Click here to receive your FREE subscription to Campus Technology
Opinion
Security in 2007: No Surprises Here (Well Maybe a Few)
11/9/2007
Each year O'Keeffe and Company conducts an online and in person IT Security survey of IT directors and managers for CDW-G. This year there were 151 respondents from a variety of higher education settings. The results are an important barometer of the state of IT Security in higher education. The full report is available here. If you haven't downloaded it already, you should do so now: It's important.
Things That Jump Out
As I read the report a couple of things stood out. First, high profile IT security incidents continue to plague higher education. For the second year in a row 58 percent of the respondents reported an IT security incident. And again, sensitive data residing on unprotected or vulnerable computers is ranked as the top security risk. (See my July 13 Campus Security Newsletter column "Who Knows What Evil Lurks in the Cyber Heart?" for comments on this problem.)
The second thing that jumped out at me was that things don't seem to be getting any better, although the good news is that they don't seem to be getting any worse. For the last three years the number of respondents reporting that they feel very safe from malicious attack has hovered around 8 percent, while the number that felt safe has stayed around 37 percent. There were no consistent trends of feeling more or less safe over that period.
Why Aren't Things Getting Better?
When asked what were the barriers to improving IT security, the responses were: too few staff resources, lack of funding, higher education culture, and lack of defined security policy. No surprise here. What I did find a little surprising was the apparent emphasis on technology to overcome these barriers. This may be an artifact of the way question was poised to the respondents. "Which of the following security devices are utilized on your campus?" The choices included such things as network authentication software, card access systems, and IP cameras. The problem is that acquiring these devices, while important, doesn't address resource, cultural, or policy barriers. How are institutions approaching the underlying problems?
To pursue this I had a long conversation with Louisiana State Universities CIO Brian Voss and their Chief Information Security & Policy Officer Brian Nichols. In the wake of Hurricane Katrina, LSU has been in the vanguard of improving IT security and implementing disaster recovery and business continuity strategies. Staff dedicated to IT security, disaster recovery, and business continuity have increased from zero to nine FTE.
Recommended Reading
- California Community Colleges Partner with Waterfall Mobile on Statewide Emergency Notification Coverage
The Foundation for California Community Colleges (FCCC) has awarded a statewide emergency alert notification contract to Waterfall Mobile. The contract establishes Waterfall's AlertU as an approved technology through the official non-profit foundation for the California Community College (CCC) system office. Through this partnership, individual colleges may directly implement emergency communication services, eliminating lengthy technology evaluation and RFP processes.
- King's College and ASU Add e2Campus for Improved Emergency Notifications
King's College and Arizona State University have switched to Omnilert's e2Campus for emergency notification. Omnilert also has introduced a new program called the ENS Conversion Service that allows schools to bulk upload data from their previous emergency notification system into e2Campus at no charge.
- Saint Joseph Builds Out Wireless Network in Multi-year Upgrade
Saint Joseph's University has begun deploying a Meru Networks wireless local area network across its Philadelphia campus as part of a multi-year effort to bring wireless coverage to every building on campus.
- Vista Ramp Up Is Happening Now, Study Says
Organizations may have been slow to adopt Microsoft Windows Vista, but expect that to change by late 2008 to 2009, according to a Forrester Research report by Benjamin Gray et al., published last week.
- Talisma Launches New Version of CRM with Built-in Application Management
Talisma Corp. announced version 8.0 of its constituent relationship management (CRM) application for higher education. The new release includes application management, a revamped user interface, two-way text messaging, personalized Web portals, and an ADA-compliant Web client, among other enhancements.
- Bringing Composers into Classrooms Through Skype
Two Pennsylvania teaching colleagues with an interest in music and technology are bringing remote experts into classrooms at almost no cost, using Skype's free videoconferencing technology.
