The Cal State Fullerton Information Technology Department has created over 200,000 email accounts which are equipped with around a dozen firewall programs to protect the accounts from receiving links that could lead to an outside source trying to hack the account, said Berhanu Tadesse.
With millions of hacking attempts occurring on a yearly basis, it is necessary for the school to have the most up-to-date versions of firewall, said Tadesse, Associate Vice President of Information Technology and Infrastructure Services. The most recent one the department installed is a next-generation firewall made by Palo Alto Networks.
Tadesse said this firewall can detect viruses that have never been encountered before, which are known as “zero-day attacks.”
The IT department spends about $1 million a year on new security technology and staff payments, Tadesse said in an email.
One of the most prevalent types of hacking IT sees are phishing attempts. For example, Tadesse said that it is possible for some students to receive an email from a source pretending to be the IT department requesting that they change their password by clicking on a provided link. The email filtering systems the department has can then rewrite the link’s URL to prevent the user from clicking on it.
If the user notifies IT that they clicked a harmful link, the department will ask if the user if they notice anything different with their account and recommend that they change their password.
Only a limited amount of staff members in the department have access to administrator accounts which then grant them access to the email system, Tadesse said.
“It is a necessary privilege because without that we cannot create accounts or do any activity,” Tadesse said.
If a legal agency contacted, like the FBI, the IT Department and requested access to a student email, the department would have to comply, Tadesse said. However, Tadesse said the department had not been contacted to turn over any student emails in the seven years he has been at the school.
While the IT department spares no expense on security technology to prevent any hacking instances, CSUF English major Veronica Castro said the amount might be a bit excessive, even for her own information security.
“I can see why they would do it, but I feel like a million dollars is a lot of money. I feel like as students we can tell what (emails) are from the school and what is not, so maybe that much money is not necessary,” Castro said.