Colleges and universities face greater challenges in stopping data breaches than other kinds of organizations and are on track to experience the same number of data breaches in 2010 as they did in 2009, according to a company that sells security applications for protecting databases. According to a report from Application Security's research arm, for the first seven months of this year 32 breaches have been reported, compared to a total of 57 in 2009. Three quarters of those breaches involve unauthorized access to databases maintained on institutional servers.
AppSec's Team SHATTER (Security Heuristics of Application Testing Technology for Enterprise Research) said the proliferation of data breaches in higher ed can be attributed to several factors.
Although campus database breaches face the same exploitation techniques as companies, such as SQL injections on public-facing Web sites and unencrypted data on lost laptops, there are several risks unique to higher ed. (View this list and the complete article of this report at http://bit.ly/bQmqlY.
Also, because of the number of students, staff, faculty, and parents in campus business, institutions maintain numerous databases with names, addresses, financial information, credit card numbers, Social Security numbers, and healthcare records.
On top of that, reported AppSec, students and faculty members "frequently log in and out of personal and public computers, accounts are left open, computers are left logged on, and data can be easily lost amid the day-to-day shuffle."
Read the complete report at http://info.appsecinc.com/Higher-Ed-Research-Paper.html
No comments:
Post a Comment