Jun 23, 2020
In this week’s episode, John has a conversation with security engineer Fatema Bannat Wala about the challenges of providing network security in a higher education setting. She has experience working as a security engineer for the University of Delaware and is currently working for Lawrence Berkeley National Lab in the Energy Sciences Network.
Fatema shares how she was drawn to transition from being a software engineer to being a security engineer because of diverse and novel challenges security provides on a daily basis. She explains the forces driving those challenges – universities have a wide variety of data they’d like to protect, a never-ending rapid rotation of users, inconsistent mobile device IPs, and a wide variety of compliance regulations like HIPAA and PCI.
Universities deal with a variety of data. The crown jewels for a university is the data that it is the custodian of, and that data comes from the students. That data may be a student's personal reports. That data may be a student's health records. That data may be payments from credit cards. That data has to be protected.”
She shares security best practices and defense strategies for protecting university assets. She recommends practicing network segmentation in order to prevent a compromise in one causing additional problems in another.
“Centralizing all the logs in one location greatly simplifies a lot of processes. A centralized solution for all the logs lets us correlate them efficiently in real time. It's a great help because now you don't have to go to 50 different systems.”
Fatema provides tips for security engineers that are just getting started. She points to the value of EDUCAUSE, a nonprofit organization that specialized in sharing technology resources and mentorship for higher education users.
Listen to the full podcast and gain a greater appreciation of the many threats faced by security engineers working in education and a few ideas for dealing with them.
Listen to the full podcast and gain a greater appreciation of the many threats faced by security engineers working in higher education and a few ideas for dealing with them.
To hear more security use cases for centralized log management in university settings, join us for a Higher Education Roundtable featuring guests from Brigham Young University, the University of Virginia, and the University of Wisconsin-Madison.