Welcome to The CITE -- a blog on Course materials, Innovation, and Technology in Education, created by Mark Nelson and now part of the Publications Department of the National Association of College Stores. CITE is a pun with multiple meanings - referring to cite as in citation, something people reference; site as in location, website, or place people go to; and sight as in foresight or looking ahead to what is coming. Comments, discussion, feedback and ideas are welcome.

Wednesday, August 14, 2013

Higher Ed Should Beware of Hackers

Colleges and universities across the country may be making it much easier for hackers to steal sensitive information from students and their parents, according to research done by Halock Security Labs.

A survey of 162 institutions found that more than half of colleges and universities transmit sensitive information over unencrypted channels, including financial statements. In addition, one fourth of the schools said they ask that personal information be sent by e-mail.

“When universities utilize unencrypted e-mails as a method for submitting W2s and other sensitive documents, the information and attachments are transmitted as clear text over the Internet,” Terry Kurzynski, partner at Halock Security Labs, told eCampus News. “This format is susceptible to hackers and criminals who can use this private information for identity theft.”

The report said the open culture of higher education and budget issues facing colleges leave IT departments without the funds to protect student information. It said campus administrations may not completely understand the dangers of sending the information over unencrypted channels, but should since the issue could draw the attention of federal and state government agencies.

“These are foreseeable risks that are extremely treatable,” Kurzynski said. “Breaches resulting from this type of transmission will capture the attention of states’ attorneys general and the Federal Trade Commission.”

No comments: