Making Campus More Secure

Ensuring our campus feels safe and secure is essential for the overall wellness of our community, data, and organization. Our layered security approach addresses the individual security needs of our network, systems, devices, and users. Introducing annual penetration testing allows us to identify potential weaknesses in our security measures and has allowed us to address those concerns before a cybersecurity attack. Creating standards and procedures in conducting comprehensive third-party vendor reviews has ensured that Trinity’s security team vetted the tools we have in place. The establishment of a PCI Compliance Initiative team between the information security team and accounting services team keeps the campus accountable and in compliance with Payment Card Industry Data Security Standards (PCI-DSS) and related college policies and procedures.

Monitoring new technology will be essential to keep ahead of the ever-changing cyber threat landscape so we can remain agile to quickly and proactively respond to change. There are several technology areas where upgrades and new capabilities will improve the visibility and management of vulnerabilities and threats. Implementing a security operations center as a service provides our community with multiple benefits, including continuous network monitoring, centralized visibility, reduced cybersecurity costs, and better collaboration. To identify automated methods to identify inappropriate data movement for efforts to implement a data loss prevention strategy and investigate the need to investigate \ capability needs will expand into Fall 2022/2023.

Further network investments will be a crucial component of our security program. The age of fiber presents opportunities to reevaluate our strategy and research, invest, and implement leading-edge technologies needed to keep our network safe and secure. The current implementation of expanding and upgrading our wireless network will make the security and reliability of our network available to Trinity users in those locations.

Trinity College

Involving our Community

Educating our campus about potential security vulnerabilities has been a priority. Participation in the October National Cybersecurity Month has provided a fun and hands-on opportunity to share information and steps our campus can take to protect itself. Implementing KnowBe4, a platform for security awareness and training, will be another engaging tool for educating our campus. We can respond quickly and efficiently to potential incidents or threats with an established and enforced endpoint management policy and frequent reviews of accessibility, access, and hardware. This policy includes exchanging faculty and staff computing devices every five years to keep up with changing security and compatibility requirements. It also ensures faculty and staff have a reliable and high-performing computer to conduct their work.

Goals to expand the usage of the KnowBe4 platform to reach the student population are underway. With a focus on increasing awareness, we will expand our cybersecurity training and social media presence, particularly addressing our student population. We need to develop short, impactful methods to educate our students on how they can protect themselves and their data from aggressive and dangerous cybersecurity attacks and phishing scams.

Expanding reviews of our third-party partnerships will ensure we have the best tools to mitigate risk in response to rising cyber-attacks. Embedding security and accessibility reviews with procurement workflows will be a new strategy to minimize risks associated with acquiring new technologies.

The Cornelia Center, Trinity College