May 01, 2014
Awareness, partnerships essential to IT security
21st century technology allows us to do so much more in our personal and professional lives. Smart phones, laptops, tablets and “phablets” are amazing tools that help keep us better connected to each other and the world, and enhance our productivity.
We also know that same technology can leave us very vulnerable. Any time there is a major computer security breach – involving another university, a major retailer, or the recent “Heartbleed” bug -- I sit up and take notice.
So does Scott Bridges, our director of information security. In higher education today, technology is vital to teaching, learning and research. One of my priorities is to continue to expand our capabilities to meet the needs of students, faculty and staff; our overall campus bandwidth, for example, has increased by nine times over the last two years and will more than triple again by next fall.
That also means we have to enhance our security. While that has always been a key responsibility of our Information Technology office, we have placed more emphasis on it by establishing the team that Scott leads, which includes three full-time staff members, five student workers and two graduate assistants.
Scott knows our university well. He earned his degree here in 1984 – playing outfield with Coach Richard “Itchy” Jones’ baseball Salukis along the way -- in what used to be known as data processing. During his 23-year career with SIU, he has worked on the campus-wide information system, served as the university web master, and was the project lead for our student information system. In other words, he has been a part of information technology’s evolution.
“We all remember when computers were only plugged into the wall,” he said. “Not anymore. The more devices that come out, the greater the technology, the more we expand the network, the more opportunity there is for bad things to happen.”
I pay close attention, as does Scott, to security breaches at other universities. Earlier this year, hackers gained access to the personal records of 300,000 faculty, staff and students at the University of Maryland. That database had records going back to 1998. At Indiana University, a different kind of security breach potentially exposed the personal data of 146,000 current and former students at seven campuses.
“Those are the situations that keep us up at night,” Scott said. “Fortunately in higher education, universities are more than happy to share information about what they experienced. The individual at Indiana who analyzed that breach shared an in-depth paper so others would not fall prey. We want our students, faculty and staff to know that we are taking the necessary precautions.”
At the same time, I completely agree with Scott that each of us must guard against complacency.
“A big part of security is awareness,” he said. “We are planning to be more pro-active in the months ahead, offering training to faculty and staff because everyone needs to understand how critical it is to protect yourself.”
I appreciate Scott’s leadership, expertise, and vigilance, and that of his team. Scott is on target when he reminds us that our information security is more effective when we all are partners in the effort.