I don’t know about you, but I’ve become so accustomed to most of today’s latest IT security measures that I hardly notice them: I can enter my notebook’s startup password in a flash and swipe in my phone’s screen lock pattern without even glancing down.
Of course, those protections are about as basic as you can get. The higher ed IT leaders I meet with employ much more advanced security strategies when guarding their campuses from cyberattacks. That’s because the threats that colleges and universities face lately are not just sophisticated but also pervasive.
Higher Ed Becomes a High Profile Target
Higher ed has become such a monumental target for hackers that education was named the third most-breached sector in Symantec's 2015 Internet Security Threat Report. It represented 10 percent of the total number of reported incidents in 2014, coming in behind healthcare (37 percent) and retail (11 percent).
That startling fact may be what’s spurred the higher ed IT leaders I work with to reinvest in data protection. It could also be why EDUCAUSE members at large listed information security as their No. 1 priority in the 2016 Top 10 IT Issues and Strategic Technologies. Only last year, they ranked it at 10.
Another reason security will be top of mind in 2016 is the shift in thinking that’s occurring within higher ed. IT leaders no longer view security breaches as avoidable, and colleges and universities have taken to defining security protocols that will limit fallout after an inevitable incident.
Stocking the IT Arsenal
Although response plans are vital when worst-case scenarios arise, higher ed institutions should still seek security solutions that can help deter, slow or even thwart some cybercriminals.
At Brigham Young University–Hawaii, for example, IT staff reinforced existing anti-virus software with Traps endpoint protection and WildFire sandboxing tools from Palo Alto Networks. The latter identifies malware before sending it to a sandbox for analysis. The university’s next-generation firewall then prevents the malware from activating within the network.
IT professionals at Ohio State University protect university-owned desktops, notebooks, tablets and smartphones using a combination of endpoint security solutions, data loss prevention software and file encryption.
As part of the institution’s bring-your-own-device initiative, IT staff also run mobile device management software to safeguard applications and data living on personal devices. MDM solutions can even remotely wipe select data in the event that those devices are lost or stolen.
Student-owned devices are, of course, a different beast. Although IT departments at many universities offer security training and advice on anti-virus software, the absence of standard security requirements for those devices makes institutions susceptible to attack. Technology partners, such as CDW, offer a range of security risk assessment services that can help IT leaders root out those vulnerabilities and design effective risk-management plans.
Having a team of technology experts on hand also helps colleges and universities find solutions that best fit their needs. And whether IT leaders choose to deploy an integrated endpoint security suite or a set of stand-alone products, they’ll end up with a tailored approach that gives their institution a fighting chance against cyberattacks.
This article is part of EdTech: Focus on Higher Education’s UniversITy blog series.