UNC-Chapel Hill’s Information Security Office repels thousands of attacks a day to the University’s computer systems and applications.
“We also see a lot of what I’ll describe as knocking on the door, testing to see how vulnerable systems might be,” said Kevin Lanning, Chief Information Security Officer within the University’s Information Technology Services department. Those knocks on the door and attacks come from all over the world.
Lanning’s team has the critical responsibility of protecting Carolina’s computer systems and applications.
Deploying both reactive and proactive efforts
“We are continuing to build protective environments where the sensitive information lives with layered protections in front of it,” he said. “We run detection, prevention devices and collaborate with departments to design strong architecture so that we’re proactive and don’t have a problem. If we do have problems, we want to react very quickly to protect the University.”
While the Security Office has to “do a fair amount of reactive work” because of the tremendous number of attacks, “we want to focus on proactive as much as possible,” Lanning said.
Constant adjustments necessary
To ensure privacy and security for the University’s computer systems, “we’re adjusting systems all day every day,” he said. “We collaborate with other research universities and lots of other partners so that we can anticipate what intruders might do tomorrow rather than just being reactive to what they did previously. What are they going to do next and how can we be ready for them?”
Carolina’s Information Security Office has taken note of the many data breaches that have hit the private sector over the last year or two.
Avoid being low-hanging fruit
“We need to be ready for whatever may come,” Lanning said. “There are an unlimited number of scenarios that intruders could use. And so we need to focus on the basics—the things that we know they might use. Make sure we get those right so we’re not low-hanging fruit, so it’s not easy to break in. When it’s not easy to break in, they may go to some other institution. But if we do have a break-in, we need to be able to detect as quickly as possible.”
Early reporting helps
The University and individual computer system users can stay two steps ahead of hackers, he said, by being aware of the problem as well as ways they can prevent the problem. That includes early reporting when people run into security problems.
“Also think in terms of defense-in-depth,” he said. Perhaps you use a home router plus anti-virus protection and still additional protections. If there are layers of protection, “that’s going to help us no matter where we are.”
Lanning’s strategy for information security at Carolina, he said, is to “focus on the mission of the University and enable that mission and protect the mission from information security intrusions, viruses, break-ins, etc., and clarify ways that we can support that mission.”