Skip to Navigation
University of Pittsburgh
Print This Page Print this pages

April 27, 2017

Technology Corner

tech corner

A layered approach to security

A strategic priority for information technology at Pitt is to protect our technology resources, University data and the privacy of your personal information from cyber threats. That challenge becomes increasingly difficult as new threats emerge and existing ones evolve.

No single technology or process is sufficient to secure the University’s environment, so we employ a defense-in-depth strategy that utilizes numerous layers of security controls. A threat that manages to circumvent one control is likely to be thwarted by a control in another layer. The defense-in-depth strategy relies on multiple defensive mechanisms, at multiple layers, performing different tasks.

Some of these security layers are defenses that you see and use every day, while others operate behind the scenes. But every layer works together to help protect you and the University. The protections listed here represent some of the University’s most important defenses against cyber threats.

Building better firewalls
Network firewalls are the University’s first line of defense and provide the greatest level of protection from attacks originating on the internet. More than 53,000 network ports across all five campuses are secured behind enterprise network firewalls.

We recently implemented a new self-service tool that provides greater visibility into departmental firewall rules used to manage inbound and outbound network traffic. Using this tool, departments can view their existing firewall rules and submit requests to add, modify or remove firewall rules as needed.

In addition to network firewalls, our web application firewall is available to actively monitor hosted web applications and help protect them from potentially harmful internet traffic. It can identify patterns of potentially suspicious activity and either log the event and alert us or immediately block the traffic. A log correlation and analysis tool enables us to analyze risks, predict threats and refine the parameters we use to monitor network traffic.

Protecting a high-value target: Your account
Compromised accounts are the single biggest threat to the security of the University’s information technology infrastructure. The safeguards that have been put in place to protect your account are some of the University’s most visible security defenses.

Password requirements ensure that you select a strong password for your account (by combining letters, numbers and special characters) and that you change your password at least once every 180 days.

Pitt Passport, the University’s single-sign-on service, provides a consistent, trusted login experience across University services. You can verify the authenticity of the Pitt Passport login page by making sure the URL in your browser begins with https://passport.pitt.edu. Pitt Passport already protects a broad array of University services, and we continue to add it to more services on a regular basis.

Multifactor authentication adds an important layer of security to Pitt Passport. Multifactor authentication was added in March to all faculty and staff services that leverage Pitt Passport, and on May 14 it will be added to almost all remaining accounts that use Pitt Passport, including student accounts, resource accounts, sponsored accounts, emeritus faculty and visiting faculty.

Around-the-clock security monitoring
The University’s Network Operations Center (NOC) is at the heart of our security monitoring efforts. The NOC monitors critical University business and academic systems 24 hours a day, every day of the year. The NOC enables us to monitor specific areas of the network for anomalous network traffic, view attempts to breach the network and identify high levels of network traffic coming from a single destination. Tools at the NOC also enable us to proactively detect and remediate attacks on our residential network.

We employ a number of advanced detection and prevention tools, and are constantly adding to our monitoring capabilities. For example, all of our enterprise systems are monitored for multiple failed login attempts that could indicate an attempt to compromise an account. The NOC receives an alert when suspicious activity is detected, and our security team follows up and investigates.

The most important security control
We have put in place and are constantly improving a robust array of security measures and centralized security controls to protect the University’s network and its data.

But we need the most important factor: you. Technology can only take us so far. Your security awareness and continual vigilance are paramount when it comes to securing University data and protecting your privacy.

Remember the following steps you can take to help stay secure:

• Don’t reply to unsolicited emails and avoid clicking on links contained in such emails. If you receive an email that you suspect might be a scam, report it to phish@pitt.edu. If you do fall victim to a phishing scam (it can happen to anyone), please report it to helpdesk@pitt.edu.

• Download Identity Finder from software.pitt.edu and use it to find and remove sensitive information stored on your computer.

Small steps like these can help make a big difference. Together, we can make computing at Pitt safer for everyone.

Visit technology.pitt.edu to learn more about common security threats and how you can avoid them.

Brian Pasquini is assistant director for information security in CSSD, helping to engineer security solutions that protect the University.


Leave a Reply