Education IT systems seem to have a large target on their back these days. According to an October, 2010 McAfee study, universities and colleges rank number 1 in the ‘Top 10 Riskiest Places to Give Your Social Security Number’. Cyber crooks are attracted to the vast pools of personal data available on university and educational IT systems. And unlike typical commercial organizations, universities and schools can’t simply lock the doors in the evening and feel assured that their network is somewhat secure. Open buildings and computer lab environments complicate the physical security policies for these institutions. As a result, “State schools and universities are among the most likely government agencies to suffer data breaches.”
Breaches seem to be a continuous part of the news headlines these days, but one article in particular caught my eye in the last few weeks. In mid-January, a California city college notified more than 13,000 students and employees about a specific breach that was discovered in late November. The breach was identified when the IT department found gaps in the data logs of a server that was located in a campus computer lab. After investigating these gaps, they found a virus that had existed on the college’s system since 1999…more than a decade. And during the investigation, they found transmissions that had been sent to Russia, China and several other countries; however the college hasn’t confirmed what type of data was sent in these transmissions.
As our schools add new devices to the network, making it more complex, it is harder to manage and control. How can education institutions that are struggling to control costs mitigate these risks within their expanding networks while protecting their student and employee’s data? Abnormal behavior often provides the best insight to network administrators needing prevent breaches and system failures. Cost-effective solutions exist that can help institutions watch their network for unusual behavior that may include:
- Unconventional network traffic patterns
- Unauthorized access attempts
- Resource utilization spikes
- Unauthorized configuration changes
To learn more about these IT Management best practices for Education, please listen to our latest webcast that provides insight into mitigating data breach risks or download our best-practice white paper.