Dive Brief:
- University of Arizona Chief Information Security Officer Lanita Collette told EdTech Magazine that when it comes to securing the university campus, there is a "tension between our need to provide an open environment where people can collaborate easily and the need to protect private information."
- At Arizona, IT security officials make sure that servers remain updated, there are intense monitoring procedures in place, and the team continuously uses the latest patches to prohibit digital currency mining, which can overload the system — a similar approach that was taken by IT officials at Northwestern University when computer chip malfunctions could have potentially disrupted the institution's entire network.
- University of Wisconsin-Madison CISO Bob Turner told EdTech Magazine that ransomware is high on his monitoring and response list and suggests campuses adapt to better respond, explaining that "in order to deal with risk, you have to deal with the pace of technology, along with the pace of the threats that are coming at your organization,” he said.
Dive Insight:
One of the biggest issues colleges face with network security is that students and faculty, not outside hackers, are the biggest threats to system integrity. When students are attempting to file share, mine cryptocurrency and code on vulnerable platforms, or faculty members are clicking links which introduce spyware into a system, the role of IT officers are to create solutions for high-level response scenarios on a near-daily basis.
Smaller campuses that do not have a strong IT infrastructure monitoring system with technology and personnel may find that the investment is becoming increasingly necessary to avoid financial costs of data breaches, with each incident costing about $245 per record lost within the education industry. With higher education being one of the primary targets for hackers, executive teams on campuses nationwide will soon have to make tough choices about budgeting, capacity and long-term strategies to deal with growing demand for IT security stability. In terms of what this might look like, CIO of Virginia Tech, Scott Midkiff, explained leaders have to consider what the institution needs as a whole:
"I think what's really important is that the CIO and the IT organization better integrate itself really with the core missions of the university," said Midkiff. "So, I think that if you look at maybe sort of maturity level IT organizations — at one level you're strictly kind of providing commodity IT services for the university, and good IT organizations go beyond that to make sure that they're really supporting the business needs, the functional needs."