Moving toward a smarter use of IT resources at Bucknell
April 28, 2017
What Bucknell University learned through austerity in making technology more valuable to the institution’s mission.
The 76,000-student university gains forensic data analysis and real-time monitoring of possible cyberthreats with LogRhythm services deployment.
Corinne Lestch is a staff reporter covering education for EdScoop and its affiliate public sector technology news websites, FedScoop and StateScoop...
The University of Massachusetts has adopted a centralized network security service that for the first time provides a cohesive security solution across multiple campuses.
The service, from LogRhythm, a security intelligence company, is becoming more prevalent on college campuses. And thanks to a grant from the National Science Foundation, UMass officials envision it could be expanded to all 24 state universities and community colleges and other organizations and state agencies.
Gene Kingsley, director of security operations center at the UMass president’s office, said it was time for the campus to offer a cohesive solution rather than employ a jumble of products from different vendors, especially as the risk of cyberthreats keeps increasing at colleges and universities across the country.
"We realized our current operations for security were a little long in the tooth, so we decided to go out and look at other tools that were out there, and LogRhythm came onto our radar," Kingsley said in an interview. "We liked the support that the team offered, both in sales and technical support, so we jumped on that."
Chris Brazdziunas, vice president of products at LogRhythm, said that there has been a shift in recent years from prevention technology to detection and response technology, which is what the company offers through real-time monitoring and forensic data analysis.
"We're seeing a pivot — more and more, academia and other institutions are investing in detection and response versus prevention because the attack surface is so broad," Brazdziunas said in an interview with EdScoop. "If you look at an academic institution, there are so many points of attack from a cyber perspective because there is so much access online and a campus needs to be open."
"The idea now is we have a solution that could see broadly and deeply across the academic and university environment," she continued. "We can collect data from a variety of sources and through that data and analytics we’re able to surface threats and anomalies that need to be investigated through a single pane of glass or interface."
For the 76,000 students across five campuses, the new security system is typically in the background of their college experience. But the schools are now trying to get some interested students more involved by offering internships and work-study jobs to help manage the system.
"It's something to bridge theoretical knowledge to applied knowledge," said Kingsley, adding that business and marketing majors could also get involved. "It's not just about security, but obviously being a security analyst helps them bridge what they're learning in the classroom."
Kingsley works with his team of about 300 staffers to provide security and other tech services for the university's systems. With the centralization of the system, they can monitor different campus' networks "and then notify the local IT department of what we see and give recommendations on how to react or prevent what we see from happening any further," he said.
Kingsley could not speak about specific threats on the campus — but in one recent week, Kinglsey's team monitored more than 300 million logs that were then analyzed down to about 74,000 "events." Not every event is an actionable threat, he said, but each one is looked into carefully.
"There’s threats out there every day, so we see a lot of activity that LogRhythm helps us detect and manage," he said.