Meet the Patriots Behind Mason Security

Before Covid-19 completely changed life as we knew it, if you happened to pass by Aquia 202 and heard the sound of an intense Ping-Pong game, you’d know that you found the Information Technology Security Office (ITSO). Branding themselves as the best Ping-Pong players at Mason, ITSO is comprised of five analysts and three engineers whose mission is to enable and protect business at Mason. The team supports their own systems, does their own engineering, and works on project tasks. A majority of operational tasks for ITSO include conducting risk assessments, monitoring security compliance, identifying threats and vulnerabilities, and providing security insight for ITS projects ranging from Two-Factor Authentication (2FA) to Banner. Ultimately, they allow everyone at Mason to do their jobs without ever worrying about staying cyber safe.

Even before COVID-19, there was a multitude of unique challenges to securing a university that houses upwards of 50,000 people—similar to safeguarding a small city—and there was an expectation that all Mason data and people were physically on campus and protected. Now, key parts of data are distributed all over Virginia, while Mason faculty and staff use their computers from home. Of course, ITSO had previously monitored remote access on a smaller scale, with about 500 people logging into the Mason Network via the VPN a day. However, since the online transition in March, nearly 2,000 people use the VPN daily.

With employees scattered across the state, the question quickly became: How do you protect something where you physically don’t expect it to be?

In response, ITS and ITSO deployed new technologies that allow people to access Mason’s resources safely wherever located. First, ITS switched from using Endpoint Protection Tool to Microsoft Defender Advanced Threat Protection (ATP) across all Mason-owned systems. In turn, this created an enhanced level of protection as ATP leverages artificial intelligence to automatically investigate alerts and remediate complex threats. Additionally, ITSO adopted Cisco Umbrella, a cloud-based tool that protects Mason users by blocking them from visiting websites that threaten or compromise Mason’s technology resources or defraud users. Umbrella covers all Mason-owned machines and anyone connected to the VPN, actively trapping for possible phishing and malware attacks.

To put it simply, ITSO works tirelessly to keep Mason protected the way it needs to be for business to run efficiently and effectively. To celebrate and showcase the importance of the work they do, ITS observes National Cybersecurity Awareness Month (NCSAM) every October. To honor NCSAM this year, Ali Golkar, Brendan Nary, and Tony Houdek from the ITSO Analyst team offered their very own top 10 tips for home and personal device safety. Here are some ways you can stay cyber secure while working remotely:

  1. Everything should have a password. Don’t reuse passwords on multiple accounts or websites. This makes it easier for cybercriminals to access your accounts if you’ve duplicated them. To help keep track, use a password manager.
  2. When creating a password, make a long and unique passphrase. It will be easier to remember and harder for a hacker to crack.
  3. If an online service provides 2FA, use it! 2FA provides another layer of protection for financial transactions, email, and social apps. Use 2FA whenever you can!
  4. Keep your devices (phones, laptops, tablets, etc.) up to date and actively check for updates on everything. The upgrades do not always have exciting new features, but they often are meant to fix bugs and vulnerabilities that hackers could exploit.
  5. Be careful about what links you click on and avoid visiting unknown websites or downloading software from an unidentified source. Malware, ransomware, and viruses are often hidden in links. If it’s too good to be true, it unfortunately probably is.
  6. Back up your data – all the things you couldn’t live without. Use an external hard drive, network-attached storage device, or the built-in cloud on your device.
  7. Enable encryption where you can on your devices (Apple or Microsoft)! If your device gets stolen, criminals won’t be able to access your data without a key or password.
  8. Public Wi-Fi in airports and coffee shops should be treated as open networks. Before logging on, be aware that you are exposed and using an untrusted connection.
  9. Never leave your devices unattended. If you do, be sure to use a passcode and lock them before you walk away.
  10. When making transactions online, use a credit card, not a debit card. Debit cards are your money; credit cards are the banks’ money. Virtual credit cards and payment services such as Apple Pay, Google Pay, Samsung Pay, etc. are good options. Storing credit card numbers at sites for future purchases increases the risk of your account being compromised if a site is hacked. It may take time to provide your information each time, but it lessens your risk.