TTT logo

Line

NEWSLETTER: Vol. 5, No. 5, February 15, 2000

Patrolling the Information Superhighway: UW-Madison's BadgIRT

by Jennifer Smith

With the explosion of microcomputer use in the 90s and the growing importance of technology in higher education, university computer networks have become, of necessity, increasingly large and complex. Take UW-Madison, for example. Madison's network encompasses literally tens of thousands of student, faculty, and staff users. As with any big, complex system -- computer or otherwise -- things can go wrong, and resources can be misused. So who takes care of the problem when such things happen? At Madison, that task falls to BadgIRT (IRT stands for Incident Response Team), created in the fall of 1999.

A department of the Division of Information Technology, BadgIRT has two regular staff members, Kim Buzan and Jeffrey Savoy. Both hold the CISSP credential (Certified Information Systems Security Professional). Buzan and Savoy work with a group of ten volunteers from various UW-Madison departments. BadgIRT's central mission is providing "reactive and proactive services," according to the group's website. This means not only tracking and responding to incidents as they occur, but also analyzing computer security trends. One of BadgIRT's most recent accomplishments is gaining membership in FIRST -- Forum of Incident Response and Security Teams -- a prestigious international group dedicated to computer security.

Typical problems handled by BadgIRT include spam e-mail, forged or harassing e-mail, unauthorized users accessing Madison computing resources, and copyright infringement (such as students passing along copyrighted MP3 files). Hacking presents a more dangerous challenge. Student, faculty, and staff users may report any incident to BadgIRT that they feel is a violation of UW-Madison's appropriate use guidelines or an information security issue. Often, BadgIRT investigates reports and then forwards the information to other entities, such as Administrative and Legal Services (for copyright issues), the Dean of Students Office, university police, and local police.

Coordinators Savoy and Buzan stressed that the higher education setting is an especially challenging one in which to manage security. The very mission of the university requires the free flow of information and sophisticated computing capabilities. However, this free flow also widens the possibility of misuse. For example, sometimes instructors allow their family members at home to log on and use the Web using their UW accounts. While this may seem innocuous, use of computer resources is provided only to the individual with the university affiliation, and then primarily for university purposes, allowing for some incidental personal use. Savoy emphasized that trouble can be avoided very simply; if a user wants to run a commercial Web page or let family members surf the Net, that user should just sign up with a commercial Internet service provider (ISP).

Buzan and Savoy did say, however, that the vast majority of UW-Madison users do meet the appropriate use guidelines. When asked for suggestions on how users can protect themselves, the coordinators mentioned purchasing virus protection software -- and updating it regularly. They also said users should pay attention to who is using their computers, what they are storing on their computers, and where their software comes from. Both stressed avoiding "untrusted" software -- things not shrink-wrapped or programs downloaded from unreliable websites. Buzan mentioned password-protecting files and turning off one's Internet connection when it is not needed. The team also mentioned that those using commercial Internet services should request security suggestions from their ISP's.

Although BadgIRT, as a part of UW-Madison, does not formally provide services to any other UW campus, they do engage in some information sharing and are willing to help others as much as their workload and staffing allow. Questions may be directed to security@wisc.edu. The group also maintains an excellent website with useful links to more information about security issues, including books and listserves.

For more information about BadgIRT, contact Kim Buzan or Jeff Savoy.

Return to TTT home page