Dennis Egen says even though colleges will defend their networks until the end of time, there will still be loopholes for hackers to crack through.
He says college networks are weakest through individual portals, such as through class material and registration portals.
“You can defend your network as much as you want, but a lot of times, universities will have web applications out there, whether they’re news and events or classroom systems like Blackboard or the registration systems,” says Egen, President & Founder of Engine Room. “If you have these little portals into your networks via these web applications, it’s no good…A hack could try to get into your network through a web database.”
However, Egen says colleges can up their network protection by putting together a good team that knows where and how to harden those weak spots.
He also says colleges should invest time and network education for this team to perform well.
“The technology is only as effective as the people and procedures implementing it,” Egen says. “If you’re a technology leader, start by identifying the people who have a knack and interest in security, get them trained, hire some outside consultants and put together a security team. It doesn’t have to be a large team or an expensive endeavor; identify those people and come up with a roadmap and plan [to deal with] the type of risks you have.”
Egen says another hefty line of network defense can be found in the evaluation of third parties that are involved with important parts of a college’s network, including storage of student information and business transactions.
He says when colleges evaluate the work of third parties, they can ensure that those parties are utilizing best practices to keep the network safe.
“This is a big one, especially with organizations that are on a budget,”Egen says. “Obviously they don’t build things themselves – they use outside vendors for their payment processing, students portals, web applications for their websites. Colleges should evaluate not only what they’re doing internally, but that they have the proper procedures in place. There’s a lot of brain work you can use to evaluate third party vendors and evaluate risk assessment.”
Aside from man power, Egen says there are some “tried and true” technologies and tips colleges can use to guard their networks.