Technology alone cannot deal successfully with the onslaught of viruses, spyware, and malware plaguing IT managers at colleges and universities today. Though top-ranked antivirus packages routinely achieve 100 percent effectiveness ratings against virus test banks, that's not true for antispyware packages. Most can handle at least 60 percent of known or suspected spyware elements, but no package is 100 percent effective.
Because risks and exposures are inevitable, colleges and universities must take steps to avoid or mitigate them. But this is difficult when dealing with multiple constituencies or when infrastructure design makes traditional responses impractical.
For example, when rogue access attempts occur on a specific port on a hub or switch, the usual practice is to close that port to stymie further attempts. But Anthony Scaturro, IT security officer at Princeton University, points out that many products would block access to all students who share a single hubbed port in a multioccupant dorm room, instead of blocking only the offending computer. That's also true for wireless access points.
Here are some best practices to help colleges deal with malware challenges:
• Double up on antispyware protection. Employ two or more antispyware packages. Use one package as a real-time scanner or blocker, and use both to scan systems and files periodically – ideally, once a week. Few institutions implement double-coverage.
• Educate users to avoid trouble. Devote resources to end-user education, because the best security involves the people who depend on it. Prevention far outstrips cure as a response to any kind of malware.
• Spread the word through multiple channels. Because user awareness is key to delivering the best security, use as many channels as possible to reach constituents. Many institutions offer online security training and tutorials, host security awareness days, and cover security on their Web sites, in newsletters and in electronic mailings. Scaturro says Princeton includes printed brochures about security in registration and housing materials, and distributes fliers to dorm rooms, dining halls and other student hangouts.
• Provide or recommend palliative software. Offer users access to free software downloads or suggest commercial and freeware packages. Let students, faculty and staff use that software on their personal computers to protect any machine that might access institutional networks. Both Princeton and the University of Texas at Austin make antivirus, firewall and antispyware available at no cost. This helps users to help themselves stay more secure.
• Arm and protect users; harden institutional networks. Because it's easier to arm and protect users against malware than to fix problems caused by malware infections, it's prudent to harden institutional networks and do whatever is reasonable and affordable to protect network boundaries and Internet access – both coming and going.
This includes increasing use of e-mail appliances or gateways (which filter e-mail at the network perimeter), intrusion detection/prevention systems, and all kinds of creative security systems for institutions and their users.
When institutions can't offer users no-cost licenses for malware protection, such as University of Texas at Austin's free Bevo Ware security suite, special packages or low-cost licenses can be helpful. But the best weapons in the institutional arsenal against security threats come from coaching users to apply basic security fundamentals, then covering them from all possible angles with good defaults, automatic updates, and as much external screening and coverage as technology can deliver.
Ed Tittel has contributed to more than 130 computer books, including The PC Magazine Guide to Fighting Spyware, Viruses and Malware.