Security: An Everlasting Management Focus

Security is a lot like dirty laundry: Just when you think you’ve folded the last piece in the final load, someone tosses something filthy into the hamper. As computer and network security issues continue to plague higher education, it’s like wash day every day — and sometimes all day — for the IT and info security teams at colleges and universities nationwide.

For higher ed administrators, security has become the hands-down winner when it comes to IT funding these days. And well it should be, because the more devices placed in an enterprise, the more you need enhanced security.

If you want proof, take any IT project that you can think of — for example, building a green data center using the very latest in virtual-server technology; creating an enterprise network project using the best optical networking technology; or developing a brand-new, fast and capable administrative IT system — put them all in a hat, mix them up, then throw in just a single security initiative. Hand that hat to your college or university’s top management or financial people and ask them to select the most important one from the mix to fund. Chances are those administrators will pick the security project for top-of-the-rung funding every time.

In a survey of 589 higher education officials, Educause found that security is clearly the primary strategic IT challenge. After lurking in the top three of “The Current Issues Survey” since the study was first done in 2003, security jumped to the top of the 2008 list of IT managers’ concerns. Our own research at CDW•G confirms this, showing that security projects receive funding even when IT budgets recede.

The reason security has become so very important is that threats aren’t static. They mutate and evolve as hackers shift tactics with dizzying frequency. Most university leaders realize this. Therefore, they are willing to commit whatever reasonable and justifiable resources are needed to protect names, records and other sensitive university data.

At the Gate

Fortunately, though the security problem can never be solved, it certainly can be managed. I know that this is challenging for IT professionals — especially with the increased media attention given to recent attacks against commercial companies. Don’t be fooled into thinking that the media’s focus on corporate IT security breaches has changed priorities for hackers who seek to do harm to higher ed IT resources.

Campus networks remain primary targets for many kinds of attacks. Therefore, higher ed IT departments and their staffs must do everything they can to ensure that they do not become complacent.

Due diligence calls for the installation of appropriate security tools such as intrusion detection systems, intrusion protection systems and network access control. These tools must be used appropriately according to the size and scope of the enterprise. Furthermore, it is important to continually monitor these security tools and their reports for signs of malicious activity.

Today, your job in IT isn’t simply technology. As an IT professional, you are now the gatekeeper of your college or university’s valuable IT resources. It’s up to you to make sure safety precautions protecting those assets don’t fade away.

Chris Rother is group vice president for CDW Government, a leading technology provider to government and education. She is a passionate advocate for enhancing the educational experience with technology.