Information Technology Services is working on several initiatives designed to better protect our sensitive information, and to detect and respond to ongoing attacks against our technology infrastructure.
Attackers are increasingly relying on all of us to “open the gates” to our information. They do this by:
- Sending phishing emails disguised to look like our own websites
- Calling individuals and asking for information
- Visiting offices that may have research or financial information stored on computers or in easily accessible areas
Our information is valuable, whether it’s identities, research, or even information about how we operate, and we must work to protect it.
Attacks are also getting more technically sophisticated, often going undetected until information has already been compromised. Drake, like other institutions, faces these ever-changing attacks at an increasing rate, and we must continue to keep our confidential information secure.
Watch OnCampus for additional information on these initiatives:
Security Information Event Monitoring (SIEM)—ITS is implementing this new technology, which provides alerts and critical information about potential and in-progress attacks. It gathers information from key systems and uses pattern and trend analysis to detect unusual behavior. This could be someone logging into email from two countries at once, or an individual attempting to guess common passwords.
PCI (Payment Card Industry) Compliance—We process hundreds of thousands of payment cards on campus every year and must remain compliant with extensive regulations designed to protect cardholder information, or face possible fines or sanctions. ITS is reviewing existing practices and making changes to ensure this information is secure and that we maintain this necessary accreditation.
Disaster recovery planning—If a disaster were to affect Drake’s technology infrastructure, how long would we take to recover? What should be done first? ITS is continuously updating recovery documentation and preparing to test our capability to respond to a disaster.
—Peter Lundstedt, Information Security Manager
Peter: thank you for letting us know what is going on “behind the scenes.” Teamwork is apparent in ITS!