Last week Campus Technology Magazine reported three separate data breaches at major universities. In June Florida International University in Miami notified students and faculty about an insecure database containing social security numbers while the University of Maine is investigating a computer security breach involving two servers containing personal data for about 4500 students. And in July California State University, San Bernardino suffered an issue when a class roster containing names and social security numbers was made public, inadvertently.
Although it is still in question as to whether any of these cases had malicious intent – or long-term ramifications – each breach points to a larger issue plaguing colleges and universities across the country. IT staff at educational institutions are faced with high user turnover, the constant reconfiguration of machines, and clever students with the skills to gain unauthorized access to unsecured IT assets. At the same time, IT personnel must efficiently cope with all of these issues, under tight budgetary constraints, while complying with regulatory mandates like the Family Educational Rights and Privacy Act (FERPA).
So, what can these stretched IT professionals do?
To start, they must take a look at privileged identity. Specifically, those administrative accounts where access is vast and often passed between multiple parties. Although regulations require regular updates, unless there is an automated system in place, for university IT departments handling thousands of students on a daily basis, with little-to-no support, changing privileged passwords regularly is all but impossible and often drops to the bottom of a very long To-Do list.
By automating this process, privileged identity management helps education IT departments cost-effectively minimize the threat of security breaches, reduce IT workload and costs and meet compliance requirements by:
- Quickly securing systems from external threats and internal misuse, preventing unauthorized student access in the network.
- Allowing fast access by authorized IT personnel for routine system maintenance and emergency repairs through delegation rules that keep sensitive data away from students and other users.
- Automatically discovering unknown privileged accounts existing throughout the network to prevent users from exploiting and gaining unauthorized access to computers, network appliances, databases, and other resources.
- Viewing authoritative audit records and reports to know precisely which personnel requested access to what IT resources, at what time, and from what location.
- Ensuring compliance with FERPA and other government regulations.
Now, we’re not saying proper privileged identity management would solve all security issues within colleges and universities, but it is a fail-safe first step in ensuring that breaches, such as those outlined above could have been and should have been prevented – before they happened.