Higher Education Institutions (HEIs) need a specialized computer audit method to minimize quality and security risks and facilitate institutional evaluation and accreditation. This study aimed to develop a Computer Audit Method for HEIs (MAIIES) providing methodological support for the computer audit process. The MAIIES method includes planning,…

Information systems education objectives must continually adapt to a dynamic marketplace for knowledge and skills. For faculty developing programs that better prepare students for this demanding environment, existing research and guidelines provide a foundation to develop relevant coursework. However, an examination of peer institutions indicates…

The basics of authentication are straightforward. One can prove his or her identity in three ways: (1) something one "has" (for example, a key or a birth certificate); (2) something one "knows" (such as a password); or (3) something one "is" (such as one's fingerprints, used in biometric technologies). In the world of computers and networks, the…

In this article, the author offers six best practices for physical and data security convergence. These are: (1) assess the cable plant; (2) choose wisely; (3) be patient; (4) engineer for high availability; (5) test the converged network to make sure it works; and (6) don't forget the humans.

Much attention has been focused on the accountability, student learning outcomes, transfer of credit, and illegal file sharing provisions of the two related bills that have moved through the U.S. Senate and the House of Representatives to amend and extend the provisions of the 1965 Higher Education Act (S. 1642 and H.R. 4137). One of the…

In the past three years, higher education institutions have made a number of moves to secure their critical systems and protect their users, resulting in a marked change in the techniques used to combat security threats. Today, continued progress may depend on the development of an enterprise IT security program. (Contains 10 notes.)

Explores security challenges and practical approaches to safeguarding school networks against invasion. Highlights include security problems; computer viruses; privacy assaults; Internet invasions; building a security policy; authentication; passwords; encryption; firewalls; and acceptable use policies. (Author/LRW)

It is difficult to estimate the costs of not writing thorough IT policy. Misuse of IT resources, whether through ignorance or malice, costs money, as do court cases that can result from abuse. Furthermore, a poor university accreditation report caused in part by poor policy documents will likely have an adverse impact on student enrollment. There…

This pamphlet analyzes some of the legal issues colleges and universities face in regard to faculty and student access to computers and the World Wide Web, evaluates current legal developments, and offers guidelines for developing policies for computer access. It examines sample acceptable-use standards, procedures for suspending or terminating a…

Good information security does not just happen--and often does not happen at all. Resources are always in short supply, and there are always other needs that seem more pressing. Why? Because information security is hard to define, the required tasks are unclear, and the work never seems to be finished. However, the loss to the organization can be…