Safeguarding the University from our top cyber risks

Monday, November 2, 2020

With 90 combined years of experience, the OneIT Security team uses leading-edge technologies to defend against millions of cyberattacks each day. Among the growing catalog of cyberattack types worldwide, phishing, malware, and vulnerability exploitation are the most attempted against UNC Charlotte:

  1. Phishing: Emails purporting to be from reputable sources to induce individuals to reveal personal information, such as passwords & credit card numbers

  2. Malware: Short for “malicious software,” this intent to damage devices includes viruses, trojans, ransomware & spyware

  3. Vulnerability Exploitation: Taking advantage of a vulnerability to compromise the confidentiality, availability, or integrity of a resource

The Role of Email

Phishing and 90% of malware are delivered in an email. More than 30 million incoming emails a month are identified as threatening and quarantined before they can hit your University mailbox. With Cisco Email Security, additional potential threats are clearly labeled as [EXTERNAL] in the subject tag:

Sample of external email where EXTERNAL is in the subject line, and a Caution message is in the body text of applicable emails received by faculty and staff emails.

Defending Devices

OneIT Security guards 13,000 University computers and tablets and hundreds of servers using Advanced Malware Protection. The service uses behavior and signature-based detection to block 1,000 potential threats every day. On each University-managed device is Umbrella, which analyzes web traffic against a global database of recognized offenders to stop more than 5,000 attacks a day.

Together, Cisco Email Security, Amp, and Umbrella block millions of harmful phishing and malware attempts every day.

University machines are also shielded using the Level 1 Security Standards from the Center for Internet Security and regular, phased-in patching. Preventive patching strategies mitigate 66,000 vulnerabilities cybercriminals could use to take advantage of systems or services.

Additional Protection

Using Stealthwatch, OneIT subverts an additional 300 attacks every day from even non-University devices. The service can detect threats from any device connected to our network by monitoring behavior changes from traffic samples of University devices.

An application called Splunk analyses risks based on global security lists and detects account compromises across our single sign-on (SSO) environment. DUO, our multi-factor authentication service, secures 17,000 registered NinerNET accounts every day, no matter what device they use.

For more on Information Security at UNC Charlotte—including how NinerNation can help—visit