Students in Illinois State University’s School of Information Technology (ITK) will get hands-on experience using production level security technology, thanks to a gift from Trustwave, a leading provider of information security and compliance solutions. The data loss prevention, encryption management, vulnerability scanning, and network access hardware and software, valued at $284,000, will be used in several ITK information security classes, starting in the spring of 2011. The information security technology from Trustwave is helping to enhance ITK’s mission as a National Center of Academic Excellence in Information Assurance Education, a designation it received from the National Security Agency and the Department of Homeland Security. The program helps reduce vulnerabilities in the nation’s information infrastructure by promoting education and research and producing highly trained professionals with information assurance expertise in various disciplines.
The technology gift was facilitated by Nicholas J. Percoco, an Illinois State alumnus and senior vice president and head of SpiderLabs at Trustwave. “It is critical that students entering the IT and InfoSec workforce have experience using advanced real-world technology,” Percoco said. “Students participating in the labs activities will have an advantage over their peers graduating with similar academic backgrounds.”
The technology is already serving an educational purpose. As part of his master’s degree project, an ITK graduate student is developing labs for using the technology. The labs for information security classes will simulate vulnerabilities within computer networks, giving students a chance to use the Trustwave technology to scan the systems and provide data security solutions.
“This technology will allow the students to act as both offensive and defensive players in a simulated data security environment,” said Doug Twitchell, an assistant professor in the School of Information Technology. “They will have to think like someone who is trying to exploit security vulnerabilities and also like someone whose job is to keep data safe. That will be a valuable learning experience, especially since this is the same production level technology many large companies and organizations use.”
The data loss prevention software keeps designated information, such as credit card numbers, from being sent out from secure computers. Encryption management software facilitates the process of allowing multiple users to access encrypted documents. The hardware and software for internal and external vulnerability scanning is used to check computer systems for weaknesses that can be exploited by hackers. Network access control software allows users to establish policies about which computers can join a larger network. That technology is especially useful for preventing malware-infected computers from damaging other computers within a network.