As a medium-size (6,000 FTE) 2 and 4 year degree-granting institution, Penn College’s IT resources are always stretched to the limit ( not unlike most other higher education IT organizations). We wanted an IT security solution that could work within our current organizational structure, leverage existing staff expertise, not substantially drain our financial resources and yet provide an effective level of cyber-threat protection
IT management recommended the formation of a campus “security team.” Each area of the IT department committed one employee from part of their normal assignments to be part of the security team. Each area also “contributed” a percentage of their normal budget to fund the hardware and software. A senior manager was designated to provide leadership and coordination of this team effort. The team met regularly over an initial 18 month period to brainstorm, expand their knowledgebase, investigate solutions, recommend strategies, develop plans, and implement the initial layer of security infrastructure.
100% VLAN scheme VLANs based on computer/user role: ITS staff, college employees, computer labs, server farm, ResNet, HVAC, security, network equipment Internet style ACLs applied between VLANs to limit access Student lab PCs can’t “see” staff VLAN ResNet PCs can’t “see” staff VLAN Extended today to separate VLANS for point-of-sale stations, HVAC, wireless, dial-up; each with its own ACL