6 Factors Impacting Information Security and Privacy During the COVID-19 Crisis -- Campus Technology

Viewpoint

6 Factors Impacting Information Security and Privacy During the COVID-19 Crisis

In these uncertain times, it's important to consider the ways crisis response is influencing the security and privacy of institutional systems and data.

By Brian P. Fodrey
05/28/20

To say the COVID-19 pandemic has been a disruption feels like an understatement. The impact we have seen and experienced in our otherwise everyday lives has been far-reaching, overwhelming, inspiring and without question more often than not, challenging. For those in higher education — faculty, staff, students and their surrounding communities — it's hard to envision a time when traditions of the academy will be restored to a point we all fondly remember.

That said, the herculean efforts put forth by all parties across higher education to meet the challenges presented to us as a result of adapting to the COVID-19 pandemic have been nothing short of impressive and revolutionary. In as little as a few weeks, institutions built on the tradition of face-to-face instruction and campus engagement had their entire world upended by nearly instantly moving to remote instruction, remote working and remote student engagement. While the success stories are limitless and those involved truly haven shown their spirit and commitment to education and student success in ways that will never be fully documented, we have learned a lot too.

The importance of information security and privacy has been a hot topic and growth opportunity for many higher education institutions across the country for years. With the introduction of global influences such as GDPR, national and local legislation, and the general geo-political climate, our efforts in this space are simply no longer a want, but a need. This has never been clearer than in the current environment in which we find ourselves: managing an unprecedented crisis during uncertain times. We all now know, simply trying to conduct business as usual until we return to a more normal or familiar time is no longer an advisable path forward.

During this crisis, over a relatively short amount of time we have learned a lot about our institutions' information security posture, as well as those we support and the data we protect. In otherwise chaotic times, it is important to reflect on where we were (pre-crisis), where we are (managing the crisis), and where we need to be (post-crisis) as it relates to all the services and systems we are responsible for — but especially in response to what the last several weeks have presented. While each institution's experience is likely individualized and hardly standard, as you recount your lessons learned and future planning, consider the following factors influencing security and privacy during this crisis.

1) Expediency of the Migration to Remote

The classic project management philosophy dictates that projects can only be two out of three things: cheap, fast or good. In the current situation, fast was the mandate, so we were left with just two options: 1) Some of the efforts that were put forth came at an expense that will now need to be accounted for in already strapped budgetary times (in other words, good but not cheap), or 2) The quality of the solution might reflect its intention as a temporary option or the solution lacks a sustainable business or support plan beyond the immediate (cheap but not good). It is always worth remembering, while information security is a critical piece to maintaining a reliable and productive enterprise operation, it can sometimes be left behind if you don't already have processes and systems in place that build in those principles in all phases and not as a secondary consideration.

2) Enhanced Vendor Accommodations

The solution and service provider response during this time has been unlike anything I've seen before — and without it, institutions would likely be struggling to offer services and support to a user population that no longer resides or has a presence on campus. In a lot of ways, the licensing and access that has been afforded to us (temporarily) by many of our vendors/partners is likely what we always wished we had or could afford all the time! But this also is a cautionary tale for many because with those looser or more generous access options, you may find yourself in a situation where users are accessing and managing university data and information in ways that you no longer have oversight or visibility into.

E-Mail this page

Printable Format

Featured

Rubrik Upgrades Data Protection Platform for Speedier Threat Hunting

Data security specialist Rubrik is upgrading its data protection platform to allow for quicker recoveries in the familiar backup & recovery process.
Educause Horizon Report: Sustainability Pressures Lead to Increased Cybersecurity Risks

Educause recently released the 2024 Cybersecurity and Privacy Edition of its Horizon Report series, forecasting key trends, technologies, and practices shaping the future of cybersecurity and privacy in higher education.
Study: 1 in 10 AI Prompts Could Expose Sensitive Data

Nearly one in 10 prompts used by business users when interacting with generative artificial intelligence tools may inadvertently disclose sensitive data, according to a study released today by data protection startup Harmonic Security Inc.
Digital Leadership Must-Haves for 2025: A CDO's Picks

Now that he's more than a year and a half into his chief digital officer role at NJIT, we've asked Ed Wozencroft to reflect on his areas of concentration: What work must digital leaders "own" in 2025?

CAMPUS TECHNOLOGY NEWS

Email Address*Country*Select primary job title/function*

Please type the letters/numbers you see above.