Making Campus More Secure

Ensuring our campus feels safe and secure is essential for the overall wellness of our community, our data, and our organization as a whole. Our layered security approach addresses the individual security needs of our network, our systems, devices, and users. Introducing annual penetration testing allows us to identify potential weaknesses in our security measures and has given us the opportunity to address those concerns before a cybersecurity attack. Creating standards and procedures in conducting comprehensive third-party vendor reviews has ensured that the tools we have in place were vetted by Trinity’s security team. The establishment of a PCI Compliance Initiative team between the information security team and accounting keeps the campus accountable and in compliance with Payment Card Industry Data Security Standards (PCI-DSS) and related college policies and procedures.

Monitoring new technology will be essential to keep ahead of the ever-changing cyber threat landscape so we can remain agile to quickly and proactively respond to change. There are several technology areas where upgrades and the addition of new capabilities will improve visibility and management of vulnerabilities and threats. The implementation of a security operations center as a service provides our community with multiple benefits, including continuous network monitoring, centralized visibility, reduced cybersecurity costs, and better collaboration. Identifying automated methods to identify inappropriate data movement for efforts in implementing a data loss prevention strategy, and investigating \ capability needs will expand into Fall 2022/2023.

Further network investments will be a key component of our security program. The age of fiber presents opportunities to reevaluate our strategy and research, invest, and implement leading-edge technologies needed to keep our network safe and secure. The current implementation of expanding and upgrading our wireless network will make the security and reliability of our network available to Trinity users in those locations.

Trinity College

Involving our Community

Educating our campus about potential security vulnerabilities has been a priority. Participation in the October National Cybersecurity Month has provided a fun and hands-on opportunity to share information and steps that our campus can take to protect itself. The implementation of KnowBe4, a platform for security awareness and training, will prove to be another engaging tool for educating our campus.With an established and enforced endpoint management policy and frequent reviews of accessibility, access, and hardware, we can respond quickly and efficiently to potential incidents or threats. This policy includes exchanging faculty and staff computing devices every five years to keep up with changing security and compatibility requirements. It also ensures faculty and staff have a reliable and high-performing computer to conduct their work.

CrashPlan and Microsoft OneDrive Backup, are our automated online backup solutions for data stored on faculty and staff Trinity-issued computers. CrashPlan’s recent migration to the cloud has improved the user experience, provided redundancies to prevent data loss, and decreased our data center footprint.

With a focus on increasing awareness, we will expand our cybersecurity training and social media presence, particularly addressing our student population. We need to develop short, impactful methods to educate our students on how they can protect themselves and their data from aggressive and dangerous cybersecurity attacks and phishing scams. Goals to expand the usage of the KnowBe4 platform to reach the student population are underway.

In response to rising cyber-attacks, expanding reviews of our third-party partnerships will ensure we have the best tools in place to mitigate risk. Embedding security and accessibility reviews with procurement workflows will be a new strategy to minimize risks associated with acquiring new technologies.

The Cornelia Center, Trinity College