The Complexities of Data Security in Higher Education

By: Absolute Editorial Team | 10/2/2015

Technology is rapidly changing the classroom environment and the wider education system, at all levels of education. Higher education institutions were early adopters of many instructional technologies, to the benefit of both staff and students, but the constant innovation in technology has left higher education institutions in a precarious position, from the perspective of data security. Legacy systems, paired with the use of technology by a huge population of students, educators, employees and administrators, make it easy to see why higher education institutions are becoming a hot target for data theft.

Thieves are more likely to target large volume data sources. And when that data is valuable, such as high profile credentials or research, the risk of theft increases even more dramatically. The education vertical, particularly larger and more high-profile institutions, are facing more cybercrime in a time when data is harder to protect than ever. According to a recent ThreatMatrix Cybercrime Report, the educational sector is “ripe” for hackers, with more risk vectors introduced to the network from the use of mobile devices and the integration of online testing. Recent research from both BitSight and SecurityScorecards both gave poor data security grades to major educational institutions. The education sector as a whole has had 48 data breaches so far in 2015, up 17% from 2014 figures.

Sometimes the threat to data is internal and due to negligence or human error, as in the case of the recent student data breach in British Columbia, Canada, where a backup hard drive containing 3.4 million education records has gone missing.

"The data that is now at risk was probably considered to be benign when it was originally stored on the missing hard drive; however, we have seen cybercriminals leverage data from this kind of breach, in order to successfully perform more significant and damaging attacks in the future," said Ryan St. Hilaire, vice president of product management at Absolute.

The SecurityScorecard research into higher education ranked security in the following categories: Web Application Security, Network Security, Endpoint Security, Hacker Chatter, Social Engineering, DNS Health, IP Reputation, Patching Cadence, Password Exposure and Cubit Score. The research showed nearly universal poor security in areas such as password security and malware exposure, with the largest profile schools having the weakest security postures.

Higher education has unique challenges when it comes to data security. From the myriad of network users to legacy systems to the open environment culture, data security is a challenge. Security education, while the first line of defense, is particularly challenging in larger education institutions. Having technology on hand to supplement security training and policies is key to mitigating and recovering from data breaches.

Absolute has been working with educational organizations for more than 20 years to remotely protect each endpoint and the data they contain. With Absolute DDS for Education, you can ensure that mobility and open environment learning continue to be encouraged, while data security remains uncompromised. Learn more about our adaptive endpoint security solution for education here.

Financial Services