Information Security Upgrade
Significant enhancements to IT Security at McGill are currently underway. These changes will further protect McGill’s computers, networks, and data against unauthorized access and attacks.
What is the Information Security Upgrade?
The initiative affects IT Security across the entire University and will continue over the next few years. Leveraging the upgraded infrastructure, enhanced security features will be integrated, including new next generation firewalls and other security processes, policies and technologies.
Why does McGill need an IT Security Upgrade?
As an institute of higher learning, McGill University’s research data and large user population make the University an attractive target for cyber criminals.
McGill’s Information Security team recognizes these risks and has undertaken a plan to increase the University’s IT security, while supporting the University’s mission to provide user access and enable collaboration.
What are the benefits?
The upgrade will result in:
- Increased detection, prevention and mitigation of IT security events on the network
- Greater security for IT devices
- Uniform network access to servers and services for students, faculty and staff
- More secure and convenient Guest access
What does the upgrade involve?
Key components of this initiative include:
Endpoint Protection for work computers
- McGill has deployed the following services to protect McGill’s data, devices and systems: Endpoint protection for work computers - service description
Security Information and Event Management (SIEM)
- Refresh of SIEM infrastructure to respond to IT Security events
Next Generation Firewall (NGFW)
- Combines traditional firewall technology with other network device filtering functionalities
- Provides advanced protection against intrusions and threats.
- Implemented in March 2018
- Increased use of threat intelligence and cloud-sourcing
- Simpler, more organized internal network structure
- Zone-based security
- Unified access throughout the McGill network for all authorized users (Wired, Wireless, VPN)
Data Centre design
- Redesign of data centre security zones