Oct 31 2006

Safe on Campus

Colleges must take a proactive approach to keep student PCs secure, regardless of the type of computer distribution program they implement.

With a multitude of student PCs to supervise, colleges must be proactive to keep their campus networks safe and secure.

Alan Joch

Equip an army of students with PCs and, in addition to opening up new information age educational opportunities, colleges often find themselves unleashing a raft of administrative challenges for the IT staff.

Some colleges embrace this balancing act directly by handing out computers to incoming freshmen or organizing sales programs that link students with computer vendors. Other institutions take a more laissez-faire approach, leaving the buying — and even the choice of whether or not to equip a student with a computer — entirely up to students and their families.

Each strategy offers pros and cons, but neither avoids intractable technological and cultural problems that range from security threats against campus networks to computers being used for illegal ends. As a result, more schools are organizing formal programs — some with the help of local police departments — that make learning to use technology successfully and responsibly a standard part of the higher-ed curriculum.

In addition to helping students, the right PC management program can be a boon to schools. Instead of leaving campus technicians buffeted by problems, careful upfront planning proactively reduces security threats, limits theft and helps keep PCs from becoming tools for circumventing laws. Schools that opt for direct control over PC distribution say they can limit the number of computer models on campus and make subsequent service and support problems easier to solve.

Others take a different tack. “Culturally, we never felt the need to issue a mandate,” says Karl Hassler, associate director of network and systems services at the University of Delaware, Newark. Although the range of computers on campus can be boundless, schools avoid the resource drain of preparing and distributing thousands of

computers to new students each year.

The University of Delaware has a partnership with a handful of PC vendors to offer students discounts on new computers and peripherals, and about half of the incoming students take advantage of the system. The school doesn’t require students to have their own computers, but about “99 percent of the students have at least one computer,” whether a notebook or a desktop PC, says Carol Anderer, manager of IT user services.

“In higher ed, the burden of buying computers has shifted from the institutions to the students,” says David Daoud, research manager for IDC, a research firm in Framingham, Mass. “That frees some valuable resources that schools can invest in mission-critical applications, namely expanding storage, servers and broadband capabilities.”

A Sense of Security

Regardless of the type of PC distribution program an institution implements, security is always a major concern. At the University of Delaware, security for the school network and student PCs starts with a university Web site that spells out best practices, such as keeping operating systems up to date and making sure firewalls are enabled on each machine. The school also passes out free versions of antivirus software thanks to its site license with the vendor and recommends software to guard against adware intrusions.

Despite these measures, the school believes it’s ultimately each student’s job to assure security. “They are responsible for keeping their virus definitions current, so we don’t monitor individual configurations,” Hassler says.

Nevertheless, this is a case of “trust but verify.” The school uses a homegrown network monitoring system that includes scripts and open-source tools to analyze the flow of traffic and look for suspicious patterns that would indicate a connected PC is a conduit for malicious activity. “We police the network, so if you’re speeding, we’ll pull you over,” Hassler says.

Hassler’s team disconnects problem PCs from the network and reminds students about ways to keep their computers clean.

“Students are given an opportunity to remedy the problem themselves using online self-help documentation and tools,” Anderer explains. “When they think they’ve corrected the problem, we’ll let them back in. That’s their get-out-of-jail-free card. They get one of those. If the problem is not fixed, the student has to bring the system in and have it cleaned for $70 before it’s allowed onto the network again.” Subsequent charges are $100 for each system cleansing.

Of the tens of thousands of students, faculty and staff who use the network, the school deals with about 80 such problems per month, Hassler estimates.

Overhead Reductions

Like the University of Delaware, Drexel University, Philadelphia, doesn’t dictate what PCs students use, although the school has a long history of actively promoting technology. In 1983, it became one of the first U.S. schools to require and sell PCs to students, says Janice Biros, associate vice president for instructional technology support, who has been involved in tech support at Drexel since 1986.

Drexel has practical reasons for extracting itself from the PC sales pipeline. Overhead for managing a PC distribution program “was immense,” Biros notes, explaining that the school formerly operated a warehouse for PCs and related equipment, along with a repair center and a staff to run everything. “All those things were very costly,” she says.

Biros doesn’t track the dollar savings since Drexel discontinued the onsite program in the mid-1990s for a Web-based sales program, but she says a new dormitory now stands at the former warehouse site. And instead of running a repair service directly, the school contracts with a local company to perform the service on campus. “Students still can get repairs, conveniently from experts,” says Biros.

Today, Drexel focuses its efforts on distributing the software students need while on campus, including antivirus programs. Network security became so critical that Drexel hired two full-time IT security specialists dedicated to that task a couple of years ago.

When Drexel students plug into the campus network, they are prompted to register their user ID and computer information and complete a system and virus definition update. Then their machines are scanned for vulnerabilities.

“Before they even get on the network, they have to go through quarantining and filtering,” says Biros. “We also have extensive antivirus, antispam and security equipment set up to filter e-mail and clean it as it comes in and goes out.”

Wake Forest University, in Winston-Salem, N.C., believes its tightly managed PC distribution program, which doles out almost 2,700 notebook PCs a year to incoming students, aids its security efforts.

“A standard notebook PC program allows us to make sure that network security options are configured from the start and that the antivirus and Microsoft update processes are set up correctly,” says Jay Dominick, assistant vice president of information systems and CIO. “Even if students go away for break and plug into their home network, they will continue to get those downloads.”

When St. John’s University, in New York City, began distributing notebook PCs to its students three years ago, it took care to protect the machines from a different type of security threat — theft. Working with the New York City Police Department (NYPD), the school developed a special notebook identification program.

“There’s a sticker on the face of the notebook that says ‘NYPD Operation Laptop,’” says Ken Mahlmeister, director of IT user services. “There’s also an identification number that’s not visible to the naked eye, so if the computer turns up, the police can trace it.”

To prevent the computers from disappearing, the school produced a video on “the care and feeding” of notebooks that offers lessons such as don’t leave your machines unattended. For added effect, a uniformed NYPD officer talks to students after the video presentation about notebook theft.

In addition to teaching students about security, IT administrators also educate them on how to be responsible electronic citizens. Problems arise when digital music formats combined with peer-to-peer networking technology turn music file sharing into an illegal activity. “Our culture is to maintain an open network to support education and research, and any misuse of it through copyright infringements is dealt with seriously” with referrals to the school’s internal judicial system, says University of Delaware’s Hassler.

The school also runs educational projects designed to keep students from using electronic communications to threaten others or promote bias. “Before it gets to that point, students go through several programs aimed at educating them,” explains Anderer.

Using a “Code of the Web” Web site that provides guidelines regarding proper Internet use along with live presentations, the school teaches “timeless principles of human civility that transcend technology,” Hassler says.

Participation in these projects and the successful completion of an electronic multiple-choice “citizenship” quiz are prerequisites to gaining access to the school’s network.

“In all matters technical, people issues are the most important ones to address,” Hassler says.

Alan Joch is a New Hampshire-based technology writer.

Steps to Reduce PC Pain

Some ways to alleviate PC management headaches include:

• Educate new students about PC maintenance, security best practices and theft protection to reduce support and maintenance demands later.

• Invest in software that automatically scans PCs for the latest antivirus updates and security patches before the devices connect to the campus network.

• Work with local police departments to develop antitheft programs, especially where a large segment of students carry easy-to-heist notebook PCs.

• Don’t overlook cultural training. Good cybercitizenship requires knowledge of copyright laws and an understanding of when speech crosses the line from free to inflammatory.

• Recycle creatively. Universities that manage PC distribution programs as authorized dealers can effectively recycle used notebooks in their local communities. Wake Forest University sells two-year-old notebooks to the local public school system.

Tablet PCs Open Up New Opportunities

At the start of the spring semester, Miami Dade College, in south Florida, gave nursing and education students Tablet PCs. It was a first for the school, which until then had not distributed PCs to students. The project, for now a limited pilot involving about 100 students, may have a far-reaching impact, since the school believes the pen-based tablets could change the way students learn.

The Tablet PCs come loaded with electronic versions of key textbooks, eliminating the need for students to carry around heavy tomes, says Gabriel Yanni, associate vice provost of computer services. Students can use the stylus to annotate and mark the text and attach electronic flags to remind them of questions to ask in class. Using Wi-Fi access points, they also can access Web research materials from classrooms or other campus buildings, says CIO Karl Herleman.

The project is the brainchild of Kathie Sigler, former provost for operations, who retired last December. “We’ve been working for the last 10 years to get publishing companies to produce electronic textbooks,” she says.

“In a year, we are going to evaluate the pilot to see how students react,” Yanni adds.