If an old computer is still working why replace it? Increasingly that reason is due to cybersecurity concerns. We often don’t get excited about processor designs and memory architectures, but protections are not just evolving in operating systems and applications. Hardware is also evolving to better support the security of user processes and information.
What are some of those protections? The Central Processing Unit (CPU) is the heart of most computing devices. Everything flows through that chip to make the computer work. Early chips were very trusting and simply did everything they were asked to do. Newer chips can work with the operating system to stop suspicious requests from getting processed.
A separate chip called the Trusted Platform Module (TPM) helps to make user sign ins stronger and provides additional protection for various system secrets. That chip also continues to evolve with newer systems to provide better protection. And there are a host of other improvements designed to address current threats to systems.
Many times, consumer grade hardware will lack additional protections because those protections make the computer more expensive or complicated for non-technical users who lack organizational support. That is why the campus purchases enterprise grade hardware through approved vendors for the campus. We want to make sure all the current protections are included in our equipment.
Older hardware can have limitations which prevents them from running current operating systems and software. Apple, for instance, made some significant changes to newer operating systems that changed their supported file formats and removed 32-bit application support. Many of these changes are not supported on older hardware.
Those are the technical security reasons. But increasingly there are organizational responsibility reasons as well. Our campus utilizes insurance to help us deal with the catastrophic failure of our systems or the theft and publication of a lot of sensitive campus data. Increasingly insurance providers want to see that we are following safe practices to help prevent costly events from occurring. More and more they use the state of our technology to determine how much to charge the campus for that service. Due to the rise in claims across the Higher Education sector, that cost is rising dramatically. In many cases insurance providers are declining to offer protection to campuses at all.
What do insurance companies want to know about Brockport? A big question they ask about is the age of our equipment and software. They want to know how vulnerable we are to costly cybersecurity incidents. This creates a great deal of pressure on us to make sure our applications and hardware are up-to-date and supported by knowledgeable and responsible developers and manufacturers. Otherwise we have to tell those providers we are a high risk campus leading to either a higher cost or a lack of insurance protection.
There is another important reason at the personal level as well. It might be the case that you suffer from a cyberattack, or malicious software infection. You might not know what to do when that happens to resolve it or to prevent it from happening again. People typically look to BITS for support with those issues. There often isn’t much BITS can do in those cases, however, when campus devices are no longer supported by the manufacturers and applications aren’t supported by the developers. That lack of support also means that BITS can’t effectively secure those solutions because our security tools also will not work effectively in those situations. Data might be irrecoverably lost, stolen, and the system may cease to function as expected.
As a cyber security professional, I can attest that this stuff is complicated, often confusing, and sometimes frustrating. But this is one area that’s easy. If you use currently supported hardware with the latest protections, and keep your operating system and applications updated, you will be very well protected. If everyone does that, then the entire campus will be much better protected from undesirable outcomes. It really is the easy answer for good cybersecurity at Brockport.
Please send any questions related to this article to infosec@brockport.edu.