3 Challenges and Solutions in the Higher-Ed Cybersecurity Space
While CISOs of higher education institutions are quite vigilant about cyber threats, the fact remains that these centers of higher learning are becoming more vulnerable to security threats. This is simply because of the kind of data higher education institutes accumulate and disseminate. Higher-Ed IT systems are a treasure trove of high value information ranging from social security numbers and financial data to intellectual property. With several regulations such as GDPR (General Data Protection Regulation) coming into play, data security has become all the more complex and challenging for Higher-Ed CISOs.
Here are some statistics around the changing scene with respect to the Higher-Ed cybersecurity:
- According to a new report from Gemalto, the number of lost, stolen or compromised records was up 164% in the first six months 2017 compared to the last half of 2016. Also, the number of breaches in the education sector more than doubled in the same period, jumping 103 percent. Source: https://campustechnology.com/articles/2017/09/20/education-data-breaches-double-in-first-half-of-2017.aspx
These data breaches generally have a huge financial impact. According to Ponemon’s 2017 cost of data breach study, the average cost of a single compromised record in U.S. higher education is $254. Considering the fact there were 918 breaches involving 1.9 billion records in the first half of 2017, one can imagine the financial implications of data breaches.
What are the top 3 major challenges Higher-Ed CISOs face? What are the possible solutions that they can consider for their institutions so that they create a safe and secure student portal? Let’s find out:
- Proactive and smart threat detection: To secure IT systems and data at universities and colleges, CISOs need to consider all the possible loopholes and back door entries to the system. By leveraging modern AI-based technology such as User and Entity based behavioral analytics, you can deploy a system that continuously learns on its own and evolves to handle the modern-day threat landscape. This proactive approach will help institutions to get a clear picture of what exactly is required to safeguard systems from threats.
- Tackling with shadow IT: In today’s context of IT, shadow IT inevitably creeps in to the system. Users are constantly figuring ways to get things done using tools of their convenience and this brings into the IT network, a plethora of apps outside of those authorized by the institution’s IT teams. While these apps may be convenient for users, there are considerable security concerns associated with them. Firstly, a lot of data flows in and out of these apps and that puts compliance heavily at stake. Secondly, these unauthorized apps and systems may have security loopholes and they act as extremely low-hanging fruits for intruder access. Thirdly, in the long run, use of external apps and devices does not give IT teams the complete visibility and control that they would need over their systems as shadow IT creates data silos and obstructs free flow of information and data within the organization between different systems. In order to regulate the use of applications without inconveniencing users, an efficient Identity management system needs to be put in place and Unifyed Identity helps users have a hassle-free experience by allowing single sign-on access to multiple applications. This makes it easy for users to access all the resources that they need using a single wall of icons without having to sign in to them again and again, across multiple devices. It gives the IT teams complete control, behavioral insights and helps tighten security.
- Tightening endpoint security: To safeguard critical data while causing minimum inconvenience to students, faculty and staff, CIOs need solutions that fortify IT security. Unifyed Identity has adaptive multifactor authentication capabilities that help higher-ed institutions tighten endpoint security. This prevents intruder access by adding an additional layer of authentication apart from merely a user name and password. Unifyed Identity also has capabilities that will ensure that institutions can enforce strict password policies for users thereby making them more security compliant. This combination of AI-based multifactor authentication and password management helps colleges and universities add additional layers of protection against phishing attacks, account takeover attacks and zero-day intrusions.
Higher-ed systems today are more prone to cyberattacks than ever before. However, CISOs can ensure the safety of their institutions’ critical data by being proactive and keeping up-to-date with the latest technology.
Balaji Thiruvengadam is the Chief Technology Officer at Unifyed where he currently oversees and manages Unifyed’s product roadmap. As a strategic thinker and domain expert, Balaji Thiruvengadam leverages his expertise in product architecture and business operations to drive business growth.