Security, Service, and Shared Responsibilities

by Mark Bonges, Vice President, Application Development | Oct 05, 2017

 
Security or convenience? It always seems like a tradeoff. Strong passwords and multi-factor authentication help beef up security but they’re a headache for users, who need to keep track of dozens (or even hundreds) of logins. On the flipside, login credentials that are easy to remember are also easily cracked, and that can expose everything from an individual’s sensitive data to an entire network.

No doubt your institution’s IT department faces this dilemma every time they upgrade campus WiFi. A robust wireless infrastructure is a necessary part of the service you offer students. Multiple hotspots, which used to be a luxury, are now an industry standard. Students are bringing more connectable devices to campus than ever before. How can your institution meet these ever-increasing demands and still provide increasingly higher levels of security?

The answer, unfortunately, is that there is no easy answer (or one-size-fits-all solution). But this should help put things into perspective: While excellent service may be your IT department’s responsibility, network security is a shared responsibility, and that also happens to be the theme of this year’s National Cyber Security Awareness Month

Every year in October, the U.S. Department of Homeland Security and National Cyber Security Alliance (NCSAM) team up to raise awareness about online safety. This year the focus is on end users, and as the semester rolls on, it’s a good opportunity to remind students and staff about securing passwords and recognizing common threats, and to reiterate your institution’s policies on what to do when a device gets breached.

Here’s a quick preview of the topics they’re covering each week (which you can read about in detail here):

  • STOP. THINK. CONNECT: Simple Steps to Online Safety (October 2-6). This first week is dedicated to good online habits, current threats, and what to do if you’re the victim of a cybercrime.

     

  • Cybersecurity in the Workplace is Everyone’s Business (October 9-13). Week 2 centers around institutional responsibilities for educating employees, customers, and students. It also highlights resources to help you reinforce your institution’s policies and infrastructure.

     

  • Today’s Predictions for Tomorrow’s Internet (October 16-20). During Week 3, NCSAM will look at the implications of an increasingly connected future. The Internet of Things is here to stay -- what’s the best way to keep your devices and data safe?

     

  • The Internet Wants You: Consider a Career in Cybersecurity (October 23-27). This fourth week may be of special interest to your STEM majors and technology staff. NCSAM highlights this growing career as well as ongoing education for those already in the workforce.

     

  • Protecting Critical Infrastructure from Cyber Threats (October 30-31). Week 5 offers a preview of the latest developments in a smart and secure public infrastructure.

To circle back to the question that opened this post, security and convenience don’t have to be mutually exclusive. In some situations, you can teach users how to enable fingerprint security features on their phone and computer, or two-step authentication via text message. That’s one way to bring good service into your security plan. Another is to regularly communicate with everyone at your institution about the latest phishing scam or teach them how to troubleshoot when problems arise. Ultimately, end users are your first line of defense, and empowering them can only help reinforce your campus network and overall cyber security.