• Education data security 'needs layered approach'

    Education data security 'needs layered approach' Education data security 'needs layered approach' Education data security 'needs layered approach'

    Schools and universities must not rely on one method to protect sensitive data, according to an industry expert.

    Schools and universities must not rely on one method to protect sensitive data, according to an industry expert.

    Schools and universities must not rely on one method to protect sensitive data, according to an industry expert.

    • There is no single technology that is capable of protecting educational institutions from data breaches, according to new research.

      The 2016 Internet Security Threat Report from Symantec reveals that in 2016 so far, there have been 20 serious breaches in the sector that exposed the identities of approximately five million people.

      According to the research, these incidents are likely to become more common as colleges and universities are beginning to collect more and more data.

      Shawn Ryan, director of marketing and client relations for Camouflage, believes that there is no silver bullet to fix this problem, but instead a layered approach to data security must be taken.

      In a recent interview with MeriTalk, he said that it is only a matter of time before a high profile breach will happen to a college or university. When it happens, the most important issue will be the level of exposure that happens after the breach.

      A layered approach, which involves firewalls, data encryption and masking, is the best kind of protection for the global higher education sector.

      Universities and colleges are facing many threats every day, as a hacker can access valuable information that will fetch a high price among interested parties. Mr Ryan said it is important to focus on both external and internal threats, whether they are accidental or malicious.

      He suggested that there is a level of overconfidence in the sector when it comes to understanding how to protect the data they store.

      “Schools believe they know what sensitive data they have, but what we consistently tell clients is that there is a difference between a manual search for data and a belief that you know what sensitive data you have and a purpose-built solution that looks for all sensitive data available,” Mr Ryan explained.

      He added that his firm often finds sensitive - and potentially valuable - data that higher education organisations believe is protected or has been securely disposed of. The director believes that universities and colleges need to do more to understand the regulations and their own obligations.