Click here to receive your FREE subscription to Campus Technology
Opinion
Security in 2007: No Surprises Here (Well Maybe a Few)
11/9/2007
Each year O'Keeffe and Company conducts an online and in person IT Security survey of IT directors and managers for CDW-G. This year there were 151 respondents from a variety of higher education settings. The results are an important barometer of the state of IT Security in higher education. The full report is available here. If you haven't downloaded it already, you should do so now: It's important.
Things That Jump Out
As I read the report a couple of things stood out. First, high profile IT security incidents continue to plague higher education. For the second year in a row 58 percent of the respondents reported an IT security incident. And again, sensitive data residing on unprotected or vulnerable computers is ranked as the top security risk. (See my July 13 Campus Security Newsletter column "Who Knows What Evil Lurks in the Cyber Heart?" for comments on this problem.)
The second thing that jumped out at me was that things don't seem to be getting any better, although the good news is that they don't seem to be getting any worse. For the last three years the number of respondents reporting that they feel very safe from malicious attack has hovered around 8 percent, while the number that felt safe has stayed around 37 percent. There were no consistent trends of feeling more or less safe over that period.
Why Aren't Things Getting Better?
When asked what were the barriers to improving IT security, the responses were: too few staff resources, lack of funding, higher education culture, and lack of defined security policy. No surprise here. What I did find a little surprising was the apparent emphasis on technology to overcome these barriers. This may be an artifact of the way question was poised to the respondents. "Which of the following security devices are utilized on your campus?" The choices included such things as network authentication software, card access systems, and IP cameras. The problem is that acquiring these devices, while important, doesn't address resource, cultural, or policy barriers. How are institutions approaching the underlying problems?
To pursue this I had a long conversation with Louisiana State Universities CIO Brian Voss and their Chief Information Security & Policy Officer Brian Nichols. In the wake of Hurricane Katrina, LSU has been in the vanguard of improving IT security and implementing disaster recovery and business continuity strategies. Staff dedicated to IT security, disaster recovery, and business continuity have increased from zero to nine FTE.
Recommended Reading
- Tufts Grants Rights for Mileage-Increasing Transportation Technology to Electric Truck
Tufts University has optioned rights to a technology that can recharge the batteries of any hybrid electric and electric-powered vehicle while it is driven. The Tufts-developed technology could increase by 20 percent to 70 percent the miles per gallon or total driving range performance of vehicles like the Honda Civic, Ford Escape, and Toyota Prius hybrids and the Tesla Motors and Phoenix Motorcars electric vehicles.
- U Florida and Cyntellect Collaborate to Unlock Mysteries of Cancer Stem Cells
The University of Florida has entered into a research agreement with life sciences company Cyntellect. The university's Interdisciplinary Center for Biotechnology Research will work with the company to focus on a variety of research areas including the purification and analysis of cancer stem cells (CSCs), rare cells believed to be directly involved in propagating cancers.
- George Mason U Receives Grant To Deploy Intergraph Apps for Intelligence Curriculum
George Mason University (GMU) in Fairfax, VA has been awarded a grant from Intergraph to enable students enrolled in GMU's Geospatial Intelligence Graduate Certificate program to use the company's geospatial production and exploitation software as part of their core curriculum.
- Institute for Cyber Security at U Texas, San Antonio Opens Incubator
The University of Texas at San Antonio (UTSA) Institute for Cyber Security (ICS) has launched a new Internet security incubator. The incubator was developed to commercialize promising technologies that address major cyber security and privacy issues. The first companies to enter the incubator are Denim Labs and SafeMashups.
- ISO/IEC Publishes Office Open XML Standard
ISO/IEC has published the Office Open XML (OOXML) file format standard, formally known as ISO/IEC 29500:2008. It describes file formats originally designed by Microsoft for its Office 2007 productivity suite, which are used in presentation, spreadsheet and word processing applications.
- Dynamics NAV 2009 ERP Coming Next Month
Microsoft exec Kirill Tatarinov Wednesday described some new features to expect in the forthcoming Microsoft Dynamics NAV 2009 enterprise resource planning solution. He gave the keynote address at Microsoft's Convergence 2008 event in Copenhagen, Denmark.
