More than a year and a half ago, MSU's library server was breached.
It was the biggest threat to online security the university had ever seen, and MSU officials scrambled to try and minimize the threat.
David Gift, vice provost of libraries, computing and technology, said there was "potential" exposure to Social Security numbers, but evidence surfaced that none had been taken. The university took measures to correct the situation and has since taken precautions to make sure it does not happen again, Gift said.
The work they have done to stop hackers and keep information safe was the topic of a town hall meeting last week, which was managed by
a panel of MSU directors of different departments from human resources to the Cashier's Office.
"This issue is a matter of personal safety and institutional embarrassment," Gift said during the meeting. "Some areas will be more expensive and harder to solve, but we are on the right track."
Many of the panel members said hacking into a university's computer system and stealing personal information is becoming more of a threat across the nation.
Dave Hartman, the manager of Systems Development in the Controller's Office, said that when it comes to online security, everyone is at risk.
"We're dealing with a lot of legacy systems, which means they are 15 to 20 years old, and to fix them is not easy," Hartman said. "By doing things like introducing (a new identification card) for employees, we are making it easier for the future, but we still have a lot of work ahead of us."
Ann Thorsen, the assistant director to the administrative information services, said universities are trying to make sure that they keep up with people trying to steal personal information.
"We're in an arms race with these hackers," Thorsen said. "These hackers are trying to get ahead of the good guys, so in order to keep pace with them, we do things like put up firewalls and take other measures to make sure they don't get ahead of us."
Events like the town hall meeting aren't the only things the university is doing to try and get people informed about how to protect themselves from online threats. The university has done a variety of things to keep personal private information safe, from taking the Social Security number off of online personnel documents, to routinely wiping old computer hard drives clean so people can't hack into them and take the information.
One researcher, Nora Rifon, an associate professor in advertising, public relations and retailing, was recently given a grant of $50,000 from Microsoft to research for a program called Internet safety: Network security begins in the classroom. It aims to teach high school students and incoming freshmen about online safety.
Rifon also received a $400,000 grant for the program from the National Science Foundation.
Rifon has been working with the Michigan attorney general's office since 2000 to put together a program that could teach students and their parents about online security.
"We just received surveys back from what the kids know, as well as what their parents do and don't know about this issue," Rifon said. "Once we know these results in the coming weeks, we should have a good idea of where these kids are in terms of knowledge on online safety."
Gift said with the threats constantly changing, the nature of security has to change, as well.
"It certainly is getting harder and harder, but I think we are doing a better and better job," Gift said.
Gift said that the university's intrusion detection service is stopping more than 4 million invasions a week that range from viruses and worms to malicious threats. Gift said it will be tough staying ahead of the bad guys but that the goal of the university is work to benefit everyone.
"Our goal even today in any storage form is to keep a person's information as confident and secure as possible," Gift said. "We are also trying to translate it to make it useful to people as well."
Justin Kroll can be reached at krolljus@msu.edu
