Mizzou finds balance between web security, intellectual freedom

The school struck a balance between computer security and research freedom.
The school struck a balance between computer security and research freedom.

Universities pride themselves on giving students the intellectual freedom to explore their academic interests in an open, independent, and safe learning environment. A critical component of this mission is to make sure students feel secure that their private information is being protected at all times. Imagine leaving home for the first time at 18 years of age and immediately having to deal with identity theft. You’d suddenly become much more cynical, wouldn’t you?

Like all colleges, the University of Missouri collects and stores our students’ personal information, such as addresses, phone numbers, eMail addresses, transcripts, grades, and even medical records. Employees in our Residential Life department need access to this information for administrative reasons. Unfortunately, our staff members have varying levels of computer knowledge, and varying levels of internet security sense. Users inadvertently click on malicious links and visit sites that are infested with malware. As a result, several years ago, we saw that malware was taking over machines, sapping bandwidth, blocking access to applications, and potentially putting students’ personal information at risk. At one point, the security threats were coming in so fast that machines were rendered unusable.

As a part of an open learning environment it’s important that the IT department doesn’t inhibit independent thinking or intellectual freedom. However, the web surfing habits of our employees were impacting the performance of the department’s 230 computers and others’ ability to use them.

My colleague, Justin Harris, a user support analyst in the Residential Life department, and I must strike a balance between not being a nuisance to the staff and protecting the personal information of our students. That said, we soon found out that the access we provided our staff was affecting our ability to keep the network safe.

Already strapped for resources, Justin and I found ourselves having to rebuild two machines per week. Not only did this take the in-demand computers offline; it also pulled us away from our other, just-as-critical IT duties.

Justin knew about Webroot’s powerful anti-malware solution and suggested we deploy it on campus to help the Residential Life department keep malware off computers. We implemented Webroot and found the solution quickly identified malicious threats and effectively cleaned infected computers.

Traditional anti-virus and anti-malware protection begins and ends on each computer. However, as malware continued to evolve and grow more disruptive, we found that desktop-based security software was not enough to head off more sophisticated web attacks. We needed to enhance these solutions with an extra layer of defense at the perimeter of the network to help catch threats at every level. Because the web has become the new battleground for security, web filtering was our next logical step in building out that security net.

We also knew from experience that deploying additional security solutions could impede the university’s commitment to providing an open learning environment. Anti-malware appliances and software–while powerful–can drain bandwidth and slow down the performance of computers. With our employees relying on unlimited, consistent access to their machines, this was unacceptable collateral damage.

Instead, the University of Missouri Residential Life department migrated our security strategy and policies to a web-based service, using the internet as the infrastructure backbone for protecting computers from malicious and inadvertent threats.

The Webroot Web Security service routes web traffic through a proxy address where it is scanned, monitored, analyzed, and filtered. Unsafe web sites and content are blocked, preventing malware from infecting the computers.

It was an approach I could appreciate. The best way to combat a disease is to stop the infection from occurring in the first place–Webroot’s service lets us prevent the risk at the outset, which takes a huge burden off our shoulders.

As a result, I’m pleased to report the Residential Life department has reported no viruses or other infection of malware since deploying the Web Security service. Justin and I are not constantly rebuilding or re-imaging the machines, letting us focus on other, more strategic IT projects.

In addition, our staff members have better, more reliable access to their computers, and, just as important, the more sophisticated security strategy isn’t cramping anyone’s style. The web service prevents security from being an inhibitor to performance, giving our employees the access they need to administrative applications, the internet, and student information.

In the end, we learned that traditional desktop-based malware protection is important, but universities need to understand that a multi-layered approach that protects all aspects of the IT infrastructure is critical in safeguarding computers from malicious threats. Increasingly sophisticated threats are constantly probing our defenses trying to find a weakness in our armor, but Webroot keeps us one step ahead of the bad guys.

Eric Leiss is a support systems administrator at the University of Missouri Residential Life department.

Sign up for our newsletter

Newsletter: Innovations in K12 Education
By submitting your information, you agree to our Terms & Conditions and Privacy Policy.

Laura Ascione