Cal State Fullerton data security announced that it will transition to a “zero trust” system, as explained by Vice President for Information and Technology Chris Manriquez at Thursday’s Academic Senate meeting.
Manriquez referred to the definition of “zero trust” provided by Crowdstrike, a cybersecurity company, as “a security framework that mandates stringent identity verification for every user and device attempting to access resources, regardless of whether they are inside or outside the organization’s network.”
According to Manriquez, CSUF is secure, and there are no imminent threats to data security or information leaks. However, the transition is to compensate for the rapidly transforming environment regarding data security.
“In this space, we must always be moving to where the puck is moving to, not staying where the puck currently is at,” Manriquez said. “Because of that, there are a number of different things we will continue to work on this campus.”
In the last month, there were reportedly 8.6 million of what Manriquez called “potential threats” targeted at CSUF according to Palo Alto, the campus’s outside firewall.
Looking at user-level security alone, there were 26,000 requested connections that were not fulfilled by the second verification through DuoConnect, resulting in non-connects. Manriquez said this could be for a myriad of reasons including those relating to the “inconvenience” of the campus’ two-factor authentication process, but the high number of unverified connections ultimately still sparks concern.
Manriquez credited two major areas of concern within data security in a higher education setting to the advancement of artificial intelligence in academics and the increasing number of data breaches.
Broader advancements in AI could lead to CSUF’s technology infrastructure potentially being more vulnerable to outside attacks. A specific point of concern is the rising number of phishing attacks, an attempt to gain sensitive personal information by masquerading as a legitimate institution.
Data breaches have been increasing rapidly over the past few years in academic spaces, with five major institutions in the United States being significant victims. The most alarming incident occurred this August, when nearly 900,000 people’s information was stolen from Columbia University’s Information and Technology system.
“These continue to be things that we need to be concerned about both systematically as well as on our campus in particular,” Manriquez said.
October is Cybersecurity Awareness Month at CSUF, encouraging awareness of the growing threats that accompany technology’s advancement.
The division of information and technology is scheduled to offer webinars, luncheons and other events to act as information forums on different aspects throughout the month. Students and faculty can find more information regarding dates, locations and topics on their website.