Iowa State University

ITInformation Technology

State Employee's Actions Allegedly Leaves Computer System Vulnerable

This news item expired June 8, 2011. It may contain out-of-date information.
In the wake of a recent incident at Iowa Vocational Rehabilitation Services (IVERS), IT Services security officials would like to remind the campus community the importance of maintaining a secure computing environment.

According to reports, an IVERS IT worker allegedly bypassed important safeguards of the State's computer network by disabling anti-spyware and anti-virus software, and turning off the system's firewall in order to download videos from a bit torrent site. By disabling the security safeguards, the employee left the State's computer system vulnerable to cyber criminals, allowing access to important personal information, including names, addresses, Social Security numbers and birthdates. Although officials at IVERS claim that the system was never compromised, computer experts warn that one can never be certain when systems are left unprotected.

IT Services reminds all campus users that disabling established security measures not only leaves the university‘s computer network vulnerable, but is a violation of Iowa State University‘s Code of Computer Ethics and Acceptable Use Policy.

For more details on the incident at IVERS, see: http://www.whotv.com/news/who-story-state-information-leak-20110519,0,900401.story

ISU‘s Code of Computer Ethics and Acceptable Use Policy is available online at: http://policy.iastate.edu/policy/it/ethics/