EDUCAUSE Review Articles and Security Management

EDUCAUSE presents the top-ten IT-related issues in terms of strategic importance to the institution, as revealed by the ninth annual EDUCAUSE Current Issues Survey. This year, Security moves back to the top of the list.

The following is an excerpt from an interview with Bruce Schneier. Matt Pasiewicz, EDUCAUSE content program manager, conducted the interview at the EDUCAUSE 2007 Annual Conference. The full podcast is available at <http://connect.educause.edu/blog/mpasiewicz/e07podcastaninterviewwith/45439>. In the interview, Schneier answers questions about security and privacy issues.

"When is higher education going to get serious about safeguarding the private information of students,
faculty, and staff?"

"Presidents, provosts, and boards need to understand the risks of not having a robust IdM system in place: bad public relations, public terminations, lawsuits, students who leave and do not return, alumni who refuse to continue to donate, and the high costs of being in a reactive mode. "

EDUCAUSE presents the top-ten IT-related issues in terms of strategic importance to the institution, as revealed by the eighth annual EDUCAUSE Current Issues Survey. This year, Funding IT moves back to the top of the list.

The authors discuss the growing importance of the topic of identity management and what issue schools need to take into account to implement an IdM infrastructure.

By adopting a unified approach to information security compliance, higher education institutions not only can effectively satisfy the requirements of the growing number of state and federal laws and industry regulations but also can address identified risks and improve the security of their information assets.

This is the entire issue of EDUCAUSE Review Magazine, Volume 41, Number 5, September/October, 2006.

The authors provide an overview of this privacy and security focused EDUCAUSE Review issue.

To protect information assets and contribute to the security of critical infrastructures, colleges and universities must empower an individual, such as the Chief Security Officer, or a team with the authority, the resources, and the support needed to effectively maintain an information security program.