What We Do
Information Security and Policy (ISP) operates several "Intrusion Detection Systems” (IDS) to detect and respond to information security incidents involving computers connected to the campus network. These automated systems monitor and analyze network traffic and generate alerts in response to activity that either matches known signatures for malicious activity or is anomalous. Alerts are reviewed by ISP security analysts, and if warranted notificaitons are sent to designated security contacts for investigation and remediation.
Why We Do It
Information Security and Policy offers IDS services because hosts connected to the campus network are frequently compromised by hackers. It is much easier for a computer to be compromised than most people understand. Even casual web browsing to legitimate sites with a vulnerable browser can result in a compromise, and anti-malware software is increasingly ineffective at preventing these compromises.
Once compromised, the system is a serious threat to the campus network. Some of the negative consequences of compromised systems on our network include:
- Loss of valuable information resources, such as research data
- Exposure of personal information and university data assets
- Use a platform for criminal activity and attacks on other systems
- Reputational damage and legal/financial liability
- Blocking/blacklisting of campus network space from other internet resources
By detecting intrusions and requiring remediation, we remove these threats from the campus network. This helps to create a safe and secure environment for university electronic resources.
All network traffic crossing one of our tapping locations is monitored, so all members of the campus community with devices and data connecting to the Internet can benefit from our services. This includes:
- Researchers using the network for storage and transmission of research data
- Students using electronic resources to complete their coursework
- Staff supporting University administrative functions requiring information technology resources
- University administration meeting legal and ethical requirements to protect private information
- Individuals with private information on campus information technology systems