CaTS | Information Technology

Quarterly Security Reminders: Spring 2020

Hello!
Welcome to the Spring 2020 edition of the Quarterly Security Reminders email, brought to you by Wright State's Chief Information Security Officer. This quarter's newsletter will provide you with information about Wright State's computing environment; hopefully you will find it somewhat interesting!

Recently, I have been thinking about how the Wright State community might view information security as it relates to our efforts here at the University. The information I'm sharing with you today is generated by a trusted third party that reports on how our computing environment looks, as viewed from outside Wright State's network.

The first item I'm passing on is a report which compares our rate of Botnet Infection against the Education Industry Average. As the report below indicates, in the past year we have had 3 computers that were infected with some type of botnet. A botnet is a number of internet-connected devices, each of which is running one or more bots. Botnets can be used to perform distributed denial-of-service attack, steal data, send spam, and allows the attacker to access the device and its connection. On average it took us 1 day to respond to the infection and remediate the issue, which is 61.5% faster than the average for higher education. The number of infections for higher education in the last year is 368, over 1 infection a day.

This may sound like I'm patting CaTS on the back, but actually this is an acknowledgment of the WSU community. Faculty and staff generally do a good job of reporting problems very quickly, so if the antivirus software and the other security systems don't detect a problem the faculty and staff do. The third party company gave us a grade of B.

Botnet Infections
Grade: B

Wright State University
In the top 20% of all companies

  • 0 - This Week
  • 3 - Past Year
  • 1 - Average Duration

Education Industry Averages 

  • 3 - This Week
  • 368 - Past Year
  • 2.6 - Average Duration

61.5% faster to resolve events than the Education industry average.

Just in case we're all getting too self-assured about our computing habits and how well we are doing, there's another area where our score isn't so great. This deals with unwanted programs that get installed on our computers that might pose a threat due to the nature of the program. The programs are not necessarily malicious but they collect lots of information about the user's browsing habits and often are not written very well. Nearly all of these programs are add-on toolbars for browsers such as Internet Explorer, Edge, Chrome, and Firefox.

As you can see below, our grade isn't great even though the number of events compared to the industry average is lower, as we take longer to remove the software. This may be due to people not realizing the software might be a problem, which is why it is important for us to provide you with security updates.

What can we do about this? If you see an unexpected tool bar show up in y our browser of choice, I strongly suggest it be uninstalled.

Potentially Exploited
Grade: D

Wright State University
In the bottom 30% of all companies

  • 2 - This Week
  • 187 - Past Year
  • 4.6 - Average Duration

Education Industry Averages

  • 8 - This Week
  • 963 - Past Year
  • 2 - Average Duration

130% slower to resolve events than the Education industry average.

Overall, I believe Wright State members do a good job of alerting CaTS to security threats that they encounter. If you ever have questions about IT security, you can always visit the IT security website, or contact the CaTS Help Desk at (937) 775-4827, or email helpdesk@wright.edu