Arkansas State University’s layered approach to end-user security acts like “the best center and two power forwards on the block.” Or so says tech ninja Nacho Vega in the premiere episode of IT Roadshow.
All athletic comparisons aside, ASU’s three-layer security system, as described by CISO Timothy Cureton in the video, proves that teamwork among your tech tools — and users — is the key to a safe and open network.
“You can walk in and plug in. There’s nothing preventing you from accessing our network,” says Cureton. “We just want to make sure we are running as securely as possible, but trying to make make it as transparent for the end user as possible.”
Using this tool, Cureton says ASU’s IT staff is able to monitor networks in real-time by going through millions of logs and filtering down to the actionable threats. “Being able to go directly in and filter for threats, for URLs, and see those continually blocked has been really insightful,” says Cureton in the video.
Even if something slips through the close monitoring of ASU’s network, Cureton says end users and the university’s network are kept safe by Carbon Black Protection.
This next security layer automatically blocks users from downloading applications that may be malicious or unapproved, and if something bad does make it onto a device, it’s stopped in its tracks.
Colleges collect a lot of information on students and staff — from birthdays to bank account details — and using Sophos Safeguard, ASU has ensured this information is protected.
Cureton says the tool works flexibly by encrypting personally identifiable information and allowing users to share files safely. Using Sophos, Cureton says users can facilitate safe collaboration by sending sensitive files and research as encrypted documents that are available for a limited time.
Other universities have created layered security approaches to boost protection, like Providence College in Rhode Island.
Donald Schattle II, the college’s information security officer, tells EdTech that while technology like Palo Alto firewalls and FireEye’s Network Threat Prevention Platform certainly boost security, schools should still bolster compliance programs and training.
“You’ve got to have communication and good working relationships and understand that potential gaps and vulnerability are always a moving target,” says Schattle in the article.