Click here to receive your FREE subscription to Campus Technology
Security Research
Campus Security Report Card: C for Effort
10/29/2007
Colleges and universities have done little over the last three years to improve information security. Hindered by lack of staff resources and funding, security efforts remain largely unchanged, while incidents of breaches--including the theft of personal information from within and without--continue to plague campuses. And, what's more, the integration of physical and IT security is still a reality in only a small minority of schools.For these reasons and more, higher education institutions received, on the whole, a C average in the 2007 CDW-G Higher Education IT Security Report Card, the latest annual study from CDW-G and O'Keeffe & Co., which measures responses from higher education IT professionals to gauge the state of security on college campuses.
Network Infrastructure Security
On the whole, according to the report, IT security is in about the same position it was in last year, although there has been a 10 percent increase in the theft, loss, or exposure of data. Fifty-eight percent reported IT security "incidents," identical to the results from last year's study. But 43 percent reported lost, stolen, or exposed data, up 10 percent. Seventeen percent reported loss or theft of personal information about staff members, up 12 percent from last year; and 16 percent reported loss of theft of personal information about students, up 7 percent from last year.
Yet the vast majority of the IT professionals surveyed (93 percent) said they considered their network infrastructure "very safe," "safe," or "moderately safe." Only 7 percent said their network infrastructures were "not safe" or "fairly vulnerable."
Risks and Barriers to Security
So what do campus IT professionals consider to be the biggest threats to information security? Perhaps unsurprisingly, "sensitive data residing on unprotected or vulnerable computers" ranked No. 1 (with an average risk ranking of 3.68 out of 5). This was followed by (in order):
- Intruders gaining access to high-profile, highly sensitive information or research results (3.59);
- Downloading of unauthorized material (3.48);
- End user sharing of authorized access (3.44);
- Identity theft of a community user (3.32);
- Increased use of laptops or other portable networked devices (3.3);
- Vulnerability of wireless networks (3.16);
- Malicious use of the network to attack other targets (3.1); and
- Weak security credential policies (2.99).
Recommended Reading
- Fixed-Mobile Convergence: Dartmouth Beefs Up Cell Coverage, Cuts Costs
Problems with cell phone coverage aren't uncommon on college campuses. There are two main reasons: The beefy structure of historic buildings can block cellular reception within walls, and, on more remote campuses outside cities, signal coverage can be light.
- Thompson Rivers U Deploys Unified Digital Campus for ERP
Thompson Rivers University (TRU) in British Columbia has selected SunGard Higher Education's Banner Unified Digital Campus (UDC) to integrate its ERP systems.
- DV Kitchen Web Video Publishing System Released
DVcreators.net has released DV Kitchen, a new video encoding and publishing application for Mac OS X designed specifically for creating materials to be posted on the Web.
- NEC Debuts 4 Education Projectors
NEC this week debuted four new projectors targeted toward education applications, along with a new MultiSync LCD display. The new NP-series projectors are entry-level models started at $899 but are designed to provide high light output, support for closed captioning, and built-in networking capabilities.
- Security Researchers Uncover Spring Framework Vulnerability
Software frameworks are enjoying enormous popularity these days among a range of developers. It's popularity well earned; frameworks provide powerful tools for building more flexible and less error-prone applications. They generally enhance developer productivity with out-of-the-box functionality. And they can free developers to focus on features instead of common coding tasks.
- 3PAR Server Arrays Integrate Fat-to-Thin Processing
Utility storage provider 3PAR has announced the release of the 3PAR InServ T400 and T800 Storage Servers. The new hardware is built on the company's third-generation InSpire architecture, featuring the 3PAR Gen3 ASIC with integrated fat-to-thin processing.
