IT in the age of Covid

Matthieu Jacobs

If people work on their own laptops, we can’t take action if something goes wrong’

IT staff have a crucial role now that everyone is working from home. How are our colleagues in this department doing? And how should WUR staff and students make sure their WUR data is secure when they are mainly working from home? A conversation with Matthieu Jacobs and Freek Wellerdieck.

Matthieu Jacobs was barely a week into his new job as a product owner in the IT department when he had to shift to working from home. He faced a huge challenge right from the start: Jacobs and his team had to make sure that the thousands of people working at WUR were able to make a transition in a matter of days to working from home securely and without glitches.

The End-User Computing team consists of 12 to 15 people (additional freelancers are brought in for specific projects). WUR has a total of about 15,000 workstations, such as laptops and PCs. Jacobs and his colleagues are responsible for maintaining the physical and virtual workstations and laptops. They also install software and make sure everyone has the right applications. Talking on the phone, Jacobs says, “We had to work hard, and some planned activities had to be postponed. Fortunately, this didn’t affect our other services to staff and students. Everything is running smoothly now and we’ve had a lot of positive feedback.”

One of Freek Wellerdieck’s two teams (Data Management & Hosting) is responsible for hosting the HR system, WUR.nl, web applications and other databases. He was already accustomed to using the chat function and video conferences with colleagues before the coronavirus crisis. A few days before the nationwide lockdown, it was agreed with all the FB-IT teams that they would try working from home one day a week. That meant the IT staff and systems were already in a good starting position when Dutch society went into its ‘intelligent lockdown’. “Of course it’s a shame you no longer have the informal conversations with people you bump into,” says Wellerdieck. “But the core processes of working together never stopped for one moment. I think it went very well.”

Photo: Anne Reinke

On one arbitrary day,

WUR received

373,400

emails

152,717

of which were unsafe

WUR suffers digital attacks on a daily basis.

91 per cent

of the attacks start with a phishing email

The IT department continuously monitors what is happening in the network and the servers. If people use their WUR login details, they are logging into a secure network. Even so, having so many people working from home is challenging for the IT staff. Wellerdieck explains: “All those users are now sitting on the wrong side of the firewall. Normally people are working on computers that are inside WUR’s secure environment. Now most employees are on the outside — the same as the hackers are. You don’t have that physical security component, so there’s a greater risk of someone else seeing something they shouldn’t. What is more, people are increasingly using their own devices to log into the university’s systems.”

Treasures

If it were not for the vigilance of the IT department, external people would be able to view, damage or even delete the university’s data. Wellerdieck sees the research data as one of WUR’s treasures. He thinks not everyone is aware of the value of the data stored on the servers. “It includes not only research results that could lead to patents, for example, but also the address details of researchers who do experiments with animals. We need to be careful with data like that. Not all staff and students are aware of that.”

Before March, there were about

200-350

VPN-sessions on a busy day. Now there are about

2200 every day

The number of individual Teams within MS Teams has increased from 703 (end of March)

to 4451 (mid-september)

Matthieu Jacobs agrees. He says people do not always consider the dangers. “Because the moment you lose a USB stick, your research is in the public domain.” Fortunately, there are enough precautionary measures that staff and students can take to minimize the risk of a data leak. For example, Jacobs’s advice if you have to use a USB stick is to buy an encrypted version.

It is also important not to click on emails you don’t trust. That might seem obvious but this tactic is used on a wide scale to get access to the university’s servers. The spam filter intercepts a lot of these messages, and a system has recently been implemented that directs hyperlinks and attachments in emails via a check, but malicious individuals are becoming ever more inventive. “If you mark a suspicious email as spam, it will come to us and we can investigate whether the message is safe,” says Jacobs.

Freek Wellerdieck

Even if you did make a mistake, don’t be ashamed

In September, over

2100 chat messages

were sent on an average day

Before we all started working from home, the IT department was dealing with about

5500 tickets per month

In March, that increased

to 9500 tickets

It is also not a good idea to use public networks when not on campus. And make sure no one can see your screen when you are working in a public place. It is important to be vigilant if you are in a coffee bar or a flexible working space. Jacobs: “Most people work on the laptop they were given by us and that’s good. If people work on their own smartphone or laptop, we don’t know what’s happening and can’t take action if something goes wrong.”

Freek Wellerdieck adds that it is important for people to contact the Service Desk if they have any doubts. It seems people are indeed doing that: the number of phone calls to the Service Desk has increased hugely lately. “Even if you did make a mistake, don’t be ashamed. It’s far better to report any doubts you have about a website where you entered data rather than keeping quiet about it. Hackers need just the one entry point to plough through the entire system and find sensitive data.”