Oct 31 2006

Does Your Campus Support Cybersecurity Initiatives?

Protecting the network is at the top of IT's priority list. But lack of funds and staff hinder adequate defenses.

Keeping the campus network secure is the overriding priority of college and university IT administrators and managers. That's the consensus of a number of reports and surveys recently unveiled, supporting what you wrestle with every day: protecting your network from an array of internal and external assaults. And your task is not getting any easier, especially with the push to extend campus networks–both wired and wireless.

Campus IT administrators identify network and data security as the “single most important IT issue affecting their institution over the next two to three years,” according to 2005 survey data compiled by The Campus Computing Project. (See page 64 for a summary of the report .) The survey also finds that 51 percent of the respondents report experiencing hacks or attacks on their network in the past year, and 41 percent report a major spyware infestation.

Moreover, a survey of higher education IT directors, released by CDW. G in October, found that 64 percent of the respondents say that IT security is among their top priorities. Interestingly, 66 percent note that they are able to dedicate less than one-quarter of their time to security issues, citing a lack of funding (50 percent) or a lack of resources (12 percent) as the main barriers to improving IT security on campus.

Considering the downtime and havoc caused by security breaches–and the time IT staff must devote to identifying and fixing those incursions–you would think institutions would ante up more funds and staff to address this pervasive problem. What institution wants to deal with the headaches and unwanted spotlight that ensue when sensitive data is breached?

News accounts of database attacks at high-profile institutions indicate that the problem is pervasive and growing. No institution is immune from any number of attack methods, which are getting more creative and sinister every year.

In Terms of Dollars

Annual worldwide losses from security cyberattacks are estimated at $16.7 billion, according to a 2004 Computer Economics report. Newsbytes reports that 90 percent of businesses and government agencies suffered hacker attacks last year. In addition, The SANS Institute reports, “More than 422 significant new Internet security vulnerabilities emerged in the second quarter of this year, an increase of 11 percent from the first three months of the year.”

Taking Action

So what can be done to deal with this problem? Institutions need to continue to educate users to be more cognizant of security concerns and promote “best practices” to their campus population. Further, institutions must allocate–and fund–IT personnel to shore up their security initiatives. A prime example of a pre-emptive security initiative is the article on page 44, “Preventive Medicine ,” which outlines the innovative methods Illinois Wesleyan University has taken to reduce computer infections.

But there is good news to report. The CDW. G poll found that 73 percent of faculty and 87 percent of administration executives surveyed said they are “supportive or very supportive” of cybersecurity initiatives on campus.

However, according to Dan Monahan, CDW. G higher education director, “The bad news is that as the academic community increasingly relies on information resources to fulfill their mission, IT staffs are absolutely stretched to the limit to meet the growing needs.” In the end, Monahan stresses, “The net result is that IT security remains a problem for colleges and universities–even though real solutions are available.”

Tom Halligan is editorial director of EdTech.