Center for Information Technology Services
UMB Security Strategy
Goal: To have a robust, secure campus networked environment that protects against security breaches while supporting appropriate access to data for UMB research, teaching, and administrative operations.
- To implement and maintain for the campus: a central firewall (completed), central intrusion detection system software (completed) and other appropriate hardware and software security measures (on-going).
- To provide a proactive means in which campus resources (servers and desktops) can be kept current with the latest security updates (underway).
- To develop an awareness of the need for security throughout the entire UMB community (on-going).
Current State: UMB now has a central firewall (hardware and software) for monitoring and when necessary, blocking intrusions from inside UMB as well as from outside the campus network via the Internet. The University has purchased contemporary security hardware and software for monitoring and analyzing network traffic leaving as well as coming into the University. These analyses and data will help in forming security procedures and the development of security policies.
Feb. 2003 to April 2003 and On-going:
- Install Firewall Switch Module (FWSM) in the core 6509 switch (strengthen security at the sub-network level).
Finalized Security Policy
- Developed and distributed for review server security standard, workstation security standard firewall standard and wireless security standard.
- Identified IT Security Officer
- Working with Schools and Central Administrative Units to tighten access to their services from the outside (Social Work and A&F completed) (School of Medicine and Dentistry planned)
- CITS Security Group and Infrastructure Services Group are working to provide access to only the ports needed by the University community.
- Continuing to use the IDS to identify potential hack attacks on the network.
- Continuing to send certification alerts and security "patch" information in order to strengthen security on networked servers.
- CITS staff are conducting vulnerability tests against campus and school servers and workstations.
- Following-up with IT Leaders to see where vulnerabilities persist, and why.
- Investigating the use of host based IDS services as additional layer of IDS security.
- Continuing to activate the firewall and applying effective and reasonable technology security for the safety and protection of all UMB confidential information.
- Developing and will maintain a security web page with approved policies, standards and security alerts.
Outcome: UMB has gained knowledge of security breaches and addressed the situations quickly and effectively. Collaboration and communication with campus IT administrators has resulted in common solutions for protecting data, while at the same time, ensuring data access for those who need it. Security awareness will continue to be heightened and more widespread throughout the University. UMB faculty, students and staff will work in a networked environment that is monitored and protected by appropriate tools and by a skilled and knowledgeable staff. In addition, by blocking illegal and intrusive activity, the University will save on Internet expenses, since these charges are based on total usage.