E-operations steps up system protection
Following an academic year plagued by the rampant spread of viruses across AU's computer network, service outages and sluggish network speed, the University has taken steps to combat the problems, including turning to students for help.
The University technology office responsible for the security of AU's network, "e-operations," has launched a two-pronged strategy:
First, changes have been made to AU's network aimed at better insulating the University from viruses and so-called "Denial of Service" attacks, whereby computers elsewhere on the Internet - often because they are infected with viruses - attack AU's network connection by flooding it with useless information.
Second, a publicity campaign encouraging students to better protect their own systems from viruses and other security flaws has been launched. Informational advertisements have been placed in the residence halls, in University offices and throughout the campus in an effort to encourage students to better protect their computers.
As for the changes AU has implemented on its end, the University has purchased new security hardware and has made technical changes geared at reducing the ability of viruses to penetrate AU's network or to wreak havoc on it if they are able to get in. The University also modified its "MARS" network access system for the new year to encourage students to better secure their own systems.
MARS, short for Media Access Control Registration System, was launched three years ago in an effort to ensure that only members of the AU community were able to use the school's computer network.
In a nutshell, registering with the MARS system links a user's unique AU username and password with the computer from which they are registering. Thus, if a student accesses AU's network through a desktop computer in his or her residence hall room, from a wireless PocketPC handheld, or from a wireless laptop, all of which are registered, the system will automatically grant those computers access to the network. However, if someone walked into Mary Graydon Center from off the street and attempted to plug in, he would get no further than the MARS welcome page.
New for this school year, the system has been tweaked to automatically recognize users' operating systems and to recommend various steps that they can take to better secure their computer. These steps include recommendations to download Norton AntiVirus software, which AU provides to all users free of charge through the my.american.edu portal, as well as guidance on other software that might make a user's computer more secure but that they may not know is available.
The upgrades to MARS have been accompanied by a public relations campaign aimed at encouraging students to install - and keep current - antivirus software, to download updates to their operating systems and to otherwise play their part in keeping AU's network secure.
"Technically the changes are not that big, but I think the additional information can make a big difference," said Eric Weakland, network security director for e-operations. "The impetus for this whole marketing push, for some significant changes in a lot of our documentation, for serious investment in additional network security hardware, were two network outages that we had last year due to viruses and Denial of Service attacks."
Weakland, who notes that AU confronted more than 1,600 reported virus incidents during the last academic year alone, stresses that MARS is intended to regulate who is able to access AU's network. It is not a way for the University to monitor what students are doing on their computers or on AU's network, he said.
In fact, the only bold, capitalized text on the MARS welcome page that greets the unregistered announces: "The MARS system does not track your individual network activity."
"I have had very few faculty and student concerns about monitoring with MARS. I try and explain to them that all that MARS does is make sure that they are entitled to use AU's computing resources," Weakland said.
Though Weakland says that it is too early to tell how much of an impact the changes and ad campaign have had, he notes that AU's copy of Norton AntiVirus was downloaded more than 1,000 times in the first two weeks of school.
It remains to be seen how much all of the changes and the information awareness campaign enhance network security, since it was only several months ago that chronic failures in Internet and e-mail access were a fact of academic life for the thousands of people who rely on AU's network. Weakland says, however, that the problem is not so much a reflection on AU as it is on being a part of a big network.
"AU is an academic institution, and one of the reasons that I choose to work here is that I believe that it is one of the most challenging computer security environments to work in," Weakland said.