The Problem of Data Breaches — and What Colleges Are Doing to Fight Back

The Problem of Data Breaches — and What Colleges Are Doing to Fight Back

By Brian Knotts on Thursday, July 31, 2014

Hardly a day goes by without another headline proclaiming yet another catastrophic data breach at a major college or university. Driven by calls for increased accountability and by a growing emphasis on student success, higher education has embraced the use of data as a tool for improving the student experience.

Unfortunately for colleges, administrators aren’t the only ones looking to make use of that information. Opportunistic hackers have stepped up their games, too, circumventing network security measures in increasingly brazen attempts to steal or expose personal information of students and alumni.

Each new threat presents a new set of challenges for campus IT staff. That’s why it’s important for administrators to keep their ears to the ground. One college’s data nightmare can be another college’s saving grace. If data security is your responsibility on campus, here are four stories you don’t want to miss.

Reputation killer

If you’ve been keeping up with the news, you already know what kind of dent a massive data breach is capable of putting in your college’s finances. But what about the college’s reputation in the community? It’s possible that constituents would think less of your college if it fell victim to one of these attacks. The Chronicle of Higher Education’s Megan O’Neil breaks down the extent of the damages wrought by the recent cyberattack on the University of Maryland, College Park, both in dollars (we’re talking millions) and in esteem.

Going mobile? Security first

Administrators at Temple University, in Philadelphia, have taken a big step to address mounting data-security concerns tied to the booming bring-your-own-device trend. Writing for Inside Higher Ed, technology reporter Carl Straumsheim details a new campuswide security policy that essentially segments data shared on campus IT networks into three categories: unrestricted, sensitive and confidential. College administrators say they have extended the conversation about data storage on campus from where data can be stored (e.g., in the cloud or on local servers) to what types of data can be stored.

From Temple’s policy: “All members of the University community have a responsibility to protect the confidentiality, integrity, and availability of data generated, accessed, modified, transmitted, stored or used by the University, irrespective of the medium on which the data resides and regardless of format.”

Fighting back

BBC reporter Pippa Stephens details a U.K.-based plan for a new Open University course, aimed at convincing as many as 200,000 students to study cybersecurity. Even if students ultimately choose not to pursue a career in the industry, proponents say the program will give them the skills to better protect their information from theft. “Everyone needs the basic understanding of cybersecurity at home or at work,” Natalie Black, deputy director at the U.K.’s Cyber Defense and Incident Management office tells the BBC.

Approach with caution

News of the latest data breaches in higher education comes amid calls for a federal database on student records. Government officials could essentially use these student unit records to develop policies that would promote greater student success. Writing for Inside Higher Ed, Bernard Fryshman, professor of physics at the New York Institute of Technology, warns that the formation of a monolithic student data bank would come with its share of risks. In addition to the high costs associated with creating such a database, Fryshman warns that the more data institutions and the federal government collect on students, the more people will want and demand access to it. Would you want your employer requesting a copy of your federal student unit record? Maybe. Then again, maybe not.

Read any good stories on data use and security in the news today? Share them with us in the Comments.

Permanent link

Add to conversation

* Required. DO NOT include HTML code.
* Comments are subject to moderation.