- Campus Technology reports on a sobering report from the federal Office of the Inspector General, which suggests that IT infrastructure at the U.S. Department of Education is particularly vulnerable to security breaches of key websites and databases.
- In areas of protection, surveillance and response to potential hacker attacks, the Department scored an average of 4.3 out of 20 for its overall web operation and its Federal Student Aid center.
- The report specifically cited non-compliance with National Institute of Standards and Technology and an overall inability to prevent unauthorized devices from being connected to the network as key concerns with systems
When considering that the Department of Education fails to maintain consistent numbers across its web portals for institutional performance, it is no surprise that the personal information and institutional records of millions are also prone to be compromised. But this lack of security points to the low priority most institutions assign to data protection planning, and not necessarily a negligence on behalf of the administration or its staff.
The report can be a lesson to institutions of all sizes and missions; data security is not an area where response is better than prior investment and planning. Once compromised, there is little that can be done to restore confidence or losses resulting from breaches.