The school struck a balance between computer security and research freedom.
Universities pride themselves on giving students the intellectual freedom to explore their academic interests in an open, independent, and safe learning environment. A critical component of this mission is to make sure students feel secure that their private information is being protected at all times. Imagine leaving home for the first time at 18 years of age and immediately having to deal with identity theft. You’d suddenly become much more cynical, wouldn’t you?
Like all colleges, the University of Missouri collects and stores our students’ personal information, such as addresses, phone numbers, eMail addresses, transcripts, grades, and even medical records. Employees in our Residential Life department need access to this information for administrative reasons. Unfortunately, our staff members have varying levels of computer knowledge, and varying levels of internet security sense. Users inadvertently click on malicious links and visit sites that are infested with malware. As a result, several years ago, we saw that malware was taking over machines, sapping bandwidth, blocking access to applications, and potentially putting students’ personal information at risk. At one point, the security threats were coming in so fast that machines were rendered unusable.
As a part of an open learning environment it’s important that the IT department doesn’t inhibit independent thinking or intellectual freedom. However, the web surfing habits of our employees were impacting the performance of the department’s 230 computers and others’ ability to use them.
My colleague, Justin Harris, a user support analyst in the Residential Life department, and I must strike a balance between not being a nuisance to the staff and protecting the personal information of our students. That said, we soon found out that the access we provided our staff was affecting our ability to keep the network safe.
Already strapped for resources, Justin and I found ourselves having to rebuild two machines per week. Not only did this take the in-demand computers offline; it also pulled us away from our other, just-as-critical IT duties.
Justin knew about Webroot’s powerful anti-malware solution and suggested we deploy it on campus to help the Residential Life department keep malware off computers. We implemented Webroot and found the solution quickly identified malicious threats and effectively cleaned infected computers.
Traditional anti-virus and anti-malware protection begins and ends on each computer. However, as malware continued to evolve and grow more disruptive, we found that desktop-based security software was not enough to head off more sophisticated web attacks. We needed to enhance these solutions with an extra layer of defense at the perimeter of the network to help catch threats at every level. Because the web has become the new battleground for security, web filtering was our next logical step in building out that security net.
We also knew from experience that deploying additional security solutions could impede the university’s commitment to providing an open learning environment. Anti-malware appliances and software–while powerful–can drain bandwidth and slow down the performance of computers. With our employees relying on unlimited, consistent access to their machines, this was unacceptable collateral damage.
Instead, the University of Missouri Residential Life department migrated our security strategy and policies to a web-based service, using the internet as the infrastructure backbone for protecting computers from malicious and inadvertent threats.
The Webroot Web Security service routes web traffic through a proxy address where it is scanned, monitored, analyzed, and filtered. Unsafe web sites and content are blocked, preventing malware from infecting the computers.