Eight in 10 colleges and universities allow students to access the school network with any mobile device they bring to campus, but less than half have an official policy for enforcing certain security standards before a smart phone or computer tablet can use the school’s internet connection.
Those findings – along with a range of others showing campus technologists fret over student and faculty data security – were detailed in an April 16 report from CDW-G that listed higher education’s most persistent IT concerns.
Most college and university IT officials surveyed said their campus had taken basic information protection measures like installing web security filters, or using encrypted storage and data loss prevention programs as the number of people who access college networks has increased by 41 percent since 2009.
Read more about mobile devices in higher education…
Thirteen percent of respondents to the CDW-G survey said a college’s proprietary and competitive information would be the top target of a cyber attack, while 11 percent said the school’s financial data would be most sought after by hackers.
Without requiring students to comply with mobile-device safeguards that protect against their smart phone or iPad making the campus network vulnerable to hackers, botnets, or malware, Social Security numbers, credit card numbers, and other personal information remain at risk.
Kutztown University of Pennsylvania, a 10,000-student public institution, is among a small percentage of U.S. campuses that requires its 4,400 on-campus students to register their various mobile devices with the school’s IT department so the school can monitor any devices that are infected with a virus meant to fish information out of a campus database.
“As long as a student never logged out, we would never know if their device had become a risk to the network,” said Bill Eben, coordinator of residential computing at Kutztown, which monitors mobile devices with a system called ForeScout CounterACT. “[It] tells us instantly if a device becomes non-compliant, allowing us to take action to protect the student and the network.”
Eben said Kutztown officials stay in touch with new students as they move into their dormitory rooms, sending them eMail reminders to update their mobile devices’ antivirus settings and software.
“This results in less frustration and a better user experience for students, some of whom may be only slightly non-compliant,” he said, adding that Windows-based personal computers must have security settings updated every two weeks to gain access to the Kutztown internet connection.
If a student continually ignores Kutztown’s eMails, they are denied access to the campus network and redirected to a “browser compliance check page,” where they can make the necessary updates, Eben said.