It's the time of year when university towns, such as our own, swell with new and returning students. Consider this: the incoming Class of 2022 was in diapers when the Twin Towers came down on 9/11, they were entering kindergarten when Facebook opened to the general public, and they were first-graders when the iPhone debuted. This generation of digital natives is already exerting its influence as universities and professors adopt new channels to communicate with students on their own terms. A few examples include professors posting homework to Slack and taking attendance on Twitter.
As higher education has tried to keep pace, most colleges and universities have gone through the motions of drafting "social media policy" guidelines. These were initially designed to provide guidance for a new medium, and to serve as legal protection for academic institutions. Most of these documents are rarely updated. (For a trip down memory lane, search the name of top-ranking institutions and "social media policy" and get a laugh from how dated they are.) But more to the point, these guidelines do absolutely nothing to address cybersecurity and compliance risks.
As with private enterprise, the integration of social media and digital channels into daily workflows poses different challenges for both communications and IT security teams.
Communications & Marketing teams
University communications teams are now dealing with a volume of content that was never anticipated. What's more, these teams are on the front lines of content and messaging, where there are the greatest risks of misinformation and non-compliant communication. Automation can drive exponential efficiencies with the:
- Real-time detection of content with regulatory implications (HIPAA, FERPA, PII)
- Ability to take down fake accounts misinforming students and parents
- Archiving of content for legal hold and/or compliance review
- Surfacing of unauthorized assets
IT Security Teams
The greatest threats to a university's network lie far outside the perimeter. Today, mitigating digital risk is about protecting official university teams and faculty against social engineering schemes, account takeovers, and spear-phishing attacks. Communication channels like Twitter and Slack or cloud applications like Office 365 afford universities and professors the same efficiencies and productivity as private enterprise, but they come with all the same risks.
Our universities also serve as critical research institutions, and that valued knowledge is now stored on servers rather than library bookshelves. Security teams need solutions that:
- Provide real-time detection of malicious content
- Protect against phishing, malware, and ransomware that could lead to IP/data theft
- Shield the individual accounts of University administrators or prominent faculty who are the most visible and vulnerable targets
If hackers can dupe a Pentagon official with a fake vacation ad, then university officials are just as easy to attack.
So what to do? Academia is right to adapt to students' technological expectations. These risks should not be an impediment. New tools are critical to the success of education programs. Universities can empower their community to succeed, by ensuring security is not an afterthought.
Contact us to learn how you can empower your university community to move forward Without Fear.
July 6, 2020