This paper reviews cybersecurity laws and regulations in Cameroon, focusing on cybersecurity and information security audits and risk assessments. The importance of cybersecurity risk assessment and the implementation of security controls to cure deficiencies noted during risk assessments or audits is a critical step in developing cybersecurity…

Individuals whom have legitimate access to network resources, trade secrets, or otherwise sensitive data as part of their daily functions are categorized as an Insider Risk. Insider Risk has been pushed into the public eye in recent years with the Edward Snowden leaks of 2013. Snowden had a business need to access the data he retrieved but the…

Remote working is the new reality, and transactional work--provided by freelancers, contract employees or consultants--has increased exponentially. It is forecast that as much as half the labor force will be working independently and virtually by 2020. Most organizations are still grappling with how to effectively manage their virtual staff and…

A principle responsibility of a board member is to understand the environment in which his or her institution operates. Today, that environment includes a host of legal risks that every institution of higher education must be prepared to assess and proactively address. Colleges and universities work to contain and manage those risks through such…

Who hasn't received mail from a company notifying them that their personal information may have been compromised? No organization--not Amazon, not the CIA--is immune to cyberattacks, and higher education is no exception. Indeed, colleges and universities may be even more susceptible to security breaches than their corporate brethren, and the…

Internet fraud takes a number of forms with the responsible individuals changing tactics rapidly to avoid detection. The perpetrators rely on telemarketing, emails, as well as presenting themselves personally to unsuspecting people. The evolution of internet marketing as well as ecommerce and the ease of connectivity create increasing…

When an individual hears the term risk, he/she usually thinks of the financial institutions whose mismanagement of risk was instrumental in causing the 2008 financial crash. But all organizations, including colleges and universities, face various types and levels of risk, which threaten to harm the institutions and their ability to fulfill their…

Older adults are less likely to be using computers and less knowledgeable about Internet security than are younger users. The two groups do not differ on trust of Internet information. The younger group shows no age or gender differences. Within the older group, computer users are more trusting of Internet information, and along with those with…

Under security breach response laws, businesses--and sometimes state and governmental agencies--are required to inform individuals when the security, confidentiality or integrity of their personal information has been compromised. This resource provides a state-by-state analysis of security breach response laws. [The Data Quality Campaign has…

Nationwide, IT breaches rose noticeably across all industries from 2003 to 2006. According to national statistics, hackers account for half of all exposures. Physical loss, theft, and fraud represent the second biggest risk. Security is an issue for all of higher education. Of all higher-education records that were exposed between 2000 and 2008, 4…

Much recent discussion has focused on the pros and cons of cloud computing. Some institutions are attracted to cloud computing benefits such as rapid deployment, flexible scalability, and low initial start-up cost, while others are concerned about cloud computing risks such as those related to data location, level of service, and security…

As new technologies emerge on campuses, how can colleges avoid legal land mines? What are the areas of greatest risk, and how should higher-education leaders deal with them? In this article, three experts offered their advice at the Technology Forum: Beth Cate, associate general counsel at Indiana University, on data privacy and security; Steven…

When the author was brought on as CIO of Westmont College in October 2008, the president, Board of Trustees, and campus environment made it clear that technology needed a major overhaul to meet the college's growing requirements. Also, these changes needed to happen without significantly increasing the IT budget or staff. Marketing Charts…

The University of Washington (UW) adopted a dual-provider cloud-computing strategy, focusing initially on software as a service. The original project--to replace an obsolete alumni e-mail system--resulted in a cloud solution that soon grew to encompass the entire campus community. The policies and contract terms UW developed, focusing on…

As business relies less on "fortress" style central computers and more on distributed systems, the risk of disruption increases because of inadequate physical security, support services, and site monitoring. This article discusses information security and why protection is required on the Internet, presents a best practice firewall, and…