This page contains a Flash digital edition of a book.
W: edtechnology.co.uk | T: @Educ_Technology


HIGHER EDUCATION | INSIGHT | 33


HOW ICT CAN OUTSMART THE INTELLIGENTSIA


Francois Amigorena, CEO of IS Decisions, talks about risks in sharing passwords and how to overcome those smart enough to get around security policies


T


he IT infrastructure is the backbone of every educational institution. From the largest university


boasting over 20,000 undergraduates to the smallest college with a mere 1,000 pupils, accessing the network is as vital a part of student life as fresher’s week. Every day, students up and down


the country log on to upload course work, download reading material and chart their academic progress. And it is not just students that rely on the IT infrastructure. Academic staff including lecturers, PhD students and professors all use the network to store vital research, share tutorial material and review students’ work. So, it is not a surprise that the IT


infrastructure at academic institutions is a complex and multifaceted environment, with far more variation in departments than regular business. As a result, policing this can be


difficult, as can policing smart academic staff who are determined to get around security policies, particularly those in fields with advanced technology skills such as computer science, engineering or media and technology. To manage this, most IT managers and


directors, the majority of whom work in a Windows environment, use Microsoft Active Directory to authenticate and control all users. With Active Directory the IT department can assign and enforce security policies for installing and updating software and most importantly, manage user authentication. The problem is Active Directory is


not a fullproof security solution. Yes, it manages passwords and confirms that the user name matches the password. But it does not stop multiple users from logging on with the same password, at the same time. This means, for example, that a student


who has mislaid their log in details can use their classmate’s password to access the network and the IT department will be none the wiser. While tech-savvy computing or engineering students and staff alike who are a whizz at IT short cuts ,can easily circumvent Active Directory to gain entry to whatever part of the network they want to. Of course, every academic institution


has policies and procedures about not sharing passwords. But what happens in reality is if there is a culture of sharing passwords or your classmate is stuck,


most people will happily hand over their details. They are blissfully unaware that their actions could lead to a major security breach with sensitive and confidential information falling into the wrong hands. The only way to stop users from


sharing passwords is to clamp down on concurrent users. That way, students will think twice about sharing details, as they won’t be able to get on the system if someone else is logged in too. Preventing concurrent logins means a user can only be logged on once from any given device or terminal. By deploying a solution that actively manages concurrent users, universities and colleges can control all user access, permiting or denying logins at a certain time, location or device. Technology, such as UserLock, that


prevents concurrent logins, by physical location and connection time limits, also stops malicious users seamlessly using valid credentials at the same time as their legitimate owners. By only allowing students to be logged on from one device at any one time, users won’t go around sharing their password as they won’t be able to get onto the system when they need it. ET


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66