By Bill Steele
How to spread the word about computer security while being "non-obstructive" and "non-disruptive" is the challenge facing Steve Schuster, who took office in the spring as the new director of information technology security in Cornell's Office of Information Technologies.
Sure, everyone knows that Cornell's computers and networks must be protected from intrusion and abuse, but, "Viewing across the campus, I find a very dedicated staff of resident experts, but I don't see a consistent security message with procedures and practices," Schuster explained. The challenge, he said, is to make network administrators, executives and end users aware of the problems and keep them informed about what to do.
Most computer security problems arise because someone has discovered a weakness in popular software that enables an intruder to break in, or allows a virus to take hold. Security experts usually know about these weaknesses as soon as the intruders do, but network administrators and end users must install "patches" or upgrades on their own computers. When the fixes aren't installed, viruses may be the least of the problems. Human intruders can cause malicious damage or use compromised computers as jumping-off places from which to attack still other computers. A popular reason for breaking in these days is to "borrow" disk space on large systems to store pirated software, music or movie files.
University computer systems are among the most-often attacked because they often are the most neglected. It doesn't help, Schuster added, that there is a large population of student users, not all of whom are familiar with the pitfalls. He is working to incorporate more security information into the Travelers of the Electronic Highway workshop, which all new students attend during Orientation, and updating the "Computing at Cornell" circular that's periodically distributed to students, faculty and staff. He is developing a security Web server where administrators can find the latest patches and anti-virus updates, along with a list of best practices.
Although his job includes a lot of public relations and politics, Schuster also is taking an active role at the technical level. He has a staff of two senior security engineers, Dan Adinolfi and Mark Scannapieco, who will serve several functions, including protection of the Cornell infrastructure and resources as a whole, developing capabilities to increase the university's security posture and as technical consultants to departments needing specific assistance. In times of trouble, both help to distribute patches, repair infected systems and do "forensics" -- i.e., finding out what caused a problem. An ongoing project is monitoring the university's "edge routers," which connect the campus network to the rest of the Internet. Would-be intruders scan Cornell's computers for possible openings hundreds of times a day, Schuster reports. He's doing his own scanning to find vulnerabilities and warn administrators.
Most recently, Schuster was division manager of the Center for Cyberdefense at AT&T Labs, where his work included security monitoring and incident response, intrusion detection systems, secure architecture development and security auditing both for internal AT&T systems and for the federal government. Previously he worked with the National Security Agency (NSA) and the Office of Naval Research. Further back, he served nine years in the U.S. Air Force as a Russian linguist.
He has a bachelor's degree in computer science from the University of Maryland and is working on a master's degree in computer science at John Hopkins University.
Read about how CIT has been responding to threats to campus computers and networks.
| Cornell Chronicle Front Page | | Table of Contents | | Cornell News Service Home Page |