Home | Technology for Our Community | Building a Better University | Operational Excellence
Identifying and remediating vulnerabilities in hardware, software, and systems, or Vulnerability Management is paramount to the security of UNH’s information and the technological resources that support it. Barricade is the program, administered by UNH IT, that provides Vulnerability Management for the University. As new vulnerabilities are identified every day, and each new vulnerability increases the risk of malicious activity, actively managing known vulnerabilities to UNH services and systems is the best way to reduce that risk.
The Barricade Program was initially implemented in 2018 through the partnership of two UNH IT units - UNH Telecom and Information Security Services. It paired vulnerability scanning of servers on the UNH network, which UNH IT has been doing for over 20 years, with the processes and policy necessary to establish a sustainable program that ensures new vulnerabilities are identified, classified based on the risk they pose and remediate within a designated timeframe. The initial rollout of Barricade was limited in scope, only requiring vulnerabilities identified with unauthenticated scanning to be remediated and selecting UNH IT-managed servers as “in-scope.”
In early 2019, the Barricade Vulnerability Management Program was expanded in two ways:
First, the additional type of scanning, called authenticated (or agent-based) scanning, was introduced. Adding this scanning type expanded our visibility to encompass many server vulnerabilities. To illustrate, if an in-scope server was a bank, unauthenticated scanning is the equivalent of potential bank robbers casing the outside of the building. Authenticated scanning provides improved visibility for vulnerabilities that can be exploited if the attacker has credentials. In the bank analogy above, authenticated scanning is analogous to the bank robbers coming inside the bank to do reconnaissance.
Second, servers managed by the Research Computing Center (RCC) were brought in-scope.
As a result, all critical and high vulnerabilities identified on servers managed by UNH IT, Academic Technology (AT), and RCC are now required to be remediated within 30 days of identification, regardless of the type of scan used to identify them. Implementation of the Barricade Program has thus far resulted in a reduction of more than 90% of exploitable vulnerabilities on in-scope servers.
Plans to continue expanding Barricade Vulnerability Management across the University are being developed, and additional phases are expected in the second half of 2019 and throughout 2020.