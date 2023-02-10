MATT RESNICK
A comprehensive overview of Neosho County Community College’s Internet Technology department was among the agenda items discussed during the Board of Trustees monthly meeting Thursday evening.
Delivering a lengthy PowerPoint presentation, IT Director Sudhir “Sunny” Kamath told trustees that a cybersecurity attack was only a matter of time.
“It’s not if, but when,” he said.
Kamath added that cybersecurity remains his department’s top priority.
“We continue to work on that; it’s an ongoing battle,” he said. “Everybody faces a cybersecurity (attack) and we’re trying to be as well-prepared as we can when it happens.”
The school absorbed three large-scale incidents in 2022, Kamath said, calling that number “relatively low.”
“It was mostly from people clicking on stuff they shouldn’t have been clicking on,” he said, without further specifying.
Kamath added that hackers are adept at remaining a step ahead of the posse.
“Hackers are getting better with each passing day,” he said. “The threats are constantly evolving and we try to make adjustments as needed.”
Kamath explained that his department brings in a third-party auditor on an annual basis to assess the vulnerability of the school’s hardware and software networks.
“The auditor is someone that basically comes in and tries to hack us,” he said, describing what is known as a “white hat” or ethical hacker.
The school’s network received a fairly clean bill of health last year, according to Kamath.
“Of the 18 things they tested us on, we were found to be pretty strong on 16,” he said. “A different hacker is coming in (March) and is doing the same test for us, and I’m optimistic that we will do well.”
Kamath outlined several major cybersecurity incidents that have transpired over the past year. In August, the school’s exchange-mail server crashed due to a bad hard drive, preventing users from sending or receiving emails for three days. In December, the Ottawa campus reported a power failure caused by data corruption, which lasted for nearly 24 hours. In January, the network’s main firewall device failed, leaving the Chanute campus without internet.
Kamath added that changes to the school’s email server via Multi-Factor Authentication (MFA) should add an extra layer of protection. Also known as the “zero trust — trust no one” model, MFA is a shift of network defenses toward a more comprehensive IT security model that allows organizations to restrict access controls to networks, applications, and environment without sacrificing performance and user experience.
“Back in the day, you had well-defined networks. Now, things are starting to run a little blended and less defined,” Kamath explained.
“So we’re adopting a zero trust model and asking people to authenticate, so we can verify it’s who they say they are. The same as logging into a computer, every user has to authenticate with the two-factor (system).”
Kamath said that the biggest hurdle is syncing up MFA with cloud-based emails. The reasoning is that it’s a delivery and storage method hosted by an outside provider, allowing organizations to securely send, receive, and store emails. With cloud-based email accounts, users typically utilize an app on their smartphone, a passcode generator, a text message, or a voicemail — with the authentication process providing a far superior experience, according to Kamath.
“We finally figured out a workaround for that,” he said. “In the last 180 days, we’ve had 211,000 authenticated emails. So that’s pretty impressive and adds an extra layer of security for our users.”
Loosely affiliated with hacking, Kamath also touched on phishing. This is the method of sending emails or other messages disguised as a reputable sources for the purposes of inducing individuals to reveal personal information. This often includes passwords and credit card numbers.
Kamath said that each user of the school’s network is required to take a 90-minute security awareness training test, with the school’s overall risk score checking in at 21.8 percent.
“That’s pretty average for an organization of our size,” Kamath said, adding that the school’s failure-rate was better than average.
Kamath also noted that the campus has increased its overall bandwidth, extending it to the residence hall’s network equipment and closets.
“Netflix and YouTube take up a lot of bandwidth at the campus,” he said. “I think that’s the way it’s going to be, and all we can do is make sure we provide the bandwidth and help the kids.”
Kamath also provided an overview of the IT department help desk, noting that a new and more user-friendly ticketing system was tested on a trial-basis in June and then implemented shortly after. The new system helps to more eficiently track incoming trouble-ticket requests. From June to late January, approximately 1,900 tickets (or incidents) were created, with an average response time of nine hours.
“There is a lot of tracking going on. We live in a data-driven world,” Kamath said.
IT department goals as laid out by Kamath are to continue a proactive and data-driven approach to the help desk — and to continue to work with industry partners on cybersecurity to protect employee and student data.
Kamath is also aiming to consolidate the school’s phone systems and upgrade the core network infrastructure, which includes wireless access points in the residence hall. “That’s going to be a pretty significant undertaking in the residence halls over the summer,” he said.
