Universities Still Need Better IT Security

This is a guest post by Tammy Harper. If you are interested to guest post in this blog, just head over to the Guest Post Guidelines.


According to eSecurity Planet, fewer universities were hacked last year than in previous, recent years. Although this may seem like good news for schools, hackers still know that higher education severs are easy targets. In fact, 48 universities were hacked last year, and Virginia Commonwealth University reported a significant breach of around 170,000 records in 2011. So, while the number of higher education security breaches was down in 2011, universities were still hacked rather frequently. And reports of security breaches in 2012 indicate that hacking of university servers is definitely not on the decline.

Researchers at Application Security Inc. recently released a press release indicating that universities have already been hit harder by data breaches in the first half of 2012 than they were in 2011. In January of this year, over 300,000 of Arizona State University’s records were breached. Additionally, a student at the University of Nebraska illegally accessed over 600,000 of his school’s confidential records just last month. Data breaches involving over 100,000 records are rare. So, these breaches are definitely something to be concerned about. Recent, less significant breaches of a few thousand records at schools like the University of Maine and Central Connecticut State University also indicate that universities are still at risk of cyber attacks.

The most recent security breach affected the University of North Florida. A few weeks ago, administrators at UNF acknowledged that hackers may have accessed the names and social security numbers of over 20,000 students who lived in the university’s dormitories over the past fourteen years. As a result of the potential security breach, the university is paying for 12-month credit protection program memberships for all the current and former students whose confidential information may have been leaked. This credit protection program will notify participants about any suspicious activity or purchases that could signify identity theft.

Paying for credit protection programs in the wake of security breaches is a common practice in the higher education industry. Universities collectively spend millions of dollars each year to help protect students, faculty, and staff after their confidential information has been leaked. Not enough universities, however, take proactive measures to adequately prevent data breaches in the first place. It’s apparent that the security measures that are already in place at many universities simply don’t suffice. Considering how much confidential information large universities store, investing in additional IT security personnel and programs seems like the most logical course of action.

Most universities include a social security number on almost every electronic file they have regarding a student or employee. So, identity theft is a real and serious risk when university servers are hacked. We can only hope that higher education administrators will take this year’s major security breaches at Arizona State and the University of Nebraska into consideration as they plan their operating budgets for the 2012-2013 school year. Better IT security is possible for all universities, and there doesn’t seem to be any good reason for colleges not to adequately prepare for cyber attacks.


About the AuthorMariana Ashley is a freelance writer and blogger who specializes in all topics educational. She welcomes your feedback at mariana.ashley031[at]gmail[dot]com.


Build Your Own Security
Subscribe to my newsletter and get a copy of my eBook for free.
We hate spam just as much as you

Related posts:

  1. The Minimalist Security Guide
  2. 5 Must Know Things About Server Security
  3. How to Manage Your Company’s Online Reputation in the Wake of a Data Breach

Speak Your Mind


CommentLuv badge

This blog uses premium CommentLuv which allows you to put your keywords with your name if you have had 3 approved comments. Use your real name and then @ your keywords (maximum of 3)