Skip the navigation

Boston College converts chapel into data center

A 2005 data breach prompted the desire to develop a more secure IT environment.

By Ellen Messmer
October 14, 2008 12:00 PM ET

Network World - Boston College's IT department has gotten absolutely religious about securing data, three years after a big breach made headlines. So it might seem only fitting that the school's new data center resides inside a former chapel on land acquired from the Catholic Archdiocese.

Boston College in 2005 suffered a data breach of a departmental server that had stored on it the records of tens of thousands of college alumni -- a searing episode that left a "never again" feeling among school administrators and IT staff. When the school decided to build a new data center two years ago, the opportunity arose to start from scratch to develop a more secure IT environment. (Listen to a podcast on five data breach warning signs.)

The 2005 breach, which exploited a rogue server, called into question whether the school should continue allowing academic departments to set up servers pretty much as they wished in the decentralized manner so common in campus settings.

Boston College decided to centralize the majority of its departmental servers in the new facility with more physical security than could be found in the surrounding academic buildings, and it began implementing stricter security policies, including requiring VPN access.

"There was a strong push from upper management to centralize data to minimize the risk," says Joe Harrington, Boston College's director of network services. "By instituting all this policy change and VPN protection, we've made it less likely this would happen again."

Today the new data center -- which still keeps the old stained-glass windows from its days as a chapel -- houses two rows of Cisco Catalyst 6513 switches for redundancy, says Tom Borel, senior network engineer at Boston College.

The backup system resides where the altar used to be. About 75 departmental servers are kept in a physically locked room; about a third of them are virtualized IBM machines running VMware software. IBM also consulted on the data center, which took two years to finish and is double the size of the college's previous data center.

A Cisco ASA firewall stands guard at the network entry, while a Nortel VPN server requires students and faculty who are allowed access to the servers to authenticate.

Any servers that remain at departmental sites across Boston College campus locations are regularly audited, and a firewall-based DMZ was constructed for each of them, Borel says. The school has also deployed Enterasys Networks' Matrix N-Series switches at three campus locations for identity-based authentication of devices.

So far, the college has avoided a repeat of its data breach fiasco. While there are no absolute guarantees in security, there's a cultural change that has the college's IT group exerting greater oversight on network-related activities in departmental groups.

Reprinted with permission from NetworkWorld.com. Story copyright 2012 Network World, Inc. All rights reserved.
Our Commenting Policies
Internet of Things: Get the latest!
Internet of Things

Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!