Security Hits the Books

Barton County Community College enforces good cyber defense on Kansas campus

MAJOR cyber security breaches at higher education institutions have garnered headlines over the last couple years. Obviously, IT security continues to be a major challenge for colleges and universities. A recent survey from technology provider CDW Government found that 69 percent of higher education IT directors/managers polled said that IT security is a top priority for their institutions' administrations. Yet, 66 percent of respondents note they are able to dedicate less than one quarter of their time to security, citing lack of funding (50 percent) and lack of resources (12 percent) as the top two barriers to improving IT security on campus.

As higher education institutions face increasingly sophisticated security threats with sometimes limited resources, they must continue to foster education and self-discovery in safe environments to shape tomorrow's leaders. These principles must extend from the traditional classroom environment to the growing frontier of technology-powered education to protect students from outside cyber security threats and to ensure they follow proper cyber citizenry guidelines.

Barton County Community College in central Kansas is strengthening its cyber security posture to protect its 1,200 PC networks from increasingly sophisticated online threats without limiting the impact of IT-driven learning.

To manage a higher volume of increasingly complex cyber threats, Barton has segmented its IT campus in order to efficiently quarantine the student dormitories or other areas should they become infected by viruses or malicious code -- effectively keeping the rest of the campus safe from cyber attack. While this complex security segmentation reduces the risk of widespread infection, it also creates an exponential increase in management requirements. To purchase and implement a project of such complexity, Barton needed a trusted advisor to provide its new cyber security solution.

Working with CDW-G, Barton implemented a new firewall and virtual private network (VPN) solution to enhance cyber defenses while also providing a dashboard view of all subnets to simplify security management.

Balacing IT Management and Security
For more than 35 years, Barton has been preparing students for success through a blend of classroom and practical hands-on education. A majority of Barton's more than 50 degree programs incorporate the use of technology to prepare students to take their place in today's workforce. Barton also offers technology-focused degrees, including computer information systems and computer science. The college's wired buildings and computer labs ensure that technology access is at the fingertips of its more than 5,000 students. Although the Internet fosters increased communication and research capabilities, Barton's seven-member IT staff also must maintain vigilance against online threats.

Keeping Up with IT Gatekeeper Demands
"The increasing severity of computer viruses and malicious code has transformed information security from a low IT priority to an operational necessity," said Amy Oelke, co-team leader, information services at BCCC. "The evolving cyber threats were outpacing our existing firewall technology and making it increasingly challenging to monitor and manage our IT environment efficiently."

College administrators believe they have an obligation to prevent cyber mischief by their students. As a member of KanREN, a statewide research and education network that connects leading academic institutions and other organizations, Barton must ensure that student actions do not impact other KanREN members or other businesses.

"As Barton's IT gatekeepers, we have the dual responsibility of preventing outside cyber threats from affecting our infrastructure while also ensuring that curious students don't mistakenly unleash viruses within our network or tap outside systems that are private," Oelke said. "We also need to identify and repel malicious code at the edge of our network to prevent any IT problems."

Barton's IT staff monitors information security logs for suspicious activities of all types. Additionally, Barton's 14 physical and 31 logical network segments -- called subnets -- enable the college IT staff to isolate network areas infected by malicious code. This strategy prevents viruses detected in the student dormitory subnet, for example, from spreading across the entire network. Barton's network subnet capabilities, however, require the IT team to dedicate a considerable amount of time to managing the school's security infrastructure. The IT team used Sun Microsystems' SunScreen technology, which required Barton to use vendor-specific software/hardware and did not provide the VPN flexibility required for easy remote access. Importantly, today's cyber security realities also allow the IT team to view firewall logs in real time with sophisticated querying to gain immediate insight into potential security breaches.

Mapping Security to College Requirements
Barton's IT team faced numerous options when researching new security technologies.

"We required insight from a partner that understands the unique security requirements of an academic network and would help finalize product specifications within our budget," Oelke said. "We could not afford to make the wrong investment."

Barton selected CDW-G and its engineering team as a sounding board for product selection and to recommend software licensing and technical agreements that address the college's requirements. CDW-G combined its knowledge of the needs of higher education customers and of comprehensive product line from proven vendors to support Barton's security requirements. CDW-G helped the Barton team prepare for its presentation to the college board of trustees, during which it secured approval for funding for the new security solution.

"Barton is a leader in IT security," said Julie Smith, director of higher education, CDW-G. "They understand what is required to deal with today's ever-evolving security threats in order to manage their networks and protect student and administrative data effectively."

Deploying a Powerful, Flexible Security Infrastructure
Upon receiving IT funding approval, the Barton IT team deployed an initial pilot phase of its new solutions from CheckPoint Software Technologies in the late summer of 2004.

"Deploying a security solution effectively requires a strong understanding of your network, routing and how security product settings may impact other systems or users' access to important information," Perkins said.

The new and existing security solutions ran in tandem to ensure a high level of security while the pilot program was expanded. The new CheckPoint solution went live in November 2004.

"Our experience with our new security solution has been extremely positive and CDW-G has been very responsive during the entire process," Perkins said.

The new security solution enables Barton to manage its physical and logical subnets from a single dashboard that simplifies and accelerates network traffic monitoring and management. Additionally, the new security solution is intuitive, enabling multiple Barton IT staff members to manage the college's security infrastructure concurrently. The college's previous security solution was specialized -- only one staff member was trained to manage the technology.

The new solution's enhanced VPN and log-in capabilities simplify remote network access. The new security solution also consumes less processing power than its predecessor and operates on multiple vendor operating systems and hardware platforms.

Increasing Security Vigilance
Barton has planned a phased approach to broaden its cyber security capabilities. The college is expanding its cyber security management to the application level by increasing its monitoring of security and network infrastructure logs to identify additional malicious activities such as port scans that hackers use to locate network security vulnerabilities. By monitoring malicious activity on the network, IT staff can determine the techniques used to compromise network resources. Using the built-in application intelligence in the CheckPoint software, Barton can identify and block activity at the firewall in real time. The ability to look into each data packet to determine its validity provides another layer of protection and gives BCCC's IT team fine-grained control over all server requests.

BCCC also plans to systematically expand its multilayered hardware/software firewall strategy by further segmenting IT resources based on institutional goals to protect student data.

"Cyber security is a dynamic process that requires us to protect the college continually against ever-evolving threats," Oelke said. "We are confident that our new security technologies will provide the flexibility to expand our information defenses and address tomorrow's requirements. Our strategy to combine security products, policies and vigilance is integral to maintaining a safe and engaging online environment for the Barton community."

Featured

  • 12 Commercial Crime Sites to Do Your Research

    12 Commercial Crime Sites to Do Your Research

    Understanding crime statistics in your industry and area is crucial for making important decisions about your security budget. With so much information out there, how can you know which statistics to trust? Read Now

  • Boosting Safety and Efficiency

    Boosting Safety and Efficiency

    In alignment with the state of Mississippi’s mission of “Empowering Mississippi citizens to stay connected and engaged with their government,” Salient's CompleteView VMS is being installed throughout more than 150 state boards, commissions and agencies in order to ensure safety for thousands of constituents who access state services daily. Read Now

  • Live From GSX: Post-Show Review

    Live From GSX: Post-Show Review

    This year’s Live From GSX program was a rousing success! Again, we’d like to thank our partners, and IPVideo, for working with us and letting us broadcast their solutions to the industry. You can follow our Live From GSX 2023 page to keep up with post-show developments and announcements. And if you’re interested in working with us in 2024, please don’t hesitate to ask about our Live From programs for ISC West in March or next year’s GSX. Read Now

    • Industry Events
    • GSX
  • People Say the Funniest Things

    People Say the Funniest Things

    By all accounts, GSX version 2023 was completely successful. Apparently, there were plenty of mix-ups with the airlines and getting aircraft from the East Coast into Big D. I am all ears when I am in a gathering of people. You never know when a nugget of information might flip out. Read Now

    • Industry Events
    • GSX

Featured Cybersecurity

Webinars

New Products

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame. 3

  • XS4 Original+

    XS4 Original+

    The SALTO XS4 Original+ design is based on the same proven housing and mechanical mechanisms of the XS4 Original. The XS4 Original+, however, is embedded with SALTO’s BLUEnet real-time functionality and SVN-Flex capability that enables SALTO stand-alone smart XS4 Original+ locks to update user credentials directly at the door. Compatible with the array of SALTO platform solutions including SALTO Space data-on-card, SALTO KS Keys as a Service cloud-based access solution, and SALTO’s JustIn Mobile technology for digital keys. The XS4 Original+ also includes RFID Mifare DESFire, Bluetooth LE and NFC technology functionality. 3

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3