Computer Security

For the past several weeks, the Faculty Senate and Information Services have been working on an issue related to computer security. As many of you are aware, maintaining a secure, but flexible computing environment for students, faculty and staff is challenging. Security threats flow through email, software applications, and the web. There are no silver bullets that will protect university systems, and as a campus we must maintain multiple layers of security. It is incumbent upon all of us to work together and keep university information secure.

One of the ways that university information is kept secure is through the timely application of software updates and security patches. Unfortunately, these are taking long periods of time to deploy because computers are left logged in and running for multiple days (sometimes weeks), which prevents software updates/patches from being installed.

Currently, when software updates/patches are deployed timing of installation typically is:

· In 30 days – 54% of campus computers are updated
· In 60 days – 60% of campus computers are updated
· In 90 days – 65% of campus computers are updated

In order to reduce impact to end users yet streamline the installation of software updates and keep systems secure, a campus-wide PC maintenance window for software deployments is being proposed. This will allow updates to be deployed overnight when most computers are not in use. It is recognized that not all computers – especially research lab computers – can have updates/patches installed this way but the vast majority of computers on the campus can.

Faculty Senate and Information Services are asking faculty and staff for their feedback on the proposed options, time and implementation timeline as outlined below. Please view the proposal and let us know your thoughts. To provide feedback on this proposal, please email Carole McArthur (McArthurC@umkc.edu) or myself, Mary Lou Hines Fritts (HinesML@umkc.edu), by Monday, October 6th, 2008.

See the PROPOSAL here