My TechDecisions

Network Security

6 Layers of Cybersecurity Your College Should Consider Protecting

EDUCAUSE seminar educates colleges on the digital layers they need to keep safe.

Leave a Comment

Previous Slide Next Slide

Real world: Anywhere inside and outside of higher education institutions. This section is where hackers and information thieves worm their way onto a network. However, this is also where groups that assist with information breaches roam and rescue networks that are in trouble.

Network: A college’s infrastructure. This is the section where digital protection kicks in, such as firewalls, antiviruses, encryption processes and more.

Information: One of the most important entities within a college that needs protecting and is most sought after by hackers, thieves, and other bad guys. If a college’s information isn’t securely locked, non-authorized users can access it accidentally, or intentionally. If authorized members have secure credentials, they should be the only people with access to a college’s information.

Personal access: This layer entails the way that people on campus can access and use information. Authorized personnel, such as admissions officers, can have access to students information, and have a designated password to authenticate that access. These people should have heightened information security awareness and familiarization of information security policies.

People: This layer features on-campus personnel or third parties that go through personal access to obtain information. While most authorized personnel take information security seriously, this layer can also feature individuals who pose as administrators and other authorized personnel to access sensitive information on the college’s network. This can pose a threat to protecting the college’s information.

Social: This is the section that people use to talk about information and information security. People can uses social media outlets like Facebook and Twitter to start conversations about information security and how to share content safely. However, outsiders can try to steal sensitive information through phishing or creating fake social media profiles.

Cybersecurity is complicated.

Often, it leaves college administrators feeling fuzzy and creates blurred lines between IT and IS- that is, information security.

At EDUCAUSE‘s “Steps Needed to Make Your University Cybersecure,” Paul Jeffreys cleared the air regarding the layers of cybersecurity.

He says the top peel of a college’s cybersecurity entails establishing information security management systems (ISMS), which he defines as the “policies, procedures, guidelines, and associated resources…collectively managed by an organization…based upon risk assessment.”

He also says that ISMS should be utilized proportionately to ensure that the college’s assets are protected and available. That way, ISMS can help a college decide where priorities need to be set regarding cybersecurity, and can help identify potential risks.

“Availability [of ISMS] is important in a university,” says Jeffreys, Director of IT Risk Management at the University of Oxford. “If the assets are unavailable, then the university suffers an enormous loss. The integrity [is risked] and the data is not accurate.”

From there, colleges can dig down the other layers of their ISMS. The layers include: the real world, network, information, personal access, people and social.

Jeffreys says that help from the higher-ups within a college or university will help maintain a proportionate level of cybersecurity in each layer.

“The essential bit is governance and leadership,” he says. “It’s the thing that makes it all work. Everything [will] align when you have people in these roles engaged.”

Jeffreys also says that even though handling each layer similarly is difficult, proportionate treatment is necessary to make sure a college’s information security is in the right hands, and safely available for the rest of the campus.

“It’s not just making sure the right person is getting it,” he says. “It’s also about making sure [the information] is available when you need it, and that the integrity is good.”

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

How to Plan for a New Year of Technology Implementations

It’s a new year and means renewed budgets. Start 2020 by getting your ducks in a row with this new, free expert series download from TechDecisions....

Connecting Disparate Audio on Campus to Transform Facilities, Workflows, and the Student Experience

It can be incredibly frustrating when you are in charge of the entire campus’ audio network. A professor in one building is having issues recording...

Building Thriving Workplace Cultures: A Manager’s Guide to Attract and Retain Millennial and Generation Z Talent

Today, managers struggle with retaining millennial and Generation Z workers, who make up the majority of the workforce. With the rise of millennial...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales