In a late 2011 interview with Campus Technology, the CIO at DePauw University, Carol Smith, said IT has “shifted from being the central entity on campus that provides and manages … to [the department] whose most powerful function is to act as a connector and an enabler.”
As students and faculty bring their own personal computers on campus, IT leaders in higher education need to focus on how to provide the necessary infrastructure support and security protections. As Ronald Danielson, vice provost for information services and CIO at Santa Clara University, says: “We’re far beyond the point where use of personally owned devices can be controlled.”
Here are just a few ways IT leaders in higher education can manage the risks associated with diverse consumer PCs:
Segregate Your Networks
With the convergence of multiple devices running multiple operating systems, network vulnerabilities tend to proliferate. One proven technique for enhancing security is the segregation of networks, i.e. creating separate networks for faculty, students and even campus guests. You can put security controls in place for your school staff that you can’t for students.
Anti-Virus and Security Software
Although it may seem elementary, anti-virus and security software can make a dramatic impact on the IT health of your institution. DePauw University offers an anti-virus program to its entire student body, which helps identify and resolve viruses, trojans, spyware, malware and more—before they’re passed on to more students or faculty. And by alerting users of suspicious files while they’re browsing or downloading, these problems often don’t get a chance to infect their machines to begin with. Temple University in Pennsylvania, in fact, requires students using their own computers to run the school-provided anti-virus software.
University of Rhode Island began rolling out a WPA2 secure wireless network for students, staff and faculty in early 2011, according to a Campus Technology article. Users accessing the network remotely go through an extra layer of security precautions. Instead of allowing direct access, users must go through security steps to access the network, and can only access certain areas of the network. The university also maintains an unencrypted network open to guests, with limited bandwidth and access to ports.
Device Retrieval, Remote Lock and Data Wipe
If your school is providing PCs to students and faculty, you need to guard against the unfortunate possibility that these mobile devices might be misplaced, pilfered or otherwise lost, which can mean not only lost productivity. For university staff, a breach could mean the release of confidential student information—and for professors, their exam questions or results might be leaked, causing significant damage to their classes and curricula.
For PCs the school owns, or recommends to students, look for laptops and tablets that offer technology to help you find missing devices through constant GPS monitoring. The best application agents are embedded into the firmware, because they can be restored even if a thief removes them from the operating system.
Furthermore, tablets and laptops with remote-management software built in at the processor level can be rendered inoperable, making them useless to thieves. This technology gives IT administrators a range of options, such as the ability to wipe devices clean of data, block the boot process, send a “reported stolen” message to whoever starts up a lost device and trigger device disable after a specified number of failed start-up attempts.
End User Education
Though having a competent infrastructure in place is critical to keeping your devices secure, it’s also important to educate your end users on safe computing practices. Students and faculty can stumble into viruses or trojans by downloading an infected mobile app, movie or MP3 file, and they can reveal sensitive data—like online banking credentials—to anyone with a keylogger installed on their machines. Create and require campus users to sign an Acceptable Use Policy that, among other things, warns end users against irresponsible downloading and browsing publicly. You should also suggest simple tools, like locks, which can help stem loss and theft.
Are you an IT leader on a college or university campus? Do you have personal experience with managing mobility device risks, or do you know somebody who does? Tell us your story by commenting below.
