New partnership targets cybersecurity threats

Five universities are banding together to launch a highly-specialized cybersecurity center to help combat cybersecurity threats.

Indiana University, Northwestern University, Purdue University, Rutgers University and the University of Nebraska-Lincoln will launch OmniSOC, a sector-based cybersecurity operations center, or SOC, which provides trusted, rapid, actionable cybersecurity intelligence to its members.

OmniSOC is a pioneering initiative of these Big Ten Academic Alliance universities. The aim is to help higher education institutions reduce the time from first awareness of a cybersecurity threat to mitigation for members.…Read More

Don’t be complacent about data security

Have you ever been awoken by a loud noise in the middle of the night? Your body shifts from resting to alert in an instant. What just happened? Am I safe? Is the house secure? Did I lock the doors? At some point, you either get out of bed to investigate, or assure yourself it was nothing, and you go back to sleep.

We go through a similar shift from sleepy ignorance to total awareness each time a company reports a data breach that has put our personal information at risk. Except in these incidents, we have far less control over what happens next—and far less visibility into both the causes of the breach and the subsequent fixes and safeguards that the company implements to prevent such an event from happening again.

Data security is a major concern for education, even though, much like consumers, we may take it for granted unless there is a problem. But the stakes grow higher every year. As education continues to adopt new technologies to support teaching and learning, more personal data on students and their learning activities is stored online.…Read More

Why this IT method could beat cybersecurity’s #1 challenge

You’ve seen the TV show before. A shadowy miscreant in a black hoodie is furiously typing away at a keyboard, illuminated only by the glow of the monitor. Suddenly, a dialog box pops up: “ACCESS GRANTED.” The attacker has successfully hacked the mainframe. Unfortunately, Hollywood’s portrayal of “hacking” doesn’t quite match up with the challenges of cybersecurity these days.

When you study the attacks of recent years, a familiar pattern starts to emerge. First, the attacker sends out a phishing email. Far from the easily detected Nigerian prince-style emails of the early 2000s, these emails are very deceptive, realistic looking, and convincing. There is usually a panic-inducing call to action, warning the recipient that if they don’t click the link or open the attachment, their account will be lost forever. Victims that fall for the scam are then tricked into providing the attacker with their user account and password. Since so many of us reuse the same password in multiple locations, the attacker can now use your credentials to log on to any service you use.

The crown jewel for the bad guys is your email address. Since your email is used for correspondence to confirm accounts, purchases, and/or changes, if they can take control of your email address, so many other attacks then become possible. In the case of compromising a business, university, or hospital, the attacker uses the stolen credentials to pivot around the network, looking for an opportunity to elevate their privilege to a higher level so that they can compromise critical infrastructure.…Read More

In the event of an emergency, could you reach your traveling students, staff, and faculty?

Imagine a scenario where a group of faculty and students are traveling. Pretty typical, right? Now imagine that destination unexpectedly becomes the epicenter of a 6.4 magnitude earthquake. Immediately, the you ask yourself: Do we have anyone there? Who are they? Are they ok? How can we quickly confirm the faculty and students’ safety? How can we provide support for those who need it? What will we tell their frantic families?

This is every administrator’s worst nightmare. On any given day, you likely have faculty that are halfway around the world facilitating research; student athletes traveling to sporting events in another state; or even a choir traveling across town for a concert. Regardless of the distance traveled, as an administrator you have a legal and moral responsibility to ensure their safety and security always–whether there is an incident or not.

Incidents can scale from something as simple as someone getting sick or having an allergic reaction to unexpected political unrest. Regardless, you need to be asking yourself, am I ready? Do I know where all the traveling students, faculty, and staff are right now? Do I have the systems in place to quickly communicate with my students and staff? Do they know who to reach out to for help?…Read More

3 cybersecurity best practices for global research institutions

Today, innovation knows no borders. Labs and postdocs at universities worldwide are conducting more research from the field and more cross-institutional research than ever before. But transmitting this data from the field and across global networks means that cybersecurity is paramount. What are the cybersecurity concerns and best practices that global research universities should be aware of to protect data in the field and in global collaborations?

The Education Network Landscape

Thanks to technological advances and a growing number of connected devices, the proliferation of global network connectivity has had a positive impact on today’s higher education institutions. A new generation of students arrives on campus expecting constant, fast connectivity for their many devices.…Read More

College placement and prep exams to get more secure online proctoring

McGraw-Hill Education, a learning science company, and ProctorU, an online proctoring company, today announced the launch of a new partnership that will enable higher education institutions to deliver digital ALEKS Placement, Preparation and Learning (ALEKS PPL) exams with ProctorU’s secure remote proctoring system. Through the partnership, customers will be able to access both ALEKS PPL and ProctorU services through a discounted bundle package.

ALEKS PPL is an adaptive placement solution that has helped colleges to assess and prepare incoming students in math and helps them lower failure rates and increase retention.

Built based on learning science theory, ALEKS PPL assesses what students already know and what they are ready to learn next, and, based on their performance on the assessment, provides students with the opportunity to improve their placement scores through an individualized, adaptive learning path in the ALEKS Prep and Learning Module. For more information about ALEKS PPL, visit…Read More

4 ways to eliminate university cybercrime without closing the network

Everybody is talking about the need to train more cybersecurity specialists and invest heavily in research and development related to cryptography, machine learning and AI–all necessary ingredients in cutting edge cybersecurity systems. Academia is destined to play a crucial role in this effort, both in training the next generation of scientists and cybersecurity professionals, and in developing new technologies to fight cyber crime.

Israel’s Ben-Gurion University and Germany’s Fraunhofer Institute, for example, are renowned both for  their theoretical research and for spinning off (or incubating) cybersecurity startups to commercialize such technologies.

But a lesser known fact is that academia is also a very lucrative target for cyber criminals, nation-state hackers and cyberpunks. More than 1,150 intrusions into UK university networks were recorded in 2016-17, and universities all around the world are experiencing similar attacks. But why are academic institutions being targeted, and by whom?…Read More

6 musts when selecting an A+ identity and access management solution

Summer is over, and most colleges and universities are back in session. As with every year, the biggest challenge for IT departments presents itself during the lead-up to the first day of class and the first couple of weeks that follow. Unlike other industries, the education sector has specific identity and access management (IAM) needs. Provisioning accounts for new students and teachers, de-provisioning accounts of students and staff who have left, providing users secure access to the right resources, frequently changing users’ roles, and tracking changes to meet regulatory requirements are just the start.

With IT becoming an important part of the classroom, choosing an IAM solution that can meet all these demands is crucial for the day-to-day function of colleges and universities. Here are some pointers to keep in mind while shopping for an IAM solution that’s a fit for the education industry.

1. Dynamically Provision Accounts for Students …Read More

Massive university reveals 3 steps to Clery Act compliance

Initially established to bring increased transparency to campus crime reporting following the death of Jeanne Clery, a nineteen-year-old woman killed while on a college campus, the Clery Act has expanded significantly since its inception in 1990.

The Clery Act provides many prescriptive requirements related to the collection and publishing of crime statistics, safety and security policies, and necessities related to emergency preparedness. In 2008, the Higher Education Opportunity Act widened the scope of the Clery Act to include emergency response and notification provisions. Among the elements included in the expansion, issuing emergency alerts to the campus community continues to receive significant attention from institutions across the US. While the Clery Act doesn’t require an institution to use a particular mode of communication for emergency alerting, it does encourage the use of overlapping means of notification.

Similar to other large higher education institutions, the University of Miami has multiple campuses spread across different law enforcement jurisdictions. However, the University uses a single platform, Rave Alert, a mass notification technology from Rave Mobile Safety, to issue emergency alerts with critical life-safety information through multiple methods of communication to the entire University community.…Read More

Is blockchain the answer to higher ed’s cybersecurity problems?

It’s National Cybersecurity Awareness Month, a time when federal agencies, corporations and nonprofits join together in one universal cause: to make the internet safer and more secure.

These parties may support different industries and interests in their daily lives, but creating a safe online space positively affects each and every American. In the past year alone, we’ve seen massive breaches from Equifax (impacting 143 million Americans), voter-data exposure (impacting 198 million Americans over the last decade), and now an attack on Deloitte, whose  “customers include 80 percent of the Fortune 500.”

Unfortunately, there are many more unnamed here, and countless more to follow. Cybercriminals don’t discriminate either: they can affect individuals, businesses, or larger economies as a whole.…Read More