In March, computer hackers made off with personal information on nearly 180,000 students, employees and applicants from a San Diego State University financial aid office server.
The infamous worm blaster virus recently infected more than 6,000 Stanford University computers. Repair costs reportedly exceeded $800,000.
During the last few weeks, reported supercomputer infiltrations at 20 educational and research institutions disrupted the National Science Foundation- funded TeraGrid computer network used for genome sequencing.
Universities nationwide are facing the escalation of such attacks on their computer systems, according to Steven Fitzgerald, chief technology officer of Cal State Northridge's Information Technology Resources (ITR) unit.
The campus' growing list of security concerns includes copyright infringement such as the illegal file-sharing targeted by recent Recording Industry Association of America (RIAA) lawsuits, as well as privacy and confidential data exposure issues.
Northridge is defending its systems, Fitzgerald said, by taking aggressive steps "from a technical, educational and policy perspective." He believes, however, that the best defense involves the entire campus community working with ITR in a proactive strategy for self-protection.
University actions include:
- Erecting campus firewalls that keep non-CSUN computer users out of the university's network.
- Adoption of standards for all information technology (IT) devices connected to the campus network.
- The use of a "traffic shaper," a program that allows ITR to set priorities for the types of data crowding the campus technology highway. High priority data, Fitzgerald said, rates the "diamond lane," or high-speed width. Movie downloading, in contrast, can be routed to a "bumper to bumper" lane.
- An intrusion detection system to sound an early alarm on cyber attacks.
- Spam control and antivirus e-mail filtering systems.
- Standardized desktop management practices, handled by all campus IT personnel. Fitzgerald said discussions are underway to develop such standards with local IT units.
- Adoption of account password standards.
Continued IT security training for CSUN employees who have access to vital information is planned, as is the hiring of a full-time information security officer.
Campus users can:
- Make sure computer desktops have antivirus software and appropriate, up-to-date security patches.
- Refrain from sharing passwords with student assistants.
- Utilize password screensavers, make passwords difficult to guess and change them regularly.
"Above all," Fitzgerald urged, "ask questions."
To some, the word 'security' means restriction, he said, acknowledging a perceived threat to the campus culture of open inquiry and freely shared information. "Actually, we want only to restrict unauthorized individuals, such as hackers, from using our information 'highway system.' "
Campus information technology-related policies are posted at www.csun.edu/policy
@csun | April 19, 2004 issue
Public Relations | University Advancement
Home | CSUN A-Z | New Sites | People Finder | Calendar | News & Events
Students | Faculty/Staff | Parents/Prospective Students | Alumni | Business & Government | The Community