• Print
  • Reprint or License
  • Share Share

UNC tells campus users to keep watch over computers

By Eric Ferreri
eric.ferreri@newsobserver.com
Posted: Thursday, Oct. 08, 2009

CHAPEL HILL In a never-ending battle against hackers, the head of information technology at UNC Chapel Hill has a message for campus workers: Take ownership of your computer.

That's a core theme of a new policy Vice Chancellor Larry Conrad is trumpeting on a campus where 80,000 computers and other electronic devices tap into the campus network.

While it won't solve all of UNC's network security problems, Conrad points to one piece of his proposed policy as an example of its larger philosophy: Employees with computers must keep their virus software and security patches up to date, just as they would for their personal computers.

"The practical reality is that information security is an afterthought for a lot of people," Conrad said. "It gets in the way. But it's a risk-management issue."

Many workers may simply not know they're expected to keep such security updates current, so part of Conrad's new initiative is a campaign to educate workers.

Conrad will discuss his new proposal with faculty this week. It was being developed before the recent discovery of a security breach at UNC's medical school that may have exposed research data related to 160,000 participants in a mammography databank, including 114,000 social security numbers.

Conrad wants clear, easy-to-read security guidelines that employees can understand, because on a campus as large as UNC, the technology office cannot be the sole security cop, he said.

"The magnitude of the problem for a large research university really is quite substantial," he said. "For any one system, it's not rocket science, but the sheer volume, how do you get to them all?"

Universities are constantly dealing with hackers. Conrad said the university staved off 27 million attacks last year alone but concedes that there are breaches occasionally. The medical school incident is believed to have originated in Ukraine, a part of the world where such attacks are common.

"There's a whole set of countries where [hackers] operate with impunity," he said. "There's no way to get at them."

The medical school intrusion was detected in July but may have occurred as far back as 2007. A hacker got into the Carolina Mammography Registry, a 14-year-old UNCmedical research project that stores and analyzes mammogram information submitted by radiologists across the state.

Conrad said he doesn't believe the medical school hacker stole any research data.

Hide Comments

This affects comments on all stories.

Cancel OK

The Charlotte Observer welcomes your comments on news of the day. The more voices engaged in conversation, the better for us all, but do keep it civil. Please refrain from profanity, obscenity, spam, name-calling or attacking others for their views.   Read more

Disclaimer

The Charlotte Observer is pleased to be able to offer its users the opportunity to make comments and hold conversations online. However, the interactive nature of the internet makes it impracticable for our staff to monitor each and every posting.

Since charlotteobserver.com does not control user submitted statements, we cannot promise that readers will not occasionally find offensive or inaccurate comments posted on our website. In addition, we remind anyone interested in making an online comment that responsibility for statements posted lies with the person submitting the comment, not The Charlotte Observer.

If you find a comment offensive, clicking on the exclamation icon will flag the comment for review by the administrators, we are counting on the good judgment of all our readers to help us.

Recent Blogs

Lottery

Most Viewed