Response from Michael Greene, CEO, Enzoic.
Higher education institutions in the US and abroad are increasingly becoming the target of cyberattacks. Reliance on digitized student records has given cybercriminals multiple avenues to access student information.
To accommodate the student, employee, and research needs, most higher education institutions maintain relatively open, accessible networks and systems. This presents a conundrum for schools: how to balance security needs while facilitating academic activities.
The risk to individual students is high: a breached student record delivers a comprehensive view of a student’s life including personal demographic data, academic records, financial information, and in some cases, even confidential medical data. Compounding these risks is the fact student records are retained for years after they leave the institution.
Students are often the source of potential data breaches. They need to be educated on cybersecurity hygiene principles including the risks with using old and outdated software programs and sharing login credentials with friends and other students. Another risk is downloading sensitive data to personal devices that are typically less protected than institution-owned computer systems or connecting personal devices to the school’s network.
Once connected to the school’s network, each of these personal devices pose additional vulnerabilities to the institution’s systems and many authentication solutions can only run on certain devices or devices that have certain technologies (like biometrics). Even if a school has robust security measures in place, the number of access points introduced by individual devices may unintentionally expose sensitive data.