Ariel Silverstone has 55,000 people who rely on him to keep Temple University’s networks running. But unlike the corporate world where security policies can be controlled with an iron fist, Silverstone has to create a functional and secure environment in the relatively amorphous world of academia, where absolute rules are difficult to mandate and diversity of technology is the norm.
But one way the Philadelphia-based chief information security officer decided to lay down the law was to have ubiquitous antivirus adoption. And it has paid off in spades. While up in Toronto recently speaking at the third annual Canadian Forum on IT security and Governance, Silverstone had an emergency call from his tech people about the 120,000 copies of the Bagle and Mydoom (latest versions) blended threats that hit the university’s systems.
The near total antivirus adoption did its work. “Zero machines at Temple” were infected, he said. In fact the only machine related to the university that did get hit (exactly one, he said) was one that came in from someone’s home. Today 99.9 per cent of the computers on Temple’s network have Symantec Corp. antivirus installed and running.
But Silverstone admitted it wasn’t always this way. The events of last year led them to focus on creating a university-wide antivirus plan. The day after Microsoft Corp. released a security bulletin for a Windows RPC vulnerability, Silverstone and his team sent out 55,000 e-mails to ask people to make sure their copies of Windows were updated. At that point (July 17, 2003) Temple had only 2,000 of 14,000 networked PCs updated with Symantec’s a antivirus solution.
On August 12 Blaster hit the Temple University network. “With