In this interview he talks about his job, the biggest challenges and threats his team faces, exchanging knowledge, and more.
You are the director of network services and Internet security officer at Queens College. How long have you held that position? Tell me a bit about your team, your responsibilities, and the peculiarities of your job.
I’ve held the position of director of Network Services and Internet Security at Queens College for the past 10 years. As far as my team goes, I manage the Network Infrastructure team, which currently consists of two people; the telephone services team, which currently consists of five full-time and five part-time staff; and the Server Administration team, which is four full-time and one part-time staff.
In addition, I utilize engineers from both my server and infrastructure groups to maintain our security appliances and assist me with investigations. Currently, we do not have a dedicated security team. However, I am looking to bring on a full-time security engineer, as we are really outgrowing our ad hoc approach to managing our security resources and applications.
In regards to the peculiarities of my job, there are a few specific things that really set us apart from a security team at, say, a large corporation. It really revolves around academic freedom. By this, I mean freedom for our researchers and students conducting research who are looking at things that they wouldn’t be able to in a corporate environment. For example, perhaps someone needs to look at pornography for a course in Human Sexuality or one person is doing research on computer hacking. The former could result in potential situations including a hostile environment lawsuit, while the latter could expose our sensitive IT resources to breach. Of course, that particular type of research would be isolated on a separate network, so researchers could safely visit sites that pose known threats to IT resources and sensitive data by exposing us to different types of malware and cyberthreats.
What are the biggest challenges and threats you and your team currently face, and what have you done about them?
At the top of our list is the phishing attack. These attacks are ever-evolving and constantly target our faculty and staff. To address this problem, we hold a range of IT security classes that cover topics such as phishing, and more importantly, how to detect phishing emails. We also send out regular correspondence about phishing and how to avoid them compromising our networks and data.
Another key challenge are the credential compromises by botnet. Zero-day malware is being used to join computers to botnets and then steal users’ credentials. This has recently become a common problem. However, by deploying a combination of FireEye and ForeScout network security solutions, we’ve been able to prevent our computers from calling home to the botnet command and control servers.
Finally, a further challenge we are currently addressing is students and staff using their personal or college endpoints outside of the network. We are looking into an effective solution for this.