data-big-analytics

Innovation corner: Hitting back against data attacks


Colleges and universities have more data than ever, and with that exponential increase in sensitive information has come the prying eyes of hackers hoping to find their way into those massive data silos.

dataData breaches aren’t just disastrous public relations for universities — they can also be terribly expensive, with schools having to purchase credit monitoring services for thousands or tens of thousands of students, parents, and campus employees.

Just ask officials at the University of Maryland, which suffered a nightmarish cyber attack that compromised more than 280,000 records stored on campus servers. It marked one of the largest higher education breaches in recent memory.

UM decision makers pledged to identify sensitive information in university databases to determine whether they are needed and how to better isolate them, along with examining national cybersecurity policies and best practices to establish an appropriate balance between centralized security and broad access on university networks.

The upcoming summer months are a critical period for college and university data protection, as new student information makes its way into school databases.

Perhaps most concerning: More than half of colleges and universities transmit various kinds of sensitive information – including financial details – over unencrypted channels, according to a 2013 survey. One-fourth of the 162 institutions included in the national survey said they advised students and parents to send personal information – including W2 documents – via eMail.

Report after report has charged that higher education’s open culture has contributed to the risky information transactions, along with budget issues that leave some IT departments without resources to properly protect vital student information and campus higher-ups who don’t fully grasp the dangers of sending information over unencrypted connections.

Here are a few companies that higher education institutions are turning to as data continues to grow and news of cyber attacks continues on campuses large and small.

(Next page: A list of top data security companies)

FireEye: This service’s Continuation Threat Protection model is considered a “reimagined” approach to cyber security in the business world, and one that could translate to higher education. The system is designed specifically to combat advanced cyber attacks that have broken through campus firewalls and secure web gateways that once served as reliable way to combat hackers and botnets looking to scoop up sensitive information. FireEye’s technological architecture, unlike many security platforms, is aware of the “multi-stage and multi-vector nature of attacks” that have proven so successful in compromising school data in recent years. FireEye’s offerings include cloud-based products for network, email, content, mobile, forensics, and endpoint solutions.

IBM Cloud Security: Colleges and universities might be drawn to IBM’s data security solution for its control, automation, and ability to meet regulatory compliance that is so prevalent in educational circles. IBM’s solution allows an institution to protect the entire network infrastructure from constantly evolving network and application layer threats while automating corrective data security actions — a reliable way of simplifying the sometimes-arduous and complex task of protecting vast amounts of student and employee data. IBM’s Security Host Protection can not only bolster data security, but also reduce the ever-rising costs of safeguarding on-campus information.

Qualys: Working with higher education institutions like New York University Medical Center, Texas Tech University, and the University of Westminster, Qualys has developed a reputation as a reliable and advanced protector of campus data. At Westminster, for example, the company’s QualysGuard Vulnerability Management (VM) ran daily, weekly, and ad-hoc vulnerability scans for approximately 700 servers and 4,000 workstations. The system protected more than 5,000 IT assets on the campus of more than 20,000 students. The cloud-based security solution was not a disruptive force at Westminster, unlike some data security solutions that can bog down university systems.