More than passwords: technology to keep campus safe

Published January 26, 2018

by Benjamin Blanchet

UBIT is working to adopt new technologies that make UB students, faculty and staff safer. 

Photo

Benjamin Blanchet (UB student, Class of 2018) is an English major with an interest in journalism. After graduating from UB, he hopes to attend grad school and pursue a career writing about music and the arts. An Albany, NY native, Benjamin enjoys biking and reading in his spare time.

Are passwords passé?

From the earliest days of the Internet to the smart technology of today, some things haven’t changed. For instance, most secure apps and services require just one step for security—namely, the password. But that’s rapidly changing.

“There never used to be two-factor authentication at UB,” said Dr. Catherine Ullman, UB’s Senior Information Security Analyst. “But that’s changing.

“If you are staff or faculty member who wants to connect to the student system, you now need two-factor authentication. I also anticipate there will be further utilization of two-factor methods in the future.”

While a strong, secure password is still important today—or even better, a passphrase, a short phrase modified with symbols and capitalization—that likely won’t always be the case, thanks to new security measures that aim to be unique to the individual.

“There’s certainly more going on as to what to replace passwords with—everything from, facial recognition, to retina scanners, and fingerprints,” Dr. Ullman said. “These are great biometric tools, but they, too, are problematic.”

To illustrate, Dr. Ullman points to a recent story about how a mother's iPhone X, locked with Face ID, was unlocked by her son's face.

The nature of the business

Another prediction for the future of cyber security—more regulation.

In some cases, specific security measures may be required in order to win grant money or work on projects involving government funds or data. This is a huge source of funding for UB.

Universities, Dr. Ullman said, aren’t used to having to follow these kinds of regulations. UBIT is helping prepare the university for heightened regulatory guidelines with updated policies governing minimum security standards for UB-owned desktops, laptops, mobile and other “end point” devices, as well as new standards for UB-hosted servers. This information is available in the Guidance Documents section of the UBIT website.

Keeping UB’s people and data safe is an enormous part of what UBIT does. For more on what we do—and what you can do—to stay safe, visit www.buffalo.edu/ubit/safe.