Jump to other news and events
Purdue signature

New vulnerability scanning tool helps security staff prevent University data theft, damage

ITaP is announcing a new security scanning tool that helps system and network administrators take a more preventive approach in protecting the University’s sensitive data.

David Kistler, who manages IT infrastructure services at the Purdue University-Fort Wayne (IPFW) campus, has been using the McAfee Vulnerability Manager since August.  He says the tool, which ITaP is now making available on all of Purdue campuses, helped his team identify and patch vulnerabilities that previously went undetected.

“The key holes or weaknesses we’re concerned about are ones that would allow outside sources, particularly cyber criminals or hackers, to access our servers, switches or workstations and do nefarious things such as upload viruses or collect private data,” says Kistler, who is also IPFW’s IT security officer. “We find vulnerabilities in many ways, and the hackers find them the same ways, but this new tool helps us stay one step ahead to protect our valuable assets.”

In addition to protecting University data, Kistler says his team is responsible for making sure IPFW is in compliance with regulations enforced by the Family Education Rights and Privacy Act, the Health Insurance Portability and Privacy Act, and the Payment Card Industry Security Standards Council. The McAfee Vulnerability Scanner alerts IT administrators to instances of non-compliance so they can correct issues and avoid fines, thereby saving money for Purdue.

“One of the best things about this tool is that we haven’t found any false positives,” Kistler says.

Greg Hedrick, director of Purdue’s information security services, says upgrading to the new tool is part of an initiative to become more proactive in protecting University data.

“Instead of depending on external reports that we’ve been compromised, we’ll be able to identify vulnerabilities before they become problems,” Hedrick says. “It is important for system administrators to use the tool to scan for vulnerabilities before the cyber criminals or hackers do.”

System and network administrators may request access to the McAfee Vulnerability Manager or learn more about it by sending an email to itap-securityhelp@purdue.edu.

Writer: Andrea Thomas, ITaP technology writer, 765-496-8204, thomas78@purdue.edu

Sources: Greg Hedrick, director of information security services, 765-494-1875, hedrick@purdue.edu

David Kistler, IT security officer and manager of IT infrastructure services at Purdue University-Fort Wayne, 260-481-5728, dkistler@purdue.edu

Last updated: Nov. 4, 2013