Securing Remote Access in Higher Education
KENNESAW, Ga. | Nov 25, 2020
Late in the afternoon on Friday, October 9th, the Georgia Department of Human Services (DHS) announced a data breach of personally identifiable information (PII) and protected health information (PHI). .
about this breach. Dr. Green also blogged about the breach previously.
Firms everywhere have struggled with enabling the work from home (WFH) workforce because of the COVID-19 pandemic, and institutions of higher education like 榴莲黄视频 (KSU) are no exception. Students, faculty, staff, and administrators need access to sensitive information like grades, student records, research data, financial data, and employee records to get their jobs done. While many universities have processes to enable these various constituencies to access sensitive data securely, they typically design them to address an 鈥渙n-prem鈥 scenario where these groups are on campus. Allowing secure remote access to data is a solution that many universities simply have not addressed in their security operations.
So, how can institutions of higher education work to securely enable WFH for these different constituencies? Dr. Green offers a few suggestions for consideration:
- Develop and implement written policies regarding the sharing of legally protected or sensitive data and train employees on them. University administrators should collaborate with legal counsel and risk management to tailor policies that address the different responsibilities each of these groups face 鈥 faculty have different needs than staff and students.
- Implement a virtual private network (VPN) solution that allows students, faculty, staff, and administrators to connect to the campus network securely.
- Implement a multi-factor authentication solution (like DUO, for example) for all university-based services. KSU has implemented DUO as their solution of choice.
- Implement a secure remote meeting and communication solution for use in classes and daily communications. KSU has implemented Zoom and Microsoft Teams campus-wide to address this concern.
- Implement a data loss prevention (DLP) strategy to lessen the possibility of legally protected or sensitive data leaving the university.
Related Posts
Bringing Career Conversations Into the (Virtual) Classroom: Requiring One-On-One Office Hours in an Online Marketing Capstone for Student Success
How does Services Development Affect Manufacturing Export Competitiveness?
The Problem of Teaching Performance Evaluation and a Proposed Solution
Disruption at Regional Universities: Challenges and Opportunities.