I.T. Pop Quiz Award
Robin Manke-Cassidy is recognized for her strategy to use Cisco Clean Access to dramatically reduce security incidents at Arizona State University.
In November 2005, we posed the following challenge to our readers as part of our IT Leadership Awards:
In November 2005, we posed the following challenge to our readers as part of our IT Leadership Awards:
The Challenge
Your school’s administration has seen the recent news stories on security breaches at higher education institutions, and they’re getting nervous about the number of notebook PCs — with confidential data stored on them — floating around campus. They want IT to step in and devise a solution to improve the physical security of faculty and administration notebook PCs on and off campus. They also want to provide a secure method of authentication for students, teachers and staff when they access the school’s network. Please send a 500-word description of your proposed solution, addressing technology, policy and people in your response.
The Ed Tech editorial staff awarded the IT Pop Quiz prize to Robin Manke-Cassidy, technology support analyst, coordinator, for Arizona State University’s University Technology Office. In that position, she designs, implements and supports Windows Active Directory, firewalls, Cisco Clean Access, network connectivity tools such as virtual private network and OpenAFS clients, and network security. Manke-Cassidy’s university will receive a $2,000 shopping spree at www.cdwg.com. Her entry follows:
The Problem
Computers in the university environment, many of them unregulated notebook PCs, were infecting the network of one of the largest academic and research universities in the country, Arizona State University (ASU), with viruses and worms. IT reported as many as 6,000 security incidents a year.
Technology
ASU implemented a network access control solution — Cisco Clean Access — to help enforce security policies on student notebook PCs and computers and to prevent viruses and worms from bringing down the school network.
The solution consists of a self-contained, appliance-based Network Admission Control (NAC) offering, which includes a server to enforce security policies, centralized management capabilities and an optional thin client that can be added to user devices for additional security and control. These integrated offerings help address four key security issues: authentication, vulnerability assessment, remediation and repair, and centralized management.
Policy
ASU initially deployed the solution in the residence halls to evaluate all devices that attempt to access the network for compliance to internal security policies through network and device scans before access is granted. The IT staff was then able to place noncompliant devices in a quarantine area where thousands of student and faculty users can undergo automated repair processes, instead of burdening the overloaded IT staff.
People
• ASU students, faculty and staff are now able to inspect their Windows operating systems through files, services, applications and the registry, performing their own security problem repairs.
• ASU IT can ensure that machines entering the network have all the current operating systems, antivirus software and automatic upgrades, and that the systems are continually monitored to maintain this security.
Results
• ASU security policies are successfully enforced on all student machines.
• ASU has been able to reduce security incidents by more than 75 percent.
“Implementing the Cisco Clean Access solution has been a win-win [situation] because students get to repair the security problems in their computers and ASU gets a much safer network,” says Manke-Cassidy.
About Robin Manke-Cassidy
What is your school best known for?
ASU is known for Sparky (our mascot), wonderful weather and a friendly environment.
What’s your background?
I have been with ASU for more than 15 years in a handful of positions. I have a BSE in mechanical engineering.
What do you read regularly?
Windows IT Pro, Network World, fark.com (tech section), Martha Stewart Living, Cooking Light, bbcnews.com, and a number of security and networking sites.
What book are you currently reading?
Security Warrior by Cyrus Peikari and Anton Chuvakin, and Crime and Punishment by Fyodor Dostoevsky.
Why did you get into IT?
I was unable to come up with tuition money during my sophomore year in college, so I decided to take a position with the university for the tuition waiver. I started at the bottom within the information technology organization and worked my way up. I earned my degree while learning a profession.
What do you see as the biggest information technology challenge in higher education right now?
Balancing remote access for faculty, staff and students, while securing university data, including student/HR data and research data.
What’s the biggest challenge you are currently addressing?
Providing the university affiliates with the most secure and freely accessible environment possible. This is definitely walking a thin line.
What technology project are you most proud of?
The implementation of Cisco Clean Access in the ASU residence halls. This implementation has reduced the number of security-related calls, freeing our time to work on other projects. We just finished the implementation in our wireless environment.
What does your school do that is unique from a tech perspective?
We have developed and are beginning the implementation of Enterprise Dynamic Network Authorization. It is a central, flexible, secure and dynamic authorization system for university affiliates.
What’s your next planned project?
The expansion of our Cisco Clean Access deployment to require all wireless users to use the agent to check for antivirus versions, patches, etc. The projected deployment date is June 1, 2006.
What makes your school a great place to work?
The open and challenging environment.
What do you plan to do over the summer?
Implement the latest changes and upgrades to our technology. I also hope to get away to Europe for a couple of weeks.