Varsity Blues: 5 Cyber Risks for Higher Education
Besides all the great life experiences and life-long friendships developed, institutes of higher education increasingly offer platforms for learning that involve collaboration and open access to knowledge. Therefore, a university’s greatest strength may also be an Achilles heel when it comes to cyber exposure.
Colleges and universities are increasingly and unknowingly falling victim to security breaches and data exposure. In recent years we’ve seen an increase in high profile data breaches at a variety of institutions like University of Maryland, Indiana University and John Hopkins University. No college is immune to this exposure regardless of size, but there are a few things that colleges and universities can do to have their cake and eat it too.
- Know what you have.
Conduct an audit to discover how much and where sensitive data is stored and secured. It should have an “owner” who’s responsible for protecting its use, storage and disposal.
- Train your user group.
Students, faculty, administrative staff and vendors need to understand and be trained on the universities acceptable-use policy for network access and data storage.
- Create an information security plan.
This document should outline data security measures for the organization and give users insight into their role in data protection.
- Have an incident response plan ready to go prior to any breach event.
This document should outline the steps that must be taken if a data breach is suspected or occurs. Remember, practice makes perfect. You don’t show up for game day with a team that’s never met.
- Make sure you have an effective breach response.
This is critical in reducing the potential harm for those affected by the exposure as well as meeting your compliance responsibility for federal, state and local laws. And while letter notification may meet the requirements, set up a hotline for those who may be affected to speak to someone. This puts a personal touch on your response can help reduce future litigation.
By taking a few precautions and putting essential programs in place to protect your data, you can ensure that when an incident occurs, and it will occur, you’re ready and able to respond appropriately. It’ll also reduce the risk of damage to your reputation, litigation, fines and other financial damage. In the meantime, check out our webinar recording for tips on the coverage needed to protect against claims brought on by data breaches.
ABOUT THE AUTHOR