ITAC: Colleges, Universities Face Special Challenges In IT Security

Distributed systems, student spamming, paper records, keep administrators busy

August 7, 2009

2 Min Read


WASHINGTON, DC, August 6, 2009— Institutions of higher education continue to face special challenges when it comes to protecting sensitive data, according to the Identity Theft Assistance Center.

"Colleges and universities have diverse databases of students, staff and employees, often spread across different systems. Schools are making great progress in preventing breaches and protecting this data, but everyone, including students, must be vigilant about making sure those systems aren't breached," says ITAC President Anne Wallace.

The Open Security Foundation, a volunteer nonprofit that tracks data breaches, reports that more than 11 million records stored at colleges and universities have been compromised. Last April, administrators at the University of California, Berkeley, discovered that hackers had accessed records affecting nearly 160,000 individuals " including those who had their social security number accessed.

Colleges and universities especially are targeted by spammers who take over machines to make money rather than steal data, says Joy Hughes, chief information officer at George Mason University. "When spammers and mischief makers gain access to machines on which sensitive data are stored, serious and expensive problems are created for the university," explains Hughes.

Like George Mason, Elon University invests its resources to make sure its systems are secure. But there are other factors that put schools at risk of a data breach, like old paper records and social engineering attacks, according to Chris Fulkerson, Assistant Vice President for Technology and CIO. "It's hard to program a virus or Trojan to take over a system. It's much easier to use an official looking email to ask a student for their user name and password," he says.

To read a Q&A with Joy Hughes and listen to a podcast with Chris Fulkerson, visit the ITAC blog. In the meantime, here are some actions new and returning college students can take to protect themselves:

  • Remove or encrypt any sensitive personal information on your computer.

    • Take advantage of your college security department programs, like a malware scan or security software patch update.

    • NEVER respond to an email asking for personal information such as account numbers, PINs, user names and passwords.

      About ITAC ITAC, the Identity Theft Assistance Center (, is a nonprofit coalition of financial services companies united in our commitment to protect our customers from identity theft. ITAC's victim assistance service " which has helped more than 55,000 consumers recover from identity theft " is available at no cost to the millions of consumers who have an account at an ITAC member company. A leading provider of identity protection services through its ITAC Sentinel' brand (, ITAC protects all consumers through partnerships with law enforcement, education and identity management services.

      Kate Ennis Principal Ennis Communications [email protected] ph. 301.580.6726 fx. 301.263.9312

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights