Security at higher education institutions
Posted on 11 June 2014.
SANS announces results of its inaugural survey of security in institutions of higher education, in which nearly 300 higher education IT professionals answered questions about the challenges of making their environments secure while maintaining the openness needed by faculty, staff, students and benefactors in traditional educational models.

The majority of respondents represented IT staff working predominately at US institutions: 48% at public universities, 19% at private universities, 10% at private colleges and 7% at two-year public/community college institutions. They represent a good blend of security management and technical security roles.

"IT staff at colleges and universities always feel as if they are isolated—that no one else faces the same challenges, but this isn't the case," says survey author Randy Marchany. "Our message from this survey is that you're not alone. All of us share the same problems in creating and maintaining a secure campus."

Of the organizations represented in the survey, only 45% have formal risk assessment and remediation policies in place. The situation is worse in smaller institutions, where only 31% have such policies. Yet all respondents say their organizations are required to secure a variety of personally identifying information across different types of networks, with often competing privacy requirements.

Yet, only 57% classify their sensitive data and provide guidelines for safe data handling, and even fewer (55%) define appropriate owner, user, and administrative roles.

Staffing and budgeting for institutional security are key reasons why organizations are failing to protect their confidential data, according to the survey. While 64% believe they need 1–5 FTEs of additional staff, 43% believe they cannot pay premium rates for skills needed. Lack of budget, selected by 73% of respondents, is deemed a cause of not being able to maintain or increase IT staffing.

"Despite these concerns, institutions are working to provide open and secure educational environment to their clients, the faculty, staff, students, parents and benefactors," Marchany adds.





Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //