Lessons In Campus Cybersecurity

What universities are doing -- and should be doing -- in response to increased cyberthreats, and how students can protect their suddenly very valuable IDs

Kelly Jackson Higgins

Editor-in-Chief, Dark Reading

August 28, 2012

4. Segment campus systems.
Universities are divided into the business side, the academic side, and, in some cases, the research side, so those networks and systems should be compartmentalized as such.

"One thing we're going to look at is more, proper segmentation across all of our campuses," Nebraska's Mauk says. That would mean keeping the business systems separate from the academic systems and student life, for example, he says.

"Proper security between those segments [poses] larger challenges," he says. "Universities were not built that way 10 to 15 years ago."

5 Tips For College Kids To Avoid ID Theft

1. Set unique passwords for each account -- and don't give it to your boyfriend or girlfriend.
That means not reusing the same password for multiple accounts. All it takes is one of those accounts to be compromised, and the attacker can reach the others as well. Create a minimum eight-character password with a mix of symbols, upper- and lowercase letters -- and no dictionary words within it.

"Pick a secure password, and don't tell it to anyone else," says Paul Kenyon, co-founder and COO of Avecto, a Windows privilege management provider.

Aaron Massey, a postdoctoral fellow in the School Of Interactive Computing at Georgia Tech, says that's his No. 1 tip. "Passwords are the No. 1 thing to talk to students coming in. They haven't established a strong routine for" creating strong and unique passwords, he says.

2: Run antivirus software, and keep it updated.
Antivirus can't catch everything, but it will catch the known and more likely attacks college students will face, experts say.

"AV is seen as a tax you have to pay to use computers, but I think it's a necessary one," Kenyon says. "And keep it up-to-date."

Oh -- and if it doesn't automatically scan on a very regular basis, execute the scan yourself.

3: Don't visit sketchy or unknown websites.
If a website isn't recommended by a trusted source, don't go there -- and definitely don't download anything from there, Avecto's Kenyon says.

"Students have a tendency to go to websites with unlicensed and uncopyrighted music, where they download quite readily," for example, and that is risky, he says.

4. Don't click on links or attachments in emails.
If you get an email that appears to be from your bank, don't click on any links in it or download any attachments. "If you're asked to go to a website, I go there [directly] instead," says Kris Zentek, product manager for Avecto.

5. Keep an eye on your financial statements.
Opt for electronic bank and credit-card statements instead of paper ones, says Steve Coggeshall, chief technology officer at ID Analytics, and watch for any anomalies in those statements. Any piece of paper with financial account numbers, dates of birth, or Social Security numbers should be shredded. "Don't just throw it away in the trash. Take it to places where [you can have it shredded]," Coggeshall says.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.