January 27, 2003

When the District’s servers and systems fall victim to abuse, attack or unauthorized use, Foothill and De Anza technology users feel the impact in terms of diminished productivity and sometimes even damaged systems and lost work.

To protect the District against such losses, ETS and ETAC have begun working on security policies and guidelines that will put into action a plan to heighten system security on both campuses within the calendar year.

“We’ve had several cases in which unauthorized individuals used network resources to the extent where it disrupts service,” said Sharon Luciw, director, Network and Systems. “The network is flooded with unauthorized use, making response time so slow that people can’t do their work. We want to keep outside sources from abusing the District computer resources.”

Abuses generally fall into two categories: intentional and unintentional. Intentional would include someone purposefully using District resources for non-District-related business. Unintentional might include someone who tries to set up a service for instructional use but doesn’t have the experience to do so effectively. This may open up security holes for hackers to use internal resources. Other security risks are computer viruses and identity theft.

“At this stage, we’re trying to educate our technology users about the security risks and how they can help to protect the District against these types of threats,” Luciw said. “We’re also working more regularly with people in the District who are responsible for servers.”

Recent Security Breaches at the District

Following are two examples of security breaches at the District late last year:

  • Networks & Systems received a report from SecurePipe, a company that provides network security monitoring. The report indicated “possible network abuse by a computer” or computers on our network. Information was provided to Networks & Systems that helped to locate the computers on the District network. Upon investigation, it was determined several computers were infected with the “Lioten worm.” The infected computers were removed from the network, disinfected and then reconnected to the network. The impact to the District was minimal or none at all in this case; however, the problem affected computers outside the District.
     
  • A District network server was set up as a Gnutella server. Gnutella provides the same service as Napster -- free download of music and movies -- which is a possible copyright violation. This server was identified as a “bandwidth hog” on our network, meaning it used all available network capacity. From an end user’s perspective the network would appear to be very slow, one may have problems printing, or it would appear as if the network was completely down. Networks & Systems was able to “disable the network port” for the device prior to complete disruption in service for the District. Networks & Systems then located the physical device and spoke to the user about the improper use.

What Can You Do?

Every technology user plays an important role in securing the District’s technology resources. Here are some things you can do to help maintain security:

  • Use smart passwords, which are alphanumeric and never easy-to-research. For example, don’t use your dog’s name or mother’s maiden name. The ETAC committee will share more details on smart passwords in the new security policy and guidelines.
     
  • Don’t share your password with others, and remember to change it on a regular basis.
     
  • If you feel there is a security hole or the potential of one, talk to the people who are in charge of the lab you’re in, or contact the Call Center at ext. TECH.
     
  • If you’re responsible for a computer server, windows, Mac or Linux server, and you’re not already on Sharon Luciw’s emergency contact list, contact her and she’ll get you involved.
     

ETS is also monitoring the network for unusual activities. This does not involve reviewing data or content, but only looking at the quantity and type of traffic coming into and going out of the network. “If there is heavy traffic that could be detrimental to the user network, we try to pinpoint it,” Luciw explained.

In addition, ETS is working to get the latest virus protection on all user workstations. Because viruses and SPAM hurt productivity, this will save costs for the District although it will require an initial investment. ETS hopes to make this investment this calendar year, although the implementation date may be impacted by budget cuts.

The ETAC subcommittees are also focusing on the following:

  • Developing an awareness program to provide a regular reporting mechanism of security breaches so the user community has a better understanding of the magnitude of the issues.
     
  • Review policies and best practices in place at other institutions to guide the District’s development of the policy and guidelines.
     
  • Determine what security mechanisms are currently in place and make plans for the next six months as well as formulate a long-term strategy to support the policy.
     
  • Set up monthly security meetings with District Technology Support personnel.
     
  • Determine baseline training for server support and security guidelines for server configuration.
     
  • Purchase a security audit tool to ensure a server is secure.
     

“Overall, the purpose of our efforts is to protect the District and enable productivity and progress,” Luciw concluded.

[Home]