well as campus systems and resources.

Computer Security Risk and Mitigation

Hackers scan computers that are internet accessible one million times/day in an effort to decrypt weak passwords so they can get in. As a higher education institution, Samuel Merritt University's network is accessible to almost anyone, including hackers. If your computer is not properly secured or has weak passwords, hackers can:

Delete, change, and/or steal your data.

Install spyware to monitor your key presses, emails, instant messaging (IM), or anything else (sometimes even your microphone and camera).

Use your computer as part of a 'botnet' to recruit other hacked computers and perform mischief like sending spam or attacking other computers (making you look like the attacker).  Steal enough information to impersonate you for fun or profit (i.e. identity theft).

3 Front Line Defenses include:

  • Strong passwords
  • Proper security configuration(s) on your computer
  • All Security updates for your computer (patches)

5 Keys to Protecting your Information:

  • Take stock.  Know what personal information you have in your files and on your computers.
  • Scale down.  Keep only what you need.
  • Lock it.  Protect the information in your care.
  • Pitch it.  Properly dispose of what you no longer need.
  • Plan ahead.  Create a plan to respond to security incidents.