SecureIT! Newsletter @ CIS @ Brown

Inside IT Security: Timothy Wells

Tim Wells came to Brown in June of 2006 as CIS's new Director of Network Technology in the Academic and Network Systems and Services unit, overseeing the Network Technology Group, Security Operations, Telecommunications Operations, and Facilities Project Coordination.

Tim Wells Before Brown, he was a Vice President for the Citizens Financial Group, working with the Enterprise Architecture and Strategy team. During his eight years at Citizens, he held engineering and senior operational management positions, with responsibilities that included network planning and upgrades, distributed systems, disaster recovery and business continuity. Earlier, as a senior network engineer, Tim lead the implementation of the bank’s new core data network as well as managed the engineering team responsible for the voice network. Previously he was on the technical staff of Roger Williams University and also worked for Honeywell Consumer Products as a network manager.

Q: What was it that drew you to Brown and your new role here?

A: I felt that my experience in the corporate world could help drive technology solutions here at Brown.

Q: What are some of the endeavors that you've overseen during the past year? Of which accomplishments have you been the most proud?

A: Delivering wireless technology to the campus has been a great challenge. Wireless technology coverage models are more an art then a science. Wireless coverage is tricky in old buildings like we have here on campus. The composition of the buildings affects how the wireless signal behaves and makes it challenging to deliver effective coverage. We have put together a model that I feel is effective for our environment and we will continue to improve our coverage as we go.

Q: Your background includes several years working in the private sector as well at Roger Williams University. As far as computing security issues, would you say that there are any differences between the corporate and academic environments?

A: In the corporate environment you protect the inside of the network from the outside world. Strict firewall rules at the Internet border as well as IDP and IDS technology. The corporate environment also demands strict desktop policy only allowing the protocols and applications needed. I have found that in the academic environments the need for collaboration makes security a challenge. We protect at the core and extend that protection out to departments where possible.

Q: What are some of the projects that your groups will be working on during the coming months?

A: We are evaluating an end point assurance tool from Bradford Networks called Campus Manager. Depending on the outcome of the evaluation, this product could replace our Net Reg system (used when connecting computers and devices to the network in the residential halls to assure that they meets the requirements stated in Brown's Network Connection Policy).

Q: What is your role on the CIS CIRT team?

A: When there is a security emergency my team responds to analyze the problem and make recommendations for solutions.

Q: What would be the most important piece of computing advice that you'd like to pass on to the average user?

A: Never provide personal information over the Internet unless you are 100% certain that you are connected to a secure site and your traffic is encrypted. That includes wireless connectivity.

Q: Is there anything else you'd like to add?

A: Change your password on a regular basis.