Every month, UNC’s network security devices stop approximately 30 million attempted connections from Internet sites that are known to be bad or that contain code intended to compromise UNC systems. Every month on average University network firewalls deny more than 375 million attempts to connect to University computers. And those numbers continue to grow.
UNC’s Information Security Office (ISO), a division of Information Technology Services (ITS), takes on the responsibility of thwarting the attacks. The ISO provides a secure computing environment by ensuring the confidentiality, integrity and availability of information needed to support the University’s mission.
October is National Cyber Security Awareness Month (NCSAM), a public awareness campaign to encourage everyone to protect their computers and the nation’s cyber infrastructure. It’s a time to reflect on what has been accomplished in keeping us safe and secure online, and what we need to achieve in the months and years ahead.
Throughout October, ISO hopes to raise online safety awareness among UNC-Chapel Hill faculty, staff and students and reinforce simple measures everyone should take to be safer and more secure online. Individuals on campus share the responsibility to secure the part of cyber space and networks he or she uses. Individual actions have a collective impact on cyber security. Look for these communications and activities focused on cyber security including:
- Safety tips from how to secure mobile devices to avoiding being a victim of identity theft
- A series of emails to faculty, staff, and students on personal cyber security topics
- Live events in the Pit
- A Cyber Security Town Hall
- A student competition to develop the best public service video based on the motto “STOP. THINK. CONNECT.” The student who submits the best video will be awarded a prize.
Confidentiality, Integrity and Availability of Information
What does “the confidentiality, integrity and availability of information” mean? Think about the grade a student receives for a course. Who should be able to see that grade?
- Confidentiality: The student can be expected to know it, as well as the professor who gave the grade (the Registrar’s office would have access as well). But outside a small group of authorized individuals, the information is not public; it is private and is meant to be kept confidential.
- Integrity: What about the integrity of the information? The student should have a reasonable expectation that the “B” earned in a course hasn’t changed to a “C” (or worse!) when she applies for graduate school. Academic institutions have similar concerns: they want to be assured that the grades on the transcripts submitted to them haven’t been changed and that those grades are in fact the grades the student has earned.
- Availability: Suppose an exciting job prospect offered itself, and the student needed to obtain an additional copy of her transcript. UNC wants to insure that the student’s information is available to when she needs it.
ISO has as its mission to ensure the confidentiality, integrity and availability of the University’s sensitive information. The numbers cited at the beginning of this article help illustrate the daunting nature of the challenge we face.
Published October 1, 2013.