Although colleges and universities lost substantial time and money addressing breaches in 2015, the efflux wasn’t without a silver lining: This year, campus IT stands at the ready to ward off and respond to security incidents.
That renewed focus on preparedness will be essential in 2016. BYOD policies and the Internet of Things create new security risks for every organization; however, higher ed faces additional challenges when it comes to keeping student and university data safe. For one thing, the sheer number of users connecting to campus networks opens up significant vulnerabilities. A new study from CompTIA indicates that 52 percent of corporate security breaches result from human error.
Adding to the problem, IT departments can maintain tight security only on university-owned computers, notebooks and mobile devices. White listing, blacklisting, encryption and remote-wipe protections are not an option for personal devices. Instead, IT must provide security recommendations and guidelines, then trust faculty, staff, students and campus visitors to maintain their own security protocols.
Even without those complications, IT personnel would still have difficulty guarding campus networks. After all, they store vast amounts of student data, and when you take accidental breaches out of the equation, the threat of a cyberattack is still very real.
To prepare for the worst, IT must not only outfit the campus network with a comprehensive set of cybersecurity solutions but also design and regularly update a post-breach action plan. By deciding in advance who puts the response plan into action and which other departments, such as legal and PR, are involved, higher ed institutions can help minimize fallout when a breach occurs.
For insights into how four higher ed leaders are meeting cybersecurity challenges, see “Campus Leaders Weigh In on Higher Ed’s Top 10 IT Issues.”