Of other applications from that－yejtommy9的部落格

Colleges throughout the world are in essence a miniature city with all the problems of any major metropolis, this includes high-tech theft and privacy issues. For every problem you've heard about in a major regulated industry, the same concerns happen in higher education. As a student or parents of a student, you may think you've prepared you for this new journey, but safe and practical computing should also be part of every college student's entrance to their university.

How Serious is the Campus Security Threat$%:

Over the past 12 months, numerous Universities across the country have been hit with major security breaches:

Full report

o Ohio University had over 5 separate cases of identity theft within a month solely caused by poor security measures on school databases.

o In mid December 2006 the University of California at Los Angeles reported a hacking incident that left nearly a million members of the UCLA community vulnerable to identity theft. The hacking went on undetected for nearly 13 months.

Along with these two schools, nearly 50 other incidents involving universities have occurred within the past 12 months.

How Vulnerable is Campus Data$%:

The vast majority of universities rely on large, moderately-protected networks to store data on anyone related to the organization: its students, staff, faculty, and even applicants. This data is housed on these servers with limited security capabilities. These vulnerabilities have caused major problems for students and faculty in schools all across the country.

When a prospective student applies to schools they must provide information such as name, high school, SAT scores, parents names. Many applications require in-depth parental information, asking for occupation, income, tax information, social security numbers and degrees earned.

When Universities receive this information it's stored in their database and added to the masses of other applications from that year and previous years. Not only are many of these personal questions unnecessary to deem a student worthy for admittance, but the weak college computer networks lead to easy access to that information. Privacy and ID theft issues arise not only with students enrolled in the University, but also with people who've simply applied to the college.

Student Network Threat

Along with applicant data stored on campus servers, many schools also have multiple networks which allow students to store their own documents and files. Many schools do not invest in strong security for networks because they feel that much of this information is useless to others outside the network. What college IT departments don't realize is that many of these documents are just as valuable to other students within the University.

If a student writes a term paper for their class, there are very few security measures preventing another student from hacking into the network and stealing that paper to sell or turn it in for another class. If students can't feel secure about their work being plagiarized, then the legitimacy of the entire school becomes jeopardized and it becomes a much poorer educational environment.

Online Access to Student Records

The amount of access each student has to their own collegiate records on one simple "protected" website is astounding. Nearly every University has its own student-oriented network, usually called "My-SchoolName" where students can access everything about themselves like:

o Grades

o ID numbers

o Financial Aid

o College credit card information

o Home and School Residence Addresses

Not only are these sites hackable, but with the accelerated pace of the average student's day, it's very likely that he or she will forget to close out of the site on their laptop or forget to log out on a public computer. Much of the information contained on these sites is unnecessary and ends up being a one stop shop for college students and for hackers.

Students can find everything from a complete history of financial aid records to their healthcare information. Colleges need to identify what information is appropriate for students to have 24/7 access to, and which information is best dealt with face-to-face, like Financial Aid.

Grade and Personal Information via Email

Recently, professors and Teacher's Assistants (TAs) have begun emailing grades to eager students who can't wait for their grades to be posted online. In other settings emailing test results is considered a breach of privacy. A number of instructors don't really care what happens to these grades, so they do not take any security precautions, such as encryption, when sending them off.

Major Universities often have many students with similar last names, often in the same classes. This causes many issues because when tired professors send out grades late at night, it is very likely that they will email them to the wrong Smith or Lee. While grades might be minute when compared to SSNs or credit card information, many students prefer to keep such things as their Semester's results their own business.

Managing Student IDs

All around college campuses, student identification numbers have become one of the most convoluted aspects of life around campus. At come campuses, managing your college IDs could be its own course. For example, students at Cornell University have separate ID numbers for course registration, tests and exams, laundry services, food, transportation and other campus activities

Problems surrounding an ID system like this is that if a student forgets a certain number to a campus service, they must go through the basic password retrieval system to get their ID's sent to them. Most schools simply send an email without any other security precautions; aside asking for the email address. Not only could passwords easily be sent to other people, but the unencrypted emails could easy be intercepted along the way. Unsecured email not only leaves your school records in jeopardy, but also opens young adults to years of credit monitoring due to ID theft.

The Future of College Security

As security problems increase on campuses, Universities have made few steps towards finding proper defensive measures to protect students and staff. Unless Universities step up considerably in the short period, security issues on campus will continue to rise at a significant rate.

Major Universities have become prime candidates for hackers over the past few years thanks to their moderately lax on-campus networks and poor security measures taken by students. Aside from tips on how to make a "strong" password and obvious solutions on how to prevent yourself from breaches such as always logging off from secure sites when you step away from your computer, schools are ill-equipped to deal with these breaches.

Unless schools step up to the plate and begin upgrading their security policies, we will continue to hear about more horror stories about affected students, faculty, and alumni from major Universities. Students pay Universities thousands upon thousands of dollars to get a top-notch education. They can at least expect is that their school will treat them with top-notch security as well.