Medium enterprise: Layering for fast expansion


That is the security nightmare scenario Scott Brown, information security analyst at Colby-Sawyer College, New London, N.H., has to face every semester.

"In academia, the students all show up with their computers -- guaranteed to be infected already," says Brown, adding that he has found more than 830,000 viruses on his campus' system in the past year.

When classes are in session, Brown is charged with keeping the campus network of more than 1,600 PCs clean and secure – a task comparable to that of the average mid-sized business of 500 to 1,000 desktops. A unique problem for the education vertical, however, is that many colleges about the size of Brown's typically do not have any information security staff, much less a position like Brown's.

"I'm a one-man show. That's about normal for a school with about a thousand students," he says. "You kind of have to be an expert with a little bit of everything."

Additionally, working at a small liberal arts college, Brown also misses the luxury of enlisting computer science students to help him fight malicious software or to strengthen the firewall. "We don't have all the computer geniuses," Brown admits.

For an internet security guru – especially a solo act like Brown – a college can be among the most challenging of environments because professors and students expect to have the entire internet at their fingertips, according to Jonathan Gossels, president of SystemExperts.

"Colleges and businesses have different requirements," Gossels explains. "Colleges are more of an open environment. In academia, there's more of an expectation to have open access."

Gossels says the environment at colleges isn't wrong – just different. Saying he "didn't want to put a value judgment" on the more open environment at colleges, Gossels adds that the academic world should follow much of the same guidelines as businesses would: "multiple layers" of antimalware and virus protection.

Brown agrees that there are clear differences from working in the business world, saying he is "fortunate he doesn't have a lot of red tape to deal with. In corporate America, you have a headquarters that dictates everything. Academia is a more gentle environment where you don't want to inconvenience the users. Here you've got to pick your battles. It's the business of keeping everyone happy."

As a result, one of Brown's solutions to address sometimes sloppy student users plugging in and out of the Colby-Sawyer network is a registration and quarantine process that scans computers on their way in.

"We do have a registration process, where, as soon as a computer hits the network, it gets pushed into a quarantine area," he says. "Once we have it in there, it gets scanned for viruses and spyware and anything we think may be harmful."

Having been in his current occupation for one and a half years, and previously a consultant for 17 years, Brown has simple advice for those getting into his expanding line of work: Be aggressive.

"I would say that the best thing to do is to be proactive. You don't want to set yourself up as just having the industry standard," he says.

For the mid-sized guys: Integration of security solutions is critical

For Scott Brown, information security analyst at Colby-Sawyer College in New Hampshire, fall means more than a simple return to classes and extracurricular activities. It also means 1,000 new users joining his network within a few days, all with different backgrounds and unique surfing habits.

The essential elements Brown uses to secure the Colby-Sawyer network include a firewall, bandwidth shaper, NitroSecurity intrusion protection, desktop firewall, antivirus and anti-spyware software, a Qualys vulnerability management system, campus manager registration and network protection system and outsource mail filtering. Brown credits his registration process as an integral part of his college's defense network.

"Probably the most noteworthy thing is our forced registration process. When new computers are connected to our network, they get sent to a special quarantine area where they will get a web page walk though, getting their computer to our standards," he says. "They then get scanned to ensure compliancy."

The college has also managed to get its vendors to work together on campus security problems, creating what Brown calls "a total and harmonious solution."

"For example, Nitro Security is working and integrating with Bradford Networks, our registration system vendor, so that when a particular type of traffic is detected from a computer on our network, Nitro will tell Bradford to move them in the quarantine area where they are no longer a threat to our network," he explains.

Information security is not a field for those who sit and wait for new solutions, says Brown. Again, he stresses that companies his size be proactive, not reactive, and seek out new technologies before they become commonplace.

"Do not buy products just because they are the industry standards," he explains. "We have found smaller companies can act quicker to a new threat and allow us better customization to our unique environment."

Leading the pack

A college that "doesn't have all the computer geniuses," Colby-Sawyer College is a liberal arts university with 1,000 undergraduate students, 115 faculty members and 384 total employees. The university, founded in 1837, is located 90 miles north of Boston in New London, N.H. The 200-acre university has a student-to-faculty ratio of 12 to one and an average class size of 18.

Despite its small size and leanings to the humanities, Brown says the university has been vigilant in dealing with internet-based threats. Many of its rival colleges don't yet have Brown's position on staff despite the wave of new PCs -- and their viruses and vulnerabilities -- every semester.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.