Modern higher education institutions must contend with a litany of cyber threats, regulations, and environmental dynamics. These institutions are increasingly being targeted due to the value of the data they possess and their historically permissive configurations that are intended to support academic freedom. Many universities are implementing…

With the recent proliferation of information technology, almost all users of technology, no matter the field, profession, or status, have experienced a commensurate increase in information security threats. This, in turn, creates a significant concern in higher institutions of public learning. Information Security Officers in public higher…

With the advancement in technology over the past decades, networks have become increasingly large and complex. In the meantime, cyberattacks have become highly sophisticated making them difficult to detect. These changes make securing a network more challenging than ever before. Hence, it is critical to prepare a comprehensive guide of network…

Why is Information Privacy the focus of the January-February 2013 issue of "EDUCAUSE Review" and "EDUCAUSE Review Online"? Results from the 2012 annual survey of the International Association of Privacy Professionals (IAPP) indicate that "meeting regulatory compliance requirements continues to be the top perceived driver…

When an individual hears the term risk, he/she usually thinks of the financial institutions whose mismanagement of risk was instrumental in causing the 2008 financial crash. But all organizations, including colleges and universities, face various types and levels of risk, which threaten to harm the institutions and their ability to fulfill their…

The sourcing of IT systems and services takes many shapes in higher education. Campus central IT organizations are increasingly responsible for the administration of enterprise systems and for the consolidation of operations into a single data center. Specialized academic and administrative systems may be run by local IT departments. In addition,…

Will that data breach be the end of a chief security officer (CSO)? Managing information security in higher education requires more than just technical expertise, especially when the heat is cranked up. This article takes a look at how two CSOs deal with hack attacks at their universities. When Purdue University Chief Information Security Officer…

Increasingly, IT organizations will move from providing IT services locally to becoming an integrator of IT services--some provided locally and others provided outside the institution. As a result, institutions must immediately begin to plan for shared services and must understand the essential role that identity management and trust services play…

Data loss from life's little power calamities may be the most common form of IT disaster any campus can face. According to a 2007 industry association survey(www.connect.educause.edu/library/ecar/shelterfromthestormitandb/41174), 82 percent of higher education institutions reporting a disruptive occurrence in the five years prior to the study…

Seeing an institution's name in the headlines for a security breach may be among a CIO's-- and a president's--worst nightmares. Whether the breached data involves social security numbers, credit card accounts, clinical records, or research, this is bad news. Federal agencies that provide research funding may lose confidence in data integrity,…

This article discusses what colleges and universities can learn from Uncle Sam and corporate America when it comes to designing secure networks and ensuring privacy. After all, schools face many of the same privacy and information security challenges seen in the business and government sectors. The fact of the matter is, in the age of cyber crime…

Good information security does not just happen--and often does not happen at all. Resources are always in short supply, and there are always other needs that seem more pressing. Why? Because information security is hard to define, the required tasks are unclear, and the work never seems to be finished. However, the loss to the organization can be…