Universities present particular challenges in securing sensitive information.

Universities present particular challenges in securing sensitive information.

College campuses are centers for learning and exploration, where students and faculty develop, exchange, and trade information. More than most other organizations, colleges and universities are in a continuous state of information sharing and data creation, and they rely heavily on the ability to seamlessly share, store, and protect that information within their communities and among their partners.

What’s more, life on a campus is always in flux. Students and faculty come and go, and their need to access certain information, not to mention physical campus locations such as dormitories and labs, is fluid.

As a result, the university setting causes big headaches for chief information officers and other technology professionals who are charged with securing the data that reside on a university’s computer systems—everything from proprietary research to students’ financial and personal data.

While most CIOs spend their days worrying about the external hacking threats, a university’s greatest vulnerability comes from its own students, faculty, and administrative staff. Across the higher-education field, too many insiders have access to sensitive information that they should not be privy to, and the outcome can be highly disruptive and damaging to a university’s operations and reputation.

Making matters worse, most data security breaches are actually the result of students or faculty unwittingly acting as an accomplice to an internal or external threat. In fact, in many data-breach cases on college campuses, there is no malicious intent on the part of the insider—even though they are the primary facilitator of the crime.

The “unwitting accomplice” poses one of the greatest threats to protecting student and organizational data. There is no silver-bullet solution to this dilemma; IT directors can’t spend their way out of this problem, and they can’t flip a switch that will fully protect the data that reside on the university’s system. Rather, universities must deploy a layered approach that combines stringent access control with continuous education on data security for all employees and students…

Read the full story on eCampus News.