UWM Information Security: The Frontline in Defending University Data

The Internet is marvelous place. Since its inception, its openness has allowed us to become better connected—to access services, information and each other in ways that were never imagined.

But the same attributes that make the Internet such a great facilitator can also make it quite dangerous. Much like the Wild West, the openness of the Web can invite unsavory individuals into the mixthose looking to exploit the Internet’s openness and connectivity for their own gain. Whether it be a simple disruption, or worse yet, a breach of confidential and sensitive data, UWM Information Security is hard at work shoring up our online defenses to keep these individuals and their nefarious tactics at bay. It is a struggle that has no end, as once a potential security vulnerability is patched, individuals with ill intent will seek out new vulnerabilities utilizing new, more clever methods.

It’s a nonstop race to stay ahead of the game.

“Just by the nature of the environment we’re in, higher ed, it makes us both a potentially more susceptible and desirable target,” said Steve Brukbacher, UWM Information Security. “We have scores of data, information about our students, research and its participants that is extremely valuable for those seeking it. Additionally, we operate in a more ‘open’ environment than you would find outside higher ed. Due to the nature of the University and the research that is ongoing, we’re unable to take some of the strict measures that you find sometimes in private business. Being that the reality is that we’re both more open and just as valuable, a multi-pronged strategy for addressing the issue and securing our data is imperative.”

That strategy, both proactive and reactive in nature, reaches virtually every corner of the University. As Brukbacher describes, UWM Information Security isn’t comprised of just its staff, but of every individual present at the University.

“There isn’t a person who works or studies at this University that doesn’t have a role in information security,” said Brukbacher.

Four Areas of Focus

The involvement and outreach of UWM Information Security can be distilled into four different facets:

  • Incident Response—The incident response team within UWM Information Security monitors closely a variety of internal and external systems and data to determine if an intrusion or attack has occurred. Often called the “fire engine” by colleagues since day-to-day activities involve locating and putting out cyber-security fires, staff in this group have an extensive background in computer forensics. The team works closely with University Information Technology Services' (UITS) Network Operations and Services who provide the tools with which to detect issues. If an incident has occurred, the team evaluates how the intrusion occurred and what data may have been exposed (if the data is confidential, sensitive or proprietary, notification and protocols required by law are undertaken). After the problem has been identified, solutions to prevent similar attacks are implemented, closing the window provided by the temporary vulnerability.

  • Privacy Compliance and Training—This aspect of information security strategy is proactive, aimed at arming UWM faculty, staff and students with the information they need to be watchful stewards of confidential and sensitive information. The Certificate in Information Security, online training that covers subjects and policies that help protect one’s identity, data and computer, is available to the University community. This past spring, all UITS staff were required to complete mandatory Information Security and Privacy Program (ISPP) training—a training similar to the Certificate regarding privacy laws and measures.
  • Risk Assessment—The risk assessment aspect of information security is a methodical way of looking at a particular system or service for vulnerabilities. Risk assessments are truly collaborative, with UWM Information Security working closely with the area or department being evaluated to provide a prioritized list of suggestions to shore up potential vulnerabilities. Information Security aims to soon have performed assessments on all major University systems, particularly those storing and processing confidential data.

  • Partnerships—Brukbacher is quick to point out that the partnerships UWM Information Security forges with other areas on campus is incredibly important. “We’re a lean operation,” said Brukbacher. “Our partnerships with other areas aimed to provide security to the University’s proprietary information is instrumental in allowing us to provide the most secure environment we can.” Information Security works closely with UITS Network Operations and Services engineers to manage firewalls and intrusion detections. UITS’ Middleware and Identity Management team also works hand-in-hand with Information Security by managing University credentials and access to services both on campus and elsewhere through the Web.

When in concert with one another, this four-prong approach is constantly in action monitoring, evaluating and preventing future intrusions or attacks.

“There’s a wealth of knowledge and data here at UWM that we’re committed to protecting and ensuring that the integrity of the systems in place stand firm,” said Brukbacher. “All of us play a role in this endeavor, being educated on what to look for and in best practices for handling sensitive information is the key first step.”

For more information about UWM Information Security, visit the Information Security website.