In this presentation we will discuss the many and varied cyber attacks that have recently occurred in the higher ed community. We will discuss the perpetrators, the victims, the impact and how these institutions have evolved to meet this threat. Mitigation techniques and defense strategies will be covered as will a discussion of effective security…

Data breach prevention is a battle, rarely plain and never simple. For higher education institutions, the Sisyphean aspects of the task are more complex than for industry and business. Two-year colleges have payrolls and vendor contracts like those enterprises. They also have public record and student confidentiality requirements. Colleges must…

Who hasn't received mail from a company notifying them that their personal information may have been compromised? No organization--not Amazon, not the CIA--is immune to cyberattacks, and higher education is no exception. Indeed, colleges and universities may be even more susceptible to security breaches than their corporate brethren, and the…

Why is Information Privacy the focus of the January-February 2013 issue of "EDUCAUSE Review" and "EDUCAUSE Review Online"? Results from the 2012 annual survey of the International Association of Privacy Professionals (IAPP) indicate that "meeting regulatory compliance requirements continues to be the top perceived driver…

Where does privacy belong in the college/university ecosystem, and what should its relationship be with security and compliance? Are the three areas best kept separate and distinct? Should there be some overlap? Or would a single office, officer, and/or reporting line enable a big picture of the whole? This article examines several of the campus…

An e-mail scam has hit tens of thousands of users at dozens of colleges over the past few weeks, leaving network administrators scrambling to respond before campus computer accounts are taken over by spammers. Students, professors, and staff members at the affected colleges received e-mail messages that purported to come from the colleges' help…

Academic technologists at Lynn University (Florida) learned the hard way just how important a disaster recovery plan can be. Back in 2005, when Hurricane Wilma walloped the region with driving rain and 120 mile-per-hour winds, the storm debilitated Lynn's IT department, causing damage and flooding that thwarted the campus network for nearly two…

While development of the Internet has contributed to the spread of online education, online exams have not been widely adopted. An online exam is defined here as one that takes place over the insecure Internet, and where no proctor is in the same location as the examinees. This paper proposes an enhanced secure online exam management environment…

The increased number of government-mandated and private contractual information security requirements in recent years has caused higher education security professionals to view information security as another aspect of regulatory or contractual compliance. The existence of fines, penalties, or loss (including bad publicity) has also increased the…

Building access control (BAC)--a catchall phrase to describe the systems that control access to facilities across campus--has traditionally been handled with remarkably low-tech solutions: (1) manual locks; (2) electronic locks; and (3) ID cards with magnetic strips. Recent improvements have included smart cards and keyless solutions that make use…

As institutions review and strengthen their plans to secure confidential data, what proactive role does the human resource professional play as a strategic partner? Why are employees a critical part of the solution? And how are they educated regarding their responsibilities with data security? Datatel's HR product manager shares some…

The EDUCAUSE/Internet2 Computer and Network Security Task Force consulted with IT security professionals on campus about concerns with the current state of security in enterprise resource planning (ERP) systems. From these conversations, it was clear that security issues generally fell into one of two areas: (1) It has become extremely difficult…

EDUCAUSE Core Data Service Fiscal Year 2007 Summary Report summarizes much of the data collected through the 2007 EDUCAUSE core data survey about campus information technology (IT) environments at 994 colleges and universities in the U.S. and abroad. The report presents aggregates of data through more than 100 tables and accompanying descriptive…

A new study identifies and ranks the 10 security gaps responsible for most outsider attacks on college computer networks. The list is intended to help campus system administrators establish priorities as they work to increase security. One network security expert urges that institutions utilize multiple security layers. (DB)

Presents administrator's views on possible trends in college and universities. Addresses: hazardous waste disposal; privatization of custodial services; libraries and technology; building product purchases based on life-cycle cost; continuing education for employees; armed campus security; fees and tuition collection via online transactions; and…