Skip to the content
Link back to Cal State L.A. Home Page
Information Technology Services
Contact us: (323) 343-2600 or email

ITS News


Menu

In this issue...

Message from the VP

A message from the Vice President & CTO, Information Technology Services

ITS Projects Update

New services benefit the campus

Beware of Spyware!

Malware, spyware, and adware: What are they and how to avoid them

ICE

In Case of Emergency
A life saving idea

Better Safe than Sorry

Are your laptops and flash drives secured? Prevent ID Theft by protecting your electronic devices

Campus-wide Email
Etiquette

Some tips to avoid spamming with campus-wide e-mail

ITS Alerts

Be alerted to network and system status, outages, scams, etc.

ITS Advisor

Tips, tricks, and techie tidbits

ITS News is published by Information Technology Services

E-mail suggestions to: itsnews@calstatela.edu

Peter Quan
Vic President and CTO
Information Technology Services

Carol Melton
Editor/Writer

Dennis Kimura Newsletter Design

Image: ITS News Banner Logo

Fall 2005

California State University, Los Angeles

Vice President’s Message

A Message from Peter Quan, Vice President and CTO, Information Technology Services

Image: photo of Peter QuanProvisioning for technology access is a critical baseline requirement in the California State University Integrated Technology Strategy. This includes establishing a minimum standard and ensuring that the campus community has appropriate hardware, software, and network access. This past summer, the Technology Infrastructure Initiative (TII) in support of the network access strategy was completed on this campus. Voice and network outlets, as well as outdated wiring, were replaced with new cabling, outlets, and electronic equipment. Campus users now have a more dependable network and a broader and faster bandwidth.

Greater access to campus and Internet resources provides more teaching and learning opportunities, and changes the way we conduct business, but it comes at a price. Greater access means greater exposure to new cyber risks, such as identity theft, computer viruses, and scams. These are often perpetrated by a criminal element having the time and resources to take advantage of the rest of us. Therefore, the responsibility to protect the valuable campus resources falls on every user.

The Information Technology Services (ITS) division plays an important technical role in identifying, mitigating, and managing these cyber risks. However, it must be emphasized that both information security and assurance are the responsibility of every campus stakeholder. Both protecting personal/confidential information and assuring its integrity pose challenges, which we must meet, both individually and collectively. All users must develop a keen sense of awareness about how their actions can inadvertently cause a computer, network, or system – and all the information on it – to be vulnerable to attack. For example, our campus systems could be severely compromised merely by the introduction onto our network of malicious software through a contaminated file on flash drive. Our best defense is to make information security and assurance integral to the way we work, teach, and learn.

Even sophisticated users can be easy targets for hacker attacks, computer viruses, scams, and identity theft. According to the Federal Trade Commission’s statistics for 2004:

  • California was ranked 3rd nationwide for identity theft victims
  • Los Angeles was ranked 6th nationwide for fraud-related complaints
  • 29 percent of identity theft victims were in the 18-29 year age group [Note: The average age of students at Cal State L.A. is 26.]
  • 53 percent of all fraud complaints were Internet-related

Hackers, scammers, con artists, and thieves use different methods and tools to commit their crimes. Finding the vulnerability is what they have in common. Malicious software can enter through an open, unprotected port and infect a system in less than a minute. An unattended laptop containing personal information can be stolen in a couple seconds. But whether a high or low tech crime, victims may take months or years to recover from it.

To help protect our campus access and resources, as well as their own computers and identity, faculty, staff, and students alike should be familiar with the state and federal laws that affect the University regarding personal and confidential information privacy. Likewise, because the campus is continually under attack from viruses, hacking attempts, and scams, all users need to be vigilant and careful about how they use campus computing resources. Universities have accounted for 28% of the 50 security breaches of personal information recorded in California since 2003. That is more than any other group, including financial institutions (26%). Placing confidential data on ANY workstation, laptop computer, server, e-mail, Outlook™ Public Folder, or printed or electronic medium immediately increases the University’s risk.

User awareness is the strongest defense against cyber risks and information security breaches. Due to proactive collaboration across the campus, Cal State L.A. has successfully met several cyber risk challenges. Without the collective participation and cooperation of all the University divisions, faculty, and staff, the campus could not have achieved as much towards meeting the challenges and mitigating the risks of greater computing access. The following services already have been implemented:

  • A new network security infrastructure (firewalls, virtual private network (VPN), and user registration tools (URT)
  • Triple-level anti-virus protection
  • Anti-spam service
  • Strengthened user access and authentication standards
  • A bandwidth management solution
  • Secure Socket Layer (SSL) encryption to encrypt transit password information
  • Campus Information Security Awareness events, such as:
    • President’s Institutional Alignment Town Hall Meeting
    • Student Welcome Week
    • What Are Strong Passwords? booth
    • Information Security Shorts Film Festival (concentrating on preventing identity theft)
  • Are You Secure? Web site (information security resources, including a security news ticker, tips, and information on viruses, phishing, pharming, spam, hoaxes, and more)
  • ITS Guidelines and Policies web page (user guidelines and applicable laws/regulations)
  • Encryption of GET SA data at rest
  • Encryption of GET SA data in transport

In addition, these new information security measures are underway:

  • Second generation Oracle portal for secure access to all University faculty, staff, and student services
  • Enterprise directory and identity management for secure authorization and authentication to the network and e-mail services

Technology alone is not enough. These technical “defenses” cannot take the place of each user’s attentiveness and cautious behavior. Every campus user is a link in the protective chain around our mission-critical information and resources – and that chain is only as strong as the weakest link. Because information security challenges are evolving and dynamic in nature, our responses to them must be flexible, adaptive, and smart. Increased access requires that every user to be aware, vigilant, and responsible. Above all, we must continue to work together to succeed in preserving our systems’ integrity and delivering on our higher education mission.


Note: Valuable articles to help students, faculty, and staff meet the challenges that lay ahead is posted in The ITS News — read about new projects in progress, laptop security, spyware, In Case of Emergency: ICE, campus-wide e-mail etiquette, techie tidbits, and ITS Alerts. In addition, find information security tips, a security news ticker, and more on the Are You Secure? Web site.

top