Login to your TrustKeeper Portal Account
Thank You. One of our sales specialists will be in touch shortly.
Speak with a Trustwave sales specialist to learn more.
Despite their mission to provide education, colleges and universities are not immune to data breaches. In fact, they face unique challenges that make them especially vulnerable to hacker attacks and data exfiltration. But these institutions of higher learning must work diligently to strike a balance between openness and security.
Colleges and universities present fertile ground for cybercriminals. Because they promote the spirit of academic openness and operate in a decentralized manner, IT and security professionals face a daunting task in ensuring that systems stay locked down.
Sensitive information such as credit card and Social Security numbers, in addition to intellectual property created through research – and often done in concert with government agencies – is plentiful within institutions of higher learning. Attackers also are drawn to the network speed of colleges and universities, and use their vulnerable systems as launching pads for attacks against other organizations.
The Privacy Rights Clearinghouse reported a significant rise in educational breaches from 2011 to 2012, from 63 incidents affecting 573,000 records in 2011 to 85 affecting 1.7 million the following year. These institutions face unique challenges compared to corporations, government agencies and other organizations.
Included among them:
By their very nature, colleges and universities encourage the freedom of academic expression. Strict policies regarding use of the network would stymie that culture and result in student and faculty backlash.
Each fall, students return to campus and reconnect to the network. That means that there perpetually are first-time devices connecting to the network, in addition to devices that previously have connected, but may have contracted malware since they last were online.
Buy-in from the board for security projects traditionally is difficult at colleges and universities due to a lack of engagement and understanding of the problem. In many cases, security projects don’t get funded until there is a major incident.
Colleges and universities typically operate as a decentralized model, with individual academic units acting autonomously from one another from an IT perspective. Faculty is reluctant to submit to security policies and often leave web servers vulnerable by failing to patch and properly configure them.
Trustwave is well positioned to help colleges and universities handle continually emerging threats like mobile and to move from a network-focused security strategy to one that is more data centric. Here are some of the ways we can help:
Helps you find, identify and prioritize threats to your organization so you can correct any deficiencies, and obtain and maintain compliance.
Allows you to discover and classify electronic sensitive information and prevent it from leaving the network.
Enables safe and productive access to Web 2.0, while ensuring compliance, minimizing data loss and eliminating malware risks.
Ensures managed and unmanaged devices connecting to the network comply with policies and do not introduce malware.
Restricts access to inappropriate and potentially dangerous websites and applications, enabling organizations to enforce acceptable-use policies to ensure a safe and productive environment.
Helps you gain broad visibility of threats to your network and improve your compliance process through logging, monitoring, and analysis of events.
Integrates advanced email security, inbound/outbound content analysis, compliance, encryption, data leakage prevention and powerful policy configuration into a single solution.
Protects against external attackers using web vulnerabilities, such as SQL injection, to steal sensitive information.
Instructs your employees and contractors to understand the threat of social engineering and follow best practices for security, including password management and the safe use of web and social media tools.
Controls access to applications that contain sensitive or private student information, or intellectual property that exists on individual department networks.
Encrypts sensitive data that you collect through your website and assures visitors, including students, faculty, alumni and benefactors, that they are accessing a trustworthy site.
Many colleges and universities are overrun by data, some of which is sensitive, and they are unsure exactly where all of it is contained. We help you discover and classify those data sets that present the highest risk and then offer technology to safeguard and prevent them from leaving from the network in the wrong hands.
Among the largest threats facing colleges and universities is the fast-growing trend of bring-your-own-device. Students are connecting new devices to the network at startling rates. We provide you with the ability to identify, vet and manage these devices to ensure productivity and mitigate threats.
Pressures such as FERPA and PCI DSS, and standards like ISO 27002, require organizations to have a thorough understanding of their risks and then be able to implement policies and technology to rectify any deficiencies. Trustwave solutions are created with compliance in mind, and directly can map back to all of your requirements, no matter how prescriptive they are.
Through our cloud-based TrustKeeper platform, you get a single view into your technologies and services, so you can more effectively manage your security program. In addition, you can centrally automate and manage controls, policies and procedures across multiple compliance frameworks. Whether your business is large or small or something in between, TrustKeeper is built to scale with you.
2016 Trustwave Global Security Report
Trustwave Higher Education and PCI Compliance Industry Brief
PCI Compliance Program for Higher Education