Better protection against IT attacks
Better protection is on the way for the University’s IT environment and IT equipment, with implementation due to be completed in March. One noticeable effect for a normal user is that a VPN connection will be required to access the University’s network and IT resources from external locations.
The change has two dimensions: the current firewall solution will be replaced with new equipment and the University will restrict chances for unauthorised data traffic from systems or individuals to enter the University’s network.
“The new firewall solution will increase our protection across the board and make it possible for us to respond to threats that arise in a more up-to-date way. We will also block incoming traffic from the Internet to our clients, servers and other systems as a default setting. Previously, we have only had a few barriers, which has left great freedom for uncontrolled access to our network from the Internet. Moreover, because of this we have not been able to deal with security threats in a satisfactory manner, as we have a very high percentage of ‘referrer spam’ coming through our security systems,” says Peter Sandell, information security officer in the University Administration.
As an individual member of staff, do I need to do or think about anything special?
“Not specifically for this project. All traffic you create yourself (‘from the inside out’) when you’re in the University’s network will be virtually unaffected. However, in purely general terms, everyone should exercise greater alertness, treat incoming email with suspicion, avoid surfing to dubious websites and not disclose their login details in other systems. It’s also important to make sure to keep the equipment you personally are responsible for updated, with antivirus software installed.
“There will be a difference in cases where members of staff have chosen to access IT resources in the University’s network without using VPN. We will not allow general access from the Internet. As a member of staff, you should connect to all internal services via VPN.”
VPN (virtual private network) creates an encrypted tunnel for data traffic between a computer at home, for example, and the University’s IT resources.
Why are you making these changes?
“The point of making blocking a default setting is to protect our internal network, and it’s also something we are required to do as a public authority. Fulfilling public authority requirements and best practice from a security perspective will require further changes in future as well.
“Having generous access from the Internet makes very high demands on our computers, servers and systems. It means that both individual members of staff and our technicians have to deal with all security concerns, bugs and other vulnerabilities. Moreover, we have seen a sharp increase in traffic that can be classified as harmful in recent years, particularly over the last year. The threat picture in general has intensified, as has the interest in research theft and research sabotage.”
System owners and managers asked to review needs
The project is being carried out by University IT Services and the Security and Safety Division in the University Administration, which are now asking all system owners and managers of computer systems to review whether they have data traffic that currently uses ports that are not blocked.
“Systems that are currently registered for openings in the existing barriers will inherit their existing configuration.”