Recently entering, 2017, we have com e into the most connected time between people that humans have ever seen. What do we have to thank for this connectivity? The internet! More so everybody attending our university, The University of Denver, uses DU WiFi or eduroam. The difference between the two would be that eduroam has more levels of security than DU WiFi.
It’s important to know a least a little bit of how it all works and what kind of security measures you can take to ensure the privacy of your personal information. Some examples of cyber crime that you might recognize would be eBay’s catastrophe in 2014 when 233 million users’ personal information was stolen. Usernames, passwords phone numbers and physical addresses. Or more recently in 2016 Yahoo for a couple of different reasons. 1. It was released that 500 million user’s information was stolen back in 2015 and 2. It came out that Yahoo and the US government were working together to monitor emails going through their system. Whether that is a good or bad thing that your emails are being looked at by the government, it’s important to know what is happening to your personal information online.
Talking with some of the students around campus learning that much our students differently really know that much about web security. It seemed as if they were more concerned with connection, which is normal. People don’t generally think about the downsides of having so much information on the web until something goes wrong like getting hacked or having your identity stolen.
“I like DU WiFi until I cross Evans onto Williams because that’s when I have to switch of to LTE” said Keith McNabb a junior in the Daniels College of Business.
On the security information page under the networks tab the first couple of items on page are about the Heartbleed bug back in 2014, which was a bug that essentially when you were attempting to login this malware would ask for more information and end up getting that when logging in. But reading their description of the bug found that nothing on any of DU’s servers was compromised nor any of their partners. Under that Were some helpful tips on how to stay safe on the web i.e. changing your password often and not giving into fake emails and how to spot them. Additionally, the UTS team made a page on how to spot click-bait. Which is when you see a title/thumbnail of something on the web and you want to click it but is most likely not what you’re wanting. The team behind UTS really put a lot of work into helping the students in this way, they created a bunch of pages with helpful hints and ways to stay safer surfing the world wide web.
Speaking with Chad Burnham, chief information security officer, he discussed how much effort was put into getting the best possible connection for students and what his team did was pretty awesome. Him and his team went into each dorm room and set up a connector. So each student is closer to the internet in their own room than anywhere else. That’s just about 2,200 rooms they went into and established connections. Also dedicating a separate server for gaming system, Burnham’s team really went the extra mile in order to give students the best connection possible on every device.
He also mentioned what each piece of software is offered on the resource page on PionerWeb. The Virtual private networks or VPN’s, which they don’t really use the VPN’s that much anymore. VMware (which stands for virtual machine-ware) is another level of cloud security. Cisco jabber which is essentially a safer messaging software (not available to students) and CrowdStrike which is a type of endpoint protection. He said discuss that if you want a higher level of security over all then you should be connecting to eduroam.
The Monday following my meeting with Chad I had the opportunity to speak with Gary Starling, Chief Information Security Officer over the phone about CrowdStrike and where he wants to see web protection at DU go. The term end-point protection was talked about a lot in our conversation. An Endpoint is basically your search bar. It’s the specific place that you want to go on the web through an application. When you have endpoint protection software that is a bridge from your device through a set of rules/security measures so that identification of sensitive data happens and then encrypts it and or blocks the copying of your sensitive information based on the type of classification that would make information “sensitive”. So what happens is endpoint protection software evaluates an endpoint before giving you access ensuring that the page is up-to-date and meet security standards defined.
“I would love to see more students pick up if not our endpoint protection they should have some form of endpoint; I can understand if they see our product as ‘big-brother’ watching them as apposed to something offered by Avast” said Gary Starling about CrowdStrike “Because our product does give us some really deep access to the computer that it’s on”.
What UTS has in store for the future is getting some more advanced firewall system. A firewall is when a packet enters in your firewall, the firewall analyzes what’s inside the packet like destination, source, protocols and ports. These are all checked against the rules in the fire wall and if those rules aren’t met the request is dropped or not forwarded to its destination.
Gary also wants to do a whole overhaul of the UTS page in order to draw people to and inform of them of the services they offer. In tandem over the summer he wants to simplify the options of WiFi on campus. He wants to reduce it to two option, eduroam and the other would be kind of a guest access, like how you would connect at Starbucks.