Keeping the network secure
Worcester Polytechnic Institute (WPI) in Worcester, Mass., serves as a good example for organizations struggling with this question. WPI is an internationally acclaimed private research university with 2,000 graduate and 4,000 undergraduate students, along with 500 faculty and 400 staff members. Within the organization’s DNA is an insatiable demand for knowledge to increase its subject-matter expertise; the user base has very little tolerance for second-best and demands everything to work.

For more than 10 years, WPI used a powerful IT network developed by Carnegie Mellon University (CMU) in Pittsburgh, Penn. However, due to a lack of resources, CMU abandoned the project in 2008. As the bar had already been set quite high, WPI needed another partner that could keep the level of functionality high for its demanding users.

In his quest, Frank Sweetser, director of network operations, came up empty-handed. A thorough evaluation proved that most options were inflexible to meet the college’s business needs. WPI needed to ensure that campus network communications including routing, switching, and wireless, as well as core services such as DNS and DHCP, could function under the most stressful situations and would be able to cope with any hazard—from a security breach to a power outage. WPI determined that the most important necessities were flexibility, a clear contingency plan, and a 360-degree view of how an issue would be addressed if a system went down.

Four steps to choosing the right network partner
Institutions can follow WPI’s example and look to implement four key policies to safeguard systems to stay current and therefore less vulnerable:

1. Find a partner that understands the complexities of the architecture and can be transparent. Talk through the implementation process step by step and understand how a network will respond to any dangerous situation. Conduct a quick risk assessment and prioritize the most critical assets: Is it research intellectual property, financial data, or even the ability to keep the lights on no matter what?

Why universities need to prioritize network management

2. Ensure that any upgrades can be customized to meet your institution’s specific requirements. Most organizations, especially in higher education, are working with legacy systems that were crafted to meet their specific needs. Changing out the old hardware and software for new doesn’t always work, and often a complete redesign is necessary to meet today’s needs. In the case of WPI, which was swapping out a very large system, on-site support was critical to the project’s success.

3. Stay on the offensive. Deploy behavior-based analytics not just based on past behavior but to predict the future. Make sure all of the access controls feed into a centralized authority-management system and ensure that correct user rights are granted and updated. Access management needs to be uniform across all systems, and you must implement tools that get rid of old accounts to make sure that networks remain secure.

4. Make sure you aren’t operating on an island. To improve efficiency, systems must interconnect and know when to distance themselves in the event of an emergency. For example, if one system goes out, the others need to increase their load. If a breach occurs, your network needs to know to shut down and isolate itself (while potentially switching over to an alternate network) to avoid infection across the university. This level of flexibility and intelligence is crucial.

Universities need to learn how to be proactive with their networks, or else they will wind up with serious data casualties in the event of a cyber attack or network outage. Coming up with a plan will help to mitigate potential disasters and work efficiently, even when resources are tight. Simply offering convenient internet access is no longer enough. These days, the digital world of higher education is just as important as the physical.

About the Author:

Dennis Borin is a senior solutions architect at EfficientIP, with 14 years of experience as a pre-sales engineer in the DDI (DNS-DHCP-IPAM) space. Previously with Alcatel Lucent and Perficient, Borin has worked with countless universities and colleges over the years, giving him tremendous insight and knowledge into the higher education industry. His main focus is designing, testing, and deploying software solutions that ensure business benefits and return on investment for clients.


Add your opinion to the discussion.