Discussions with a central IT organization about integration with existing systems on campus, support costs for the new implementation, and total cost of ownership frequently become adversarial. Simmons College, a small college in Boston with an enrollment of approximately 1,900 undergraduate and 2,800 graduate students, reframed these issues in…

Computer security is one of the most complicated and challenging fields in technology today. A security metrics program provides a major benefit: looking at the metrics on a regular basis offers early clues to changes in attack patterns or environmental factors that may require changes in security strategy. The term "security metrics"…

At the beginning of an academic year, thousands of students move into campus housing on Indiana University's Bloomington and Indianapolis campuses within a three-day period, and more than 96 percent arrive with at least one personal computer (and possibly also a PDA, cell phone, and gaming system), and most expect to connect to the campus network…

The EDUCAUSE/Internet2 Computer and Network Security Task Force consulted with IT security professionals on campus about concerns with the current state of security in enterprise resource planning (ERP) systems. From these conversations, it was clear that security issues generally fell into one of two areas: (1) It has become extremely difficult…

Anecdotal evidence existed about the many students who use their laptops and the wireless network in university common spaces, but little was known about how, where, and why students use laptops on campus, and less was known about students' awareness of university wireless network policies and security. This article discusses the results of a…

The Fifth Annual Educause Current Issues Survey ranked "security and identity management" near the top of the list of critical IT challenges on campus today. Recognition of the crucial importance of securing networked resources led Internet2 to establish its Middleware Initiative (I2MI) in 1999. While Internet2 was founded to develop and deploy…

In academic settings, battling Internet threats and coming out unscathed is uncommon. Unfortunately, on many college campuses cyber-security concerns rarely extend beyond the IT staff and are addressed in a disparate, ad-hoc fashion. Yet, while many universities and large corporations were hit hard by the recent NetSky and Sasser worms, fewer than…

The evolution of terms, such as computer security, network security, information security, and information assurance, appears to reflect a changing landscape, largely influenced by rapid developments in technology and the maturity of a relatively young profession and an emerging academic discipline. What lies behind the evolution of these terms?…

Good information security does not just happen--and often does not happen at all. Resources are always in short supply, and there are always other needs that seem more pressing. Why? Because information security is hard to define, the required tasks are unclear, and the work never seems to be finished. However, the loss to the organization can be…