The Information Technology (IT) department will install a new security tool, an Internet Protection Service (IPS), that will further protect the campus network from malware, viruses and cyber attacks, according to an email sent to the campus community on Monday morning by Senior Vice President and Chief Information Officer of IT Mitch Davis.

While the main goal of an IPS would be to “keep the system as clean as possible,” the new software will also allow IT to see if illegal sites are being used on Bowdoin’s network.   

The IPS will scan all internet usage on the Bowdoin Network. It will not block any website unless that site has previously been reported to spread viruses to the network, nor will it initially detect potentially “high-risk” sites, or sites known to attack networks. Davis labels pornography and gambling websites as high-risk for their reputation for malware distribution.

While students were worried about perceived infringement on their privacy, the IPS will rather act as a recording device, the data of which IT will examine in the event of an incident, such as a malware or illegal activity report. Depending on the specific IPS system, it may then notify users when they have gone to a potentially dangerous site.

Davis drew an analogy between the purpose of the IPS and that of a security camera.

“We have two hundred and something security cameras and they’re constantly recording everything, but nobody can look at all of it,” he said. “If there’s a problem they can go back and look through the video. That’s what [this device] does.”

Davis hopes that announcing the IPS will raise awareness about privacy on the internet beyond just the Bowdoin network. He said it had been recommended by several large consulting firms and the College’s audit committee.

“People think there are privacy concerns and I agree with them. There are privacy concerns around this. But if you have Gmail, all of your emails are scanned,” said Davis. “Google’s reading my stuff, Facebook’s reading my stuff—how much privacy do I really have? People know where you’re going, where you’re shopping, the minute you get on your phone and do web browser they know location.”

In the past, the most common form of illegal activity on the network has been the illegal downloading of music and movies. When this happens, the original content provider (such as SONY) notifies IT, and the report is passed off to the Dean of Student Affairs. They would then notify the student that their illegal internet activity has been detected.

According to Davis, there have been two students in the past ten years to be called into the Dean’s Office to address internet activity. They had repeatedly used illegal downloading sites after being notified.

This procedure will remain the same with the IPS installed.

In managing malware distribution on students’ personal computers, there is no disciplinary procedure when the original website is not illegal. IT will rather clean the infected machine and record the site that spread the virus. In order for this to happen, the student must report it to IT and the address will be flagged within the IPS’ system.

The way in which the IPS then protects people from using that site varies among different versions of IPS products. The site may only offer a warning for potential malware distribution as well as the option to click through and continue to the site. However in the case that the site is known for more severe attacks, the IPS can block the address completely.

IT has been requesting funding for an IPS for the past six years, then last year, the College purchased cyber insurance.

“We’re paying this money for cyber insurance but in reality if we were to have a problem, which could be millions of dollars, they would not cover it because we didn’t put in an IPS. So it got funded,” said Davis.

The College approved funding for the IPS on Saturday.

The current security system for the College includes a Barracuda Firewall, which scans every email in Bowdoin webmail for sensitive information and “strips” it out in the event the network is hacked. The system also uses Symantec Protection, an antivirus software.

IT has not yet decided on which IPS they will purchase. When they do, they will notify the campus community. Campus will also be notified when they begin installation. Davis predicts it will be implemented this summer, if not sooner.