Search:   This Site | People | Departments | Penn State

Blog Archive

Data Security Is More Important Than You Think

Graham Spanier
November 10, 2008

Keeping our IT infrastructure safe.

During the time it takes me to write this post, there will be roughly half a million attempts to break into my computer and others at Penn State.  In any given month, as many as 350 million probes reach Penn State alone. Multiply that by every other college and university and the number (and security risk) will be ginormous, as my daughter used to say.

When it comes to security, technology can be an asset and a liability. It is a tool and a target. And although technology can help us safeguard information, it can also expose our sensitive information.

Consider this: one http://www.checkpoint.com/press/pointsec/2006/11-28.html found that in a six-month period, nearly 12,000 electronic devices �" mobile phones, laptops, and PDAs �" were left in taxi cabs in the San Francisco, Oakland, Washington, D.C., and Baltimore areas. These devices collectively had the capacity to stores millions of documents, pictures, emails, and contacts.

It’s little wonder Educause ranked data security as the top technology issue for colleges and universities. A survey of 151 higher education’s IT directors found that for the second straight year, 58 percent of survey respondents have experienced a security breach in the last year.  

Keeping faculty, student and staff computers safe is one of the thorniest technology problems.  Even when the University has purchased the computer or electronic device, and even when a University network is used, many users consider their device to be “private” property. The installation of protective software or other firewalls strikes some as an egregious invasion of privacy.

As a faculty member used to the concepts of privacy, academic freedom, and independence, I understand the concern.  As president, I find efforts to rebuff our need to protect our systems frustrating, even baffling.

I suppose there are suspicions that arise from the longstanding distrust of authority. Indeed, there is an unfortunate history of inappropriate U.S. government surveillance of lawful activism over the decades, and much of that attention has been focused on college and university campuses.

Another factor is that the faculty is fiercely protective of their original research. While they recognize the need for security, many faculty members feel they are in the best position to be responsible for their information.

The Washington Post recently released the results of a http://voices.washingtonpost.com/securityfix/2008/10/october_is_cyber_security_unaw.html that indicated that while more than 80 percent of computer users thought they had firewall software installed, follow-up inspections found that only half of those users actually had the software installed or running on their PCs.

If that’s not enough to keep you up at night, check out this recent Chronicle http://chronicle.com/weekly/v55/i09/09a03502.htm on IT risks.
    
We can expect to see heightened awareness of this issue, and stronger efforts on the part of university leaders to batten down the hatches.
Privacy and Legal Statements | Copyright

Please direct questions about this website via E-mail to Doug Stanfield,
or to telephone number (814) 865-7517

Questions about the content should be directed to the Office of the President
via E-mail to president@psu.edu, or to telephone number (814) 865-2507
The Pennsylvania State University ©2006
Blog Speeches Editorials Testimony State of the University Biography To the Best of My Knowledge Photo Gallery Penn State Website President's Site Home Page