Cybersecurity is an important priority at BU, and the University is making a significant investment in new network perimeter firewall technology that will help keep our campus safe.
What will this technology do?
Most of the BU network is currently relatively open. Consistent with the practices of many peer institutions, the new perimeter firewall will allow us to proactively protect our computer networks. The firewall will not only scan for malicious software known as malware as it attempts to enter our network, but actually prevent it from entering. Following careful review and with an exception process for special situations, it will also prevent computers on the BU network from visiting known malicious websites, such as the sites commonly linked to phishing messages. The result is a more secure work, research, and study environment for our community.
Why Now?
We are deploying these technologies in response to increasing cybersecurity risk. Among the top reasons the risk is increasing are:
- Increased visibility. As BU rises in prominence, such as higher
rankings and increasingly distinguished research, we become a more attractive target for cyber criminals and even state-sponsored attackers. - Increased volume and sophistication of attacks in general. Cyber attackers are increasingly skilled and well-resourced, and turning toward higher education more frequently. The non-profit Open Security Foundation reports that 35 percent of all breaches take place in higher education.
What does this mean for me?
When you connect to the BU network, your devices and data will be better protected, the BU services you use will be more likely to be up and accessible, and the data you entrust to the University will be more secure. No action is required on your part, unless you have special needs to bypass these security measures. We will be working closely with faculty representatives and support staff to address, proactively and reactively, any issues that arise in which the firewall adversely affects teaching, research, or service.
What does this mean for my privacy?
There is little change to the privacy you can expect when using BU network resources. The new firewall will inspect data as it enters and leaves the campus network. The inspection is automated; Information Services & Technology staff will only analyze data to investigate an active cyberattack or to troubleshoot issues at a client’s request. BU Information Security policies and procedures are governed by the Information Security and Business Continuity Governance committee, which includes representatives from across the university, including faculty.
When will this all take place?
The border protection project will be implemented in a series of phases. The first of the phases will begin shortly after Commencement with monitoring only. In this phase we will gain visibility into the activity on our network and examine the impact of firewall and intrusion prevention policies without taking any action that would prevent any usage.
The second phase will start in early June. This phase will involve the deployment of Intrusion Prevention and Firewall policies enabling us to differentiate legitimate from illegitimate traffic (using threat intelligence built into the solution) and prevent the latter from gaining access into the network.
The third phase will begin in early July. This phase will introduce features that will prevent malware from passing through our network. Malware is software that is intended to damage or disable computers and computer systems. Again, we will be using threat intelligence built into the technology.
The fourth and final phase will begin in late July. This is when we will actively prevent access to Internet servers and websites known to contain malware or which are known to be participating in phishing schemes.
This project is scheduled to complete in mid-August, ahead of the fall 2016 semester.