A new study, released by cyber security firm HALOCK Security Labs, has some interesting, but not surprising, stats behind data security at Colleges and Universities.
HALOCK found that over 50% of the colleges and universities investigated allow for the transmission of sensitive information over unencrypted (and therefore unprotected) email as an option without directly promoting it and 25% of the institutions investigated advised applicants to send personal information, including W2s, via unencrypted email to admissions and financial aid offices.
What is also interesting is the reason why colleges and universities have so much data risk.
HALOCK suggests multiple compounding issues may be overwhelming to these institutions:
- Typical university cultures promote open access to information
- Transient and inexperienced student workers
- Limited security and compliance budgets
- Complicated and bureaucratic procurement processes
- Student hackers with lots of time to target the very university that is educating them
- Immature risk management
- Information technology changes are limited to seasonal university breaks
- Difficulty in educating the Board of Trustees on security risks
You can read the full article here: HALOCK Investigation finds that 25% of sampled colleges and universities are putting student and parent private financial data at risk