IT security dominates campus concerns

Higher education’s embrace of information technology may be rapidly expanding in many areas, but on the hot-button issues of IT security and crisis management, hundreds of campuses are not keeping up, a nationwide survey suggests.

Even in the wake of last spring’s horrific shootings at Virginia Tech, and two years removed from Hurricane Katrina, barely three-fifths of about 550 responding institutions in the survey sample have strategic plans in place for IT disaster recovery–a finding that the annual survey’s director, Kenneth C. Green, calls "quite striking."

The proportion of institutions that report having such plans is only slightly higher now than was the case in each of the previous two years, Green notes, adding: "Two years after Hurricanes Katrina and Rita, and six years after the 9-11 attacks, it is still surprising to see that so many colleges and universities have yet to update or complete their IT disaster and crisis-management plans."

The gap persists, moreover, at a time when the need for "network and data security" ranks as the most important IT issue for the fourth consecutive year of the survey, which went to chief information officers and other IT leaders at about 1,200 campuses. About 25 percent of the reporting institutions, only a few percentage points lower than the level recorded last year, identified security as the top issue.

Results of the latest survey, which has been administered during the past two months, are being made public in Seattle today in connection with the annual conference of Educause, a nonprofit organization devoted to IT in higher education.

One reason that many colleges may not be fully up to speed on security is that, technologically speaking, "nothing stands still," says Green, founding director of the 18-year-old Campus Computing Project and a visiting scholar at the Claremont Graduate University. The reality, he observes, is that "IT touches almost everything" in higher education–from instruction and finance to policy and planning–and IT officials must constantly play "catch up."

The conclusion that many educational institutions may be having trouble keeping pace with technology also has been supported in recent days by an informal poll of readers of eSchool News online. More than 80 percent of respondents said schools in their areas were falling behind in the use of new technology.

According to the campus survey, a year ago–before the latest flurry of campus violence–some colleges were already starting to look into using technology for notification purposes in contexts other than campus emergencies, such as for recruitment and retention, Green says. But then came the Virginia Tech shootings and other crises, he says, "and boom, you’ve got either actual or inferred mandates" for technology-based strategies. Suddenly, the reality has become, "We’d better get these systems up and going," he explains.

Indeed, many academic institutions are moving quickly to "enhance and expand IT and communication resources and services" as part of broader plans for IT and campus crisis management, Green says in a summary of this year’s survey’s findings, and 44 percent report having a strategic plan for emergency notification or communication services.

But many plans appear to be limited to "existing IT resources" such as eMail, web sites, and campus phone services, Green reports, with only about one-fifth of the institutions having the capacity to provide notification services to off-campus phones or cell phones.

"Of course, nobody’s got this as part of their budget planning," Green remarks. "It’s both an evolving need and an emerging technology. And so there is, on the part of IT organizations, this kind of perpetual chase going on."

A state-appointed panel that investigated the Virginia Tech massacre concluded in a report issued on Aug. 29 that lives could have been saved had the university warned people sooner about an initial campus shooting incident earlier the same morning.

In terms of IT security specifically, the latest campus survey found a slight drop–to about 46 percent–in the proportion of institutions reporting hacks or attacks on campus networks. Also, fewer campuses say they they’ve had major problems with computer viruses (14.8 percent this year, compared with 35.4 percent in 2005), or with spyware (down to 15.9 percent from 40.8 percent in 2005).

On the other hand, reports of incidents involving the theft of computers containing sensitive data have increased slightly, from 15.3 percent in 2005 to 17.1 percent this year. Also, about 13 percent of campuses have experienced security incidents linked to students’ use of social-networking web sites, Green reports, and nearly one campus in 15 has had a security incident in the past year resulting from "intentional employee transgression."

Besides network and data security, the top IT issues reported in this year’s survey are a need to upgrade or replace enterprise resource planning (ERP) systems (13 percent) and the hiring and retention of IT employees (12.3 percent). Green says the concern over hiring suggests "growing competition for qualified IT talent," both on campuses and in the corporate sector.

On a more positive note, the survey shows that wireless networks continue to spread rapidly on campuses and now reach three-fifths of college classrooms, a gain of about 15 percent in the past year and nearly twice the figure reported in 2004. More than three-fourths of survey respondents say they now have a strategic plan for wireless computing.

At the same time, however, Green cites evidence of a small but continuing backlash against wireless computing from faculty members "who would prefer that students not hide behind their computer screens during class."

Those sentiments are hard to quantify, Green acknowledges, but he says he hears "more and more stories" around the country about college teachers who, while recognizing the convenience of wireless computing, are concerned about "students who are wandering" electronically during their classes. "Are they doing eMail?" Green says some teachers wonder. "Are they on social-networking sites–or even, for that matter, sandbagging students and faculty?"

In addition, the survey director says, some academics appear to be uncomfortable with the possibility that they could be challenged–virtually mid-lecture–by students who use wireless connections to locate online sources that may contradict something their teacher has just said.

But while some college instructors may wish they could do away with wireless computing–or, at least, shut it off for a while–that is "not going to happen," Green says emphatically.

Meanwhile, the survey points to small but significant gains in the use of open-source products over commercial products for learning management systems (LMS) software. One open-source product, Sakai, holds a steady three-percent position among campuses this year, and the popularity of Moodle, another open system, has nearly doubled in the past year, with use rising to 7.8 percent of institutions.

Another notable survey finding this year, according to Green, is a decline in the relative emphasis that IT leaders are placing on "the instructional integration of information technology." That issue is considered the top IT concern this year by only 11.2 percent of respondents, compared with 17.3 percent last year and 40.5 percent in 2000, when it topped the list.

Noting that other IT issues are "competing for time and space and priority" on campuses, Green comments that "there’s a lot of fallow capacity" in the systems many institutions already have deployed. That, in turn, may be helping to restrain some ed-tech advances, he maintains.

"We’re into what I would characterize as the third decade of the IT revolution," Green says, "and it really is the case that, while the technologies are incredibly rich and they’ve improved at great speed…, it’s still the case that our reach exceeds our grasp."

Sponsors of this year’s survey included more than 30 companies and organizations involved in education technology. Among them were Adobe, Apple, Blackboard, Cisco, Educause, Houghton Mifflin, McGraw-Hill, Microsoft, Pearson Education, and Sun Microsystems.


Campus Computing Project


eSchool News Staff

Want to share a great resource? Let us know at