An article recently published by EdTech highlights some major security changes on Arkansas State campus. Heather B. Hays, the writer of the EdTech article, tells about the increase in network visibility. Arkansas State university has always been one of academic freedom and even as digital connectivity evolves, that will remain constant. A-State runs over 65,000 public IP addresses on its network, doesn't filter end-user access to the internet, and gives almost anyone administrative privileges.
This accessibility is crucial to the university's educational and research mission, but also made it target for formal attacks. Recently A-State kicked the largely decentralized reactive security approach and started utilizing firewalls to block access to computers and other university assets. "But where access was more open, we had no idea what was traveling across the network or inside the university." said Timothy Cureton, IT Security Coordinator.
In 2012, 250 of A-State's employees and retirees found out that someone had used their personal information to file fraudulent tax returns. Although the team could never find the source of the problem, this struck the security as a sign that it was time for a change in the security strategy and policy.
After the mishap, A-State security team took steps to implement a comprehensive, end-to-end security solution with help of its senior leaders. To increase visibility into whats going on inside the network Timothy and his team installed Palo Alto next-generation firewall. This can detect and reduce network disturbance and malware. This firewall also gives real-time insight and control over who is traveling within the network.
Timothy Cureton states, "We are able to be much more dynamic in our ability to look at users and applications and determine who within an Active Directory group is allowed to use a certain port," he also said that IT can also manage access by user and application. They also began to use Carbon Black protection to block users from downloading unapproved applications or running embedded script.
The University plans to incorporate a tool such as PhisMe Human Phising Defense Solution, that sends fake phishing emails to users and transfers anyone who pushes the embedded link into a training module. Cureton says, "We are constantly working to make sure that we incorporate layers of security, all working together to help protect the university's data and assets."
He explains that Palo Alto firewall, one of the security solutions, and Carbon Black, another security solution "talk" to each other and share information about potential or up and coming threats. Doing this adds another layer of protection. Cureton says, "At the same time, this approach still allows us to have that openness that we've always had and want to continue to have."
The efforts and success of Timothy Cureton and his security team have ensured that Arkansas State University will continue to have the open and accessible type of network they have always had, but instilling a new piece of mind to it's users that all of their information will remain protected.