Mary Zheng/Staff

Amid the increasingly sophisticated cyberattacks faced by universities, UC Berkeley is doubling its efforts and allying with other UC campuses to address security risks.

UC Berkeley was previously underfunded for an institution of its size but will increase investment in its central information security program from $1.5 million to $3 million for the next fiscal year. Universities face the extra challenge of protecting intellectual property and the security data of a heterogeneous population while preserving the openness unique to a research institution.

UC Berkeley faces millions of attempts at breaching vulnerabilities every week, according to Larry Conrad, UC Berkeley’s chief information officer.

“Unfortunately, universities are a worldwide destination for hackers,” Conrad said. “To steal a Social Security number or credit card number, you get some financially stable people (in universities) you can leverage. Research universities also create new knowledge — there’s intellectual property, value on the new market.”

These cyberattacks are also becoming more sophisticated, and phishing attacks — which trick people into revealing accounting credentials by replicating login pages and stealing credentials — have seen an increase. According to Paul Rivers, UC Berkeley’s system and network security manager, hackers monitor UC websites so they can replicate login pages as closely as possible.

The number of cyberattacks campuses face may also depend on the size of the institution and significance of its research. UC Riverside receives thousands of attacks per year — compared to UC Berkeley’s millions — and its budget for next year will be far less than double that of UC Berkeley, said Bob Grant, director of technology at UC Riverside.

While corporations also face cyberattacks, the information exchanges in universities entail a more open but more vulnerable environment. Unlike corporations, campus networks allow virtually anyone to connect to a server and access the Internet from outside.

The research focus of universities also brings unique challenges for researchers and professors who want to protect intellectual property. Hackers may not always have the motivation to steal research to make their own patents — sometimes, they only look to take advantage of the information.

Handling stolen intellectual property is also more difficult because of international hackers and the challenges that come with obtaining cooperation from foreign countries, according to Brian Carver, an assistant professor at the UC Berkeley School of Information. Hackers often launch attacks from multiple locations or change locations, making it complicated to trace the origin of the breach.

Looking ahead: taking steps to ensure improved security

In 2009, hackers broke into University Health Services databases, gaining access to 160,000 people’s personal records for six months. Afterward, the FBI and UCPD combed through records extensively to ensure that all students were aware of the security breach and that firewalls were secure.

Now, the campus’s Information Services and Technology department plans on doubling its funding, an investment that will bring the institution up to par with its peers. Currently, the UC Privacy and Information Security Initiative is also seeking to have an advisory board for both the UC president and for each university by 2014 to guide discussions about issues of privacy and information security.

“It really does take a village to try to respond to this,” Conrad said. “The threat is too pervasive. The (other universities) help identify where the exposures are and do a good job of disseminating the info.”

However, each individual will also have to play an active role, as the most important thing for departments and researchers to do is remain aware of what data they have that could be breached, Rivers said. IST has also emphasized clear data classification standards that inform departments of the level of security their data requires.

Hackers target not only high-security computers but also devices as common as personal laptops. Just having anti-virus software does not suffice these days, Rivers said. IST offers a program called Secunia PSI that individuals on campus can use to see whether they have the necessary updated protection.

“Hackers may look for any kind of data system to get into, whether sensitive or not,” Rivers said. “So they spread out and establish capability on the campus network … That’s the basis by which our security standards require patching your system. People wonder, if it’s just my personal laptop, why does it matter to the university? Well, that’s why.”

In 2010, the university moved to create an overarching security policy. The initiative will establish a systemwide advisory board, train campus privacy leaders and form a consistent balancing analysis — a framework for decision-making when competing privacy interests, university values or obligations exist. The university hopes to fully implement the initiative in the next five years.

Despite these steps, the initiative strives to refrain from turning the university’s security program into that of a corporation. Corporations have more restrictions on accessing web servers and may perform stronger monitoring because they regard the computers as company property. According to Rivers, the university does not want to become a “Big Brother” but aims to maintain strong security alongside uninhibited autonomy.

However, security breaches remain a problem for universities. On July 24, Stanford University experienced its own security breach in its information technology infrastructure. Stanford is still investigating the source and impact of the breach but has urged all students to changed their passwords.

“Due to the emergence of so much new technology and the ever increasing amount of data we store it is of great importance that we make security a priority,” said UC spokesperson Brooke Converse in an email. “It is critical that the University be a good steward of information entrusted to it by students, faculty, staff, and community.”

Contact Mary Zhou at mzhou@dailycal.org

The post UC Berkeley seeks to expand security program to combat cyberattacks appeared first on The Daily Californian.

As the semester progressed, UC Berkeley lecturer Dan Garcia noticed one group of students falling behind: those taking his course without ever setting foot on campus.

Of the 320 students enrolled in “The Beauty and Joy of Computing,” the 60 students taking the course online consistently underperformed compared to the in-class students.

Garcia spent months transferring his course to an online platform, filming his course in high definition so his lecture videos would be of optimal quality, offering online versions of labs and working with instructional designers to adapt his course to the online format. But he came to the eventual conclusion that students would be better served taking his class where it was originally offered: in the classroom.

“This is an experiment,” Garcia said. “After courses run their first lot and maybe make some changes to the course, I would hope that each course goes back to the drawing board and fixes itself.”

Garcia finds himself in a similar place as other faculty members participating in the UC Online pilot program — a systemwide effort aimed at expanding the university’s online education offerings — as professors face the pains that come with developing and experimenting with online education.

Over the past few months, online education has garnered significant support. Both Gov. Jerry Brown and the UC Regents have publicly pushed for greater investment in online course development, citing great financial potential. Brown allocated $10 million to online education in his proposed budget.

But despite plans for heavy investment in online development, courses offered since UC Online’s launch have seen mixed results.

Garcia attributed his online students’ underperformance to a lack of accountability. Online students were “cramming” online course material right before exams instead of showing up to online lectures and discussions with the same frequency as the other students, he said.

Like Garcia, UC Berkeley assistant professor Brian Carver — who taught “An Introduction to Information” online this fall — struggled to engage online students. He spent two years developing a new course only to see enrollment drop nearly 25 percent over the course of the semester.

While Carver thinks it is possible for an online course to be as engaging as an in-person course, he has yet to see the online platform that delivers it.

“The time it took to develop this course took so much more time for me (than) to develop an in-person course that I’m not currently looking to develop anymore,” Carver said.

According to UC Online Interim Director Keith Williams, professors for UC Online work with instructional designers to create their courses. Online classes can have synchronous discussion sections and video-chat sequences or video-based lectures that allow students to go more at their own pace, and much of this structure is at the professor’s discretion.

“All of the courses we have developed, we have developed with the intent of running again and again,” Williams said. “Our goal is for these to be regular offerings and to be offered more than once. For a lot of the faculty, it is an experiment because they haven’t done it before. That’s where the instructional designer (comes in).”

After his first effort with online education, Garcia is now working to develop his course by creating more landmarks that require students to keep up with lectures and assignments, such as regular quizzing. He said that the available online platforms lacked analytics, tools with which he could observe students’ online activity, but quizzes may be a way around these limitations.

UCLA professor Susanne Lohmann eliminated the lecture from her UC online course, “Diversity, Disagreement and Democracy,” altogether, instead opting for game-based learning in which students participate in quizzes and answer questions and then analyze the data that the games elicit. Lohmann said the course structure allowed her students opportunities to interact with the class material that would not have been possible in a lecture hall.

“Her online class was completely different than what I expected,” said Andrew Litt, a senior at UCLA who took Lohmann’s course. “I personally don’t really think (recorded lectures) work well because (they’re) boring … but in professor Lohmann’s class, you play games and learn about how people think and reason, and in an online setting, that worked really, really well.”

Following positive student feedback, Lohmann plans on offering the course again in UCLA’s spring quarter.

Williams said he expects a systemwide meeting involving campuses and UC Online to take place in April. The regents have already discussed the possibility of having undergraduates take four online courses in their first two years in the UC system — a feat that the UC Office of the President estimates would require at least 137 high-enrollment online courses from both UC Online and campus-specific efforts.

Currently, UC Online is piloting two new UC Berkeley courses — “American Cybercultures: Principles of Internet Citizenship” and “Intro to Probability and Statistics for Business” — for the spring semester. UC Online plans to add approximately 20 new courses at the beginning of the 2013-14 school year, according to the UC Office of the President.

“Right now, we are at baby steps,” Garcia said. “But through experimentation and the UC online program, I think we can really (create) an amazing experience.”

Libby Rainey covers higher education. Contact her at lrainey@dailycal.org and follow her on Twitter @rainey_l.

The post Professors see varying success in online courses appeared first on The Daily Californian.