Content originally published on data180.com. Learn more about Interfolio’s acquisition of Data180 here.

blog-securing-higher-ed-data

Databases used at colleges and universities are just as susceptible to attacks, by both outsiders and insiders, as large corporations. In fact, 80 percent of all database breaches originate from insiders. Because of the large number of students and administrators using technology, the typical institution faces significant challenges when it comes to data privacy and security.

Following are some best practices for securing data in your campus systems to reduce the possibility of attacks:

  • Keep your operating system up to date. Do not run older versions of operating systems if the software manufacturer is no longer supporting them. Using older versions could make your data more susceptible to a breach, especially because security patches would no longer be available. In addition, other necessary software applications, such as anti-virus software, may not be compatible with older operating systems.
  • Educate users on security. All users should be trained and made aware of how to avoid phishing attacks, such as creating strong passwords, opening questionable e-mail messages, and clicking suspicious links in e-mail messages and web browsers. Do not wait until a security breach occurs to educate users – by then, it is too late. Your campus IT department should create training materials and have required training programs that are systematic and timely.
  • Use a centralized approach for creating secure data environments. Typically, an institution’s IT department is responsible for managing open data environments, while at the same time keeping private information secure. Many colleges and universities try to decentralize IT policies and procedures, thinking this will make the responsibility of securing data easier to manage. However, decentralizing control can be challenging given that so many different databases are being used on campuses these days. Having a central secure data environment will help prevent data from being stolen and monetized.
  • Restrict access to campus databases. Instituting tight controls over data can help maximize your institution’s data security strategy. Not every user needs access to all data, so restricting which users have access to specific information will greatly reduce the risk of a security breach. Continuously monitoring and keeping systems up-to-date with personnel changes is also vital, as this will alert the IT department to any suspicious activity that may be taking place.
  • Automate system activities. Many security processes can be automated, including report generation and routine tasks that need to be performed on a regular basis. Automation saves IT personnel valuable time to work on other projects, while still maintaining campus databases around the clock.

Content originally published on data180.com. Learn more about Interfolio’s acquisition of Data180 here.