Colleges lead charge
for secure, open networks"> The new automated registration system was a success. Between 90 and 95 percent of students were able to use the system to fix the problems on their computer without help from the IT department, he said. While such draconian techniques arent common in the corporate world, enterprise IT administrators may soon be looking to programs such as those at Cornell and Colby-Sawyer to help deal with the influx of laptop computers and other portable computing devices in their environment, said Chris Novak, a senior security consultant at Cybertrust Inc.Campus networks are also becoming more complex, as IT administrators begin isolating sensitive administrative systems and those governed by regulations like HIPAA and Sarbanes Oxley, from the chaos of student residential networks, said Novak. Click here to read more about how IBM looks to get to developers in college. "Before, a lot of universities operated in a flat environment, where everything was connected to one core switch. Now were seeing internal firewalls and VPN (virtual private network) solutions," he said. At Cornell, IT staff is using detailed router access control lists, or ACLs, to segregate critical assets at the Universitys 11 colleges, Schuster said. For example, at Cornells College of Veterinary Medicine, Schusters staff worked with the Colleges local networking people to set up ACLs that blocked traffic from student machines and cordon off key assets, while still allowing College staff to remotely access those systems and approach Schuster terms "default deny." "It lets us block everything except whats explicitly needed," he said. At Colby-Sawyer, administrators are using remote access software by Citrix Systems Inc. to allow IT staff to consolidate the colleges critical administrative systems. "Its easier to patch eight computers instead of 300," Brown said. Still, colleges and universities will always have a different approach to network security than for-profit companies, which must put a premium on network security to protect corporate assets and reputation, experts agree. "Corporate IT has security paranoia; because they know they have proprietary information that demands secrecy. But most university students dont have that level of paranoia, and dont see security as a big concern," Novak said. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
Many colleges and universities are asking about or implementing quarantining systems like those at Cornell and Colby-Sawyer, said Laura Koetzle, an analyst at Forrester Inc.