Assessing Network Services and Security in Nigeria Universities
AbstractThe paper investigated sources of threats and vulnerabilities to Nigerian university computer networks and assessed the adequacy of security controls in place to mitigate the occurrence of successful intrusion. This was with a view to enhancing the integrity of data transactions on the Universities' computer networks. Data for the study were sourced from 18 purposively selected universities in Southwestern Nigeria. Three universities, each representing federal, state and private were selected from each of the six states in the zone. Primary data were obtained through the use of validated questionnaire. The result revealed that 81.3% of the universities had internet presence. The Universities' Organisation Information Criticality Matrix (OICM) showed the bursary unit with highest weighted average. The result further showed that web services posed the greatest source of threat and vulnerability to the university networks. Indeed, 72% of the universities ran e-portal services that incorporated electronic payment but none of the universities was digitally signed with Certificate Authority (CA). The result also showed that single factor authentication using usernames and passwords were the only network access identifier employed by all the universities. The study noted that the security controls to safe guard the integrity and non-repudiation of network
transactions in the universities were weak and high potential existed for possible compromise of the network system. The study therefore concluded by proposing a layered approach to managing security on the university network.