This same type of technology approach works for security. If you can bind the actual IDs to the applications that are going back and forth it's possible to pass it on to behavioral analysis devices and software, which will look at it and maybe realize 'You know what? I'm seeing this ID normally on a Monday-through-Friday, 9-to-5 basis. All of a sudden for the last two weeks I'm seeing this happen on a Sunday afternoon.' Then the behavioral-analysis systems will kick that back out into log alert.

Maybe it turns out someone came in on the weekend to catch up on work. But it's also possible that you track them down and their response is 'No, I'm sitting at home.' That means that further follow-up is necessary. We see that is the most viable approach moving forward.

It's usually by e-mail. The most common thing that will happen, depending on how malicious the activity is, is it may result in the system trying to block the user's access. In that case, they can go directly to one of the manned student labs where we have web managers and student help that can help determine the problem.