EDUCAUSE | Documents Contributed by ECAR and Security Awareness

The Virginia Alliance for Secure Computing and Networking (VA SCAN): A Statewide Collaborative IT Security Resource

drupal — Tue, 17 Oct 2006 16:27:14 -0500

This case study examines ways in which the Virginia Alliance for Secure Computing and Networking (VA SCAN) provides a blueprint for higher education institutions interested in collaboratively providing openly accessible IT security resources. VA SCAN is a partnership among five Virginia state higher education institutions and three IT security research programs that provide a repository of IT security tools, training, and consultative services to Virginia higher education institutions. All of the resources are available for free or on a cost-recovery basis. The case study was undertaken as part of ECAR's 2006 study of information technology security practices in higher education, which included a literature review, quantitative and qualitative date from 492 higher education institutions in the U.S. and Canada, input from IT security leaders and specialists, and three case studies.

Campus IT Security: Governance, Strategy, Policy, and Enforcement

drupal — Tue, 15 Aug 2006 09:26:13 -0500

Successful implementation of an effective information, data, and system "security blanket" for higher education institutions requires recognition of and action upon the cultural, political, and regulatory fronts. Data stewards; policy makers; central and departmental IT staff; and students, faculties, and staff members all have a role to play. This bulletin is based on the research of current IT security literature and on interviews with representatives from multiple campuses. It offers a broad survey of the current nontechnical issues facing higher education as it attempts to secure information assets and systems.

Higher Education in the Age of Paradox: Fostering a Culture of Evidence

drupal — Thu, 25 May 2006 13:41:04 -0500

Presentation at the May 2006 ECAR Academy in Dedham, Massachusetts. "NERCOMP Presents: ECAR Academy" was developed jointly by NERCOMP and ECAR to develop the next generation of current and emerging leaders and further the IT profession by promoting and fostering a culture of evidence. Participants examined the most pressing issues facing higher education/IT today from a data-driven point of view; participated in a rigorous and highly interactive curriculum led by ECAR investigators (fellows); learned how to interpret and use information strategically to inform leadership decisions and processes; and joined an ongoing, supportive peer network.

Surveying the Steps to a Secure Emory University

drupal — Thu, 09 Mar 2006 09:39:15 -0600

This research bulletin summarizes how Emory University used the results of a security survey of higher education institutions to make important, peer-informed decisions on how to secure and protect its computing environment. It includes an analysis of the statistical information they gathered and details about the security initiatives they implemented after compiling and reviewing survey results.

High Stakes: Strategies for Optimal IT Security Staffing

drupal — Tue, 16 Mar 2004 09:38:13 -0600

At many higher education institutions, casual staffing arrangements are no longer adequate to handle the myriad technical, procedural, and cultural issues surrounding information technology security. For ECAR's 2003 study, "Information Technology Security: Governance, Strategy, and Practice in Higher Education," researchers conducted intensive telephone interviews with more than 30 IT and functional executives, managers, and security officers at more than 20 selected EDUCAUSE institutions. This research bulletin explores, in depth, the issue of IT staffing as reflected by several chief information officers and IT security officers who participated in the ECAR study.