News

Navigating email security within the complexity of higher education

By Nigel Johnson
July 7th, 2015

A review of email encryption, data loss prevention and how they protect your institution and your reputation.

email-security-institution

As long as sensitive information and the Internet are around, it seems that cybercriminals and hackers are never going to stop finding new targets.And unfortunately for the IT managers and administrators of higher education institutions, cybercriminals have begun to set their sights on universities.

In recent months, the University of Chicago, Auburn University and UC Berkeley have all reported data breaches exposing the information of thousands of current and former students, employees and administrators.

So, what makes colleges and universities so desirable to hackers?

With the vast amount of information managed by higher education, it’s unlike any other industry. While universities house personal data collected from staff and potential, current and former students, they all also house financial information provided for tuition payments, aid and donations, and the protected health information (PHI) recorded at medical and mental health clinics. But unlike the “traditional” hacking targets, universities also hold proprietary data and intellectual property developed through research that can also be exploited.

This mixture of information creates a treasure trove of data, and IT departments have the seemingly insurmountable challenge of securing it all without impeding daily work and communication.

Protecting the most used communication tool

Despite the popularity of social media and instant messaging, email persists as the top communication tool for universities and businesses alike. The flow of information in a university ranges from sharing research among professors, financial aid discussions between the Bursar’s Office and students, and funding conversations between administrators and department heads.

To protect your institution from email data breaches, it’s critical to classify sensitive messages into three key email groups.

(Next page: 3 key groups; at rest and in transit)


Add your opinion to the discussion.