Security breaches grab headlines and fill TV airtime, especially when they affect big-name retail, healthcare and financial brands. Higher education institutions certainly aren’t the exception to the rule; but thankfully, there are steps and best practices that IT staff at higher education institutions can take to mitigate security risks while allowing students and faculty to thrive and be productive.
Large quantities of student and faculty information, complicated information systems, and distributed environments spread across departments make higher education institutions just as much at risk for security breaches as large corporations.
According to a 2015 study by the Ponemon Institute, the average total cost of a data breach is $3.79 million; for education institutions the average cost per lost or stolen record can be upwards of $300. With this staggering figure, even a small breach is a worst-case scenario for university presidents and department IT staff. Several higher education institution breaches have recently taken place, including Washington State University, Southern New Hampshire University, Southern New Hampshire University and Arkansas State University.
The possibility of hacks such as these can be intimidating, but higher education institutions shouldn’t despair. By understanding the most common types of data breaches and the kinds of institutions that are most vulnerable to each, IT staff at higher education institutions can strike the right balance between user autonomy and smart IT controls, and protect students and faculty.
The first step implementing a successful IT security management strategy is recognizing that breaches come in all shapes and sizes, but can largely be categorized into three types: 1) malicious or criminal attacks, 2) system glitches and 3) human error.