Anticipating the Attack

Cybersecurity in higher education.

GUEST COLUMN | by Linda Ding

CREDIT LaserficheEducational institutions are on high alert. The ransomware attacks on financial institutions, hospitals and government entities that continue to make headlines is spreading to colleges and universities. These organizations are stewards of private data—including medical and financial records, valuable intellectual property and personal information—and cannot easily recover from the shock of sensitive student information being held hostage. Furthermore, institutions of higher education often do not have the advanced and vigilant cybersecurity tools and strategies that are commonplace in other industries.

There is hope for colleges and universities that recognize the immediate threat and develop a cybersecurity strategy.

In a recent Wall Street Journal article, Chris Stangl, a section chief at the FBI’s Cyber Division, described ransomware as “a prevalent increasing threat” and that the problem “is growing.” The pervasive and increasingly sophisticated nature of the attacks mean that it’s only a matter of time before your organization encounters an attack.

Beyond Defensive Measures

Since there is no foolproof way to prevent cyberattacks, the best defense is a good offense. Organizations should have a “defense-in-depth” security program that addresses the entire attack continuum: before, during and after the attack. Features of this type of program include network security, intrusion detection and prevention, malware prevention, patch management, security awareness training and comprehensive backup/recovery programs.

Colleges and universities can take cues from other industries, such as banking and financial services, that have long been targets for cyber criminals. Create awareness of security efforts and get everyone—from administrators to faculty to students—involved by providing educational materials and training to spot phishing scams, malicious URLs, and suspicious downloads and attachments.

Beyond basic measures such as keeping current on all anti-virus software, firewalls and spam filters, and completing regular scans, institutions should examine their information architecture. Storing vital records and critical business information in an enterprise content management (ECM) system—along with a robust backup and recovery strategy—is a crucial part of any cybersecurity strategy.

Strategic Cybersecurity Program Components

Backups are the first defense against an attack. Crypto-ransomware attacks lock down servers’ data through high-level encryption, leaving the victim unable to access the data until a ransom is paid. This freeze in operations could ultimately cost a college or university thousands of dollars, not to mention significantly affect student service—but backup data enables continuity in the event of an attack.

Performing consistent, regular backups of critical data does not need to be a difficult task. Once critical data is in an ECM system that an organization can centrally manage and control, a complementary backup strategy enables that organization to recover data offline if needed. Institutions should provide the training necessary for employees to understand what comprises vital records and ensure that they are storing vital records in the ECM system. Some ECM systems even enable users to create a test environment in which to perform recovery simulations. These tests should be performed on a regular basis as part of a comprehensive backup/recovery plan.

ECM can further mitigate the effects of an attack by enabling users to organize data to support access control. Administrators can allow users or groups of users access to only the information that is necessary for their roles. For increased protection, some ECM systems enable administrators to control user access to folders without having to access the data contained in those folders. When effectively used, this can limit the severity of a breach.

The Time is Now

Colleges and universities are prime targets for cyber criminals for myriad reasons: Cybersecurity is often a vulnerable area due to budget and staff limitations; the numbers of schools, departments, staff, faculty members and students make it a challenge to centralize and govern information; and the proliferation of different devices—including personal mobile phones and tablets—increase the vulnerability of data.

High-profile breaches at colleges and universities last year, including Harvard and Pennsylvania State, are indications that there are more attacks targeting higher education institutions on the way. Many institutions’ data have likely already been compromised but the attacks have gone undetected.

There is hope for colleges and universities that recognize the immediate threat and develop a cybersecurity strategy. Attacks are becoming increasingly sophisticated and the risk of a breach outweighs the investment of a defense-in-depth security program.

Linda Ding is the Senior Education Program Strategist for Laserfiche. She speaks frequently on issues surrounding deployment of institution-wide IT initiatives, information governance and integration strategies. She was an executive panelist at the Wilbur K. Woo Greater China Business Conference at UCLA and has presented at the National Association of College and University Business Officers (NACUBO) Annual Meeting, EDUCAUSE, the Harvard IT Summit and the Laserfiche Institute Conference in Los Angeles. She holds B.A. degrees in Economics and Cognitive Science from UC Berkeley and an M.A. degree in Program Evaluation from Claremont Graduate University.

This entry was posted in guest column and tagged , , , , , . Bookmark the permalink.

One Response to Anticipating the Attack

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s