Possible Security Issues That A University Can Face
We are leaving in a world full of internet, and new technologies are been introduced daily. And every technology surely have some benefits and disadvantages also, and one of the big disadvantage is cyber-crimes and it has to be removed because this crime cannot be avoided. Now, I’m being hired by a university as a cyber-security consultant. So, I’m going to guide them about possible security issues that a university can face, aware them from those threats that can be very harmful for the institution and also how to bypass all these threats.
All universities use some kind of security tactics to avoid unknown users to access their information system. The university is currently using a password based authentication system on their computer to avoid personal information from the students and only the selected staff can access it. In password based authentication a computer’s login is secured by a password, but its inner features are also secured with further passwords. For example: if someone tries to copy some that from a computer and when they will try to connect a storage device to the computer security system will turn on and it will ask for a password. The next example is if someone tries to install some software doesn’t matter its harmful for computer or not it will be downloaded but it won’t get installed, installation will acquire a password.
BYOD (Bring your own device)
But university currently changed their policy and introduced a new policy “Bring your own device” policy as well known as BYOD. This policy is rising high, and it also became a trend. In this policy student or staff bring their own devices, and among these devices the most common device is a smart phone and other devices that mostly students bring or laptops, tablets and storage devices such as USB.
But BYOD policies also have some disadvantages that can cause problem for the university related to the information. Because different types of threats can occur and various problems also, and I’m going to write some in my report.
- Increase risk of data leakage.
- Exploits vulnerabilities.
- Mixing personal and business data.
- Poorly cared for device.
- IT infrastructure.
These are the possible threats that can occur, and the increase risk of data leakage, exploit vulnerabilities and mixing personal and business data these are the most critical problems a university can face because of using BYOD policy data leakage and mixing of data are the critical assets of personal information and these threats must be removed at any cost.
This policy can cause threats to personal information because nowadays, everyone have a smart phone and when they will bring it there workplace or education center there will be more leakage of data because mobile phones and tablets are considered as the weakest link of security and easy to be cracked because almost everyone is reliable on the universities Wi-Fi. This is reason hacker will surely go for the mobile devices because they are using a public network and have no security protocol. And this is also a reason in most of the companies or departments phones and tablets or not allowed.
There are some possible ways to overcome these threats and one the most important is stop using public network such as universities Wi-Fi, it gives free entrance to the hacker and second is implement security systems in your mobile phones and tablets that are not easy to be cracked and the third one is implement acceptable use policies and procedures that clearly communicate the boundaries, and what happens if these are violated (antivirus policy and data protection policy).
Above mentioned all threats are possible to occur in universities but the chances of the first three are the most because its related to the personal data or destroying data of a user. Mixing of personal and business data is a type of destroying it. By using the qualitative risk assessment approach an organization can avoid access of personal data. Qualitative risk assessment doesn’t work like quantitative risk assessment, it doesn’t consist on numerical approaches but it results in the form of description or explanation, give recommendation and the reason through which risk assessment is connected.
The main overall result of qualitative risk assessment is that is risk is connected to open network internet because as written above its easy to crack and if the internet connection is on a mobile device than its more easier, to overcome these risks avoid using open network internet, encryptions must be installed use of firewalls and antivirus policies must be used.
Cite this Essay
To export a reference to this article please select a referencing style below