Cyber Security on Campus – Who Holds the Risk?
Updated: Nov 14, 2019
Colleges and Universities all over the globe are connected from within and with the world through vast networks intended to ease the storage and movement of information. Students, researchers, faculty, visiting guests, and experts flock to campuses as repositories of knowledge and information, eager to teach and learn. What many do not consider is how safe their often-proprietary information is in these spaces.
The world of cyber security, and frankly the security of one’s personal information and intellectual property, is a battle that continues to evolve as fast as the technology industry can bring new products to the market. The growing supply of new operating systems, software capabilities, and concepts like Artificial Intelligence and machine learning expanding in popularity and into new functions. The key to achieving a truly secure network environment requires the collaboration of both the provided tools and the users themselves. A tool or a resource is only as useful as the operator, so the most complete security system and policies are not the only component to security – the user must be wary and intentional with their actions to avoid what issues they can in the moment.
College and graduate level educational institutions possess vast amounts of otherwise private information on most all of those affiliated with the entity – either as an employee or a student. At the individual level, Social Security Numbers, account balances, acquired debt, and academic standing, and even tax records are all at stake in the security battle. In addition to this, the research, projects, and incubation spaces become threatened if their privacy or propriety were to be violated or exposed. Research and startups, specifically in the technology space, currently draw a significant amount of both attention and capital investment to further promising ventures.
As colleges and universities compete to attract the brightest and most promising individuals to pursue further education, they offer access to resources, funding, housing, and various other incentives. A consideration should be made by both parties, the institution as well as the recipient, regarding whether the work put forth will be protected properly. For a group researching in a competitive space, years of work can be compromised were a breach to occur. For an individual putting their efforts to further their education, they should be confident that the institution they are affiliated with has not put their identity in jeopardy. It is in everyone’s best interest to maintain a solid and secure environment around the college campus, but the realization of this need is far from simple.
The role of the users is a major factor in the security, or inherent lack thereof, in a system. No matter how much state-of-the-art software and how many barriers are put in place, a major breaking point of a security system is the user. Often on a college campus or other large institution, many of the access points, both physically and online, hinge on the use of an entity-issued ID credential. Physical access is one of the many ways to introduce malware or otherwise harmful actors to an individual machine or even a server, and the risk of this is much higher if any number of the users are careless in this regard. Most people would be unsurprised to hear that there are breaches in personal email accounts. This is another common resource to the members of a college campus community and many other institutions like them. Some of these emails are Phishing or various other types of attempted fraud, but even unauthorized access to an “inside” email account can open the whole system or community to a more widespread attack for the very reason that these emails exist – to communicate to the whole entity or some subset of it. Breached communication spreads within with less caution because an internally recognized correspondence is thought less likely to be corrupted.
Keeping a secure online environment on a college campus requires the cooperation of thousands of individuals in addition to the school and staff providing the means to protect their devices and networks. An institution who competes with to draw students and faculty has a carefully cultivated reputation – one that can be tarnished were it to begin to have breaches in the security of its information. In the same way, students who spend months or years on a project only to have it stolen or corrupted by a preventable incident have a lot of potential loss at stake. The infrastructure is ever-evolving both physically and technologically, but in the interest of privacy and security colleges, universities, and similar institutions must do their best to stay near the cutting edge in effort to protect the work and research that they work so hard to cultivate and facilitate. Intelligent, informed, and aware users can do a great deal to supplement this effort by making prudent decisions with their personal devices and how they choose to communicate and store their work. There is much to be targeted in these spaces, so it is in the interest of all involved to pursue the safest and most secure environment that they can achieve. As technology continues to expand and evolve, we will see which groups adapts as well as which groups falls prey.
© De Angelis & Associates 2019. All Rights Reserved.