Select Page

What does 40+ universities coming together to tackle payments issues together equal? Let’s just say, a whole lot of good.

As campus IT ecosystems continue to evolve and embrace cloud vendor services, the need for a tool that can evaluate institutional risks to the confidentiality, integrity, and availability of sensitive information including personally identifiable information (PII) has never been greater. Enter the Higher Education Cloud Vendor Assessment Tool (HECVAT), an initiative developed by the Higher Education Information Security Council (HEISC) Shared Assessments Working Group that serves as a “starting point for the assessment of third-party provided cloud services and resources”. Follow along as the team breaks down how HECVAT benefits both universities and cloud providers, and ultimately foreshadows a higher education payments revolution to come.

Drinking from the firehose

Cloud services are immensely valuable for their ability to streamline and secure, but their implementation on campus comes with a price. As most treasurers know, the information security and data protection implications that come with each solution that is added to the university’s payments mix can resemble the same complexity as the neural pathways of a human brain. Already tasked with guarding a university’s best-kept secrets, university treasurers become increasingly overwhelmed when they realize that they are also responsible for keeping a pulse on each individual cloud service.

The grass isn’t greener on the other side

On the other hand, cloud providers are met with serious roadblocks when racing to serve the higher education space. Resource burdens associated with answering each institution’s individual questionnaire for security assessments can be cumbersome and costly. Even worse, it takes their focus away from product improvements, and ultimately results in them passing costs to their clients.

Diligence is due

Despite the barriers to cloud vendor assessments, mapping out a campus IT environment in the lens of cloud providers is crucial to understanding how data is shared and protected. So how can both parties win with HECVAT?

For institutions, they will no longer have to reinvent the wheel every time they want to evaluate a cloud vendor. The standardized tool allows for a consistent security review process, as well as cost and time savings. Cloud vendors are also eager to join the community consortium, as it provides similar cost and time savings, along with the understanding of what is required of them to deliver in the higher ed space.

The future looks bright

As “glass half full” payment advocates, we believe that the HECVAT is a signal of more collaboration to come.

By working together and learning from one another, we can mitigate information security and data protection issues that are unique to higher education.

Speaking of working together, click below to learn how we partnered up with Northwestern University to manage their payments across campus:

Thought Leadership

Recent Insights

Check out the latest trends and reports from Arrow Payments.

Why Emotional Intelligence Matters for Higher Ed

Why Emotional Intelligence Matters for Higher Ed

Emotional intelligence (EI) also referred to as Emotional Quotient (EQ), relates to both the cognitive and emotional capacity to be aware of, in control of, and communicative of emotions within interpersonal relationships.   While emotional intelligence matters for...

Five Traits of an Ideal Higher Ed Payments Partner

Five Traits of an Ideal Higher Ed Payments Partner

For colleges and universities, finding the right payments partner can be daunting. With multiple departments to manage across one or more sprawling campuses, campuses are a lot like little cities. Each department has its own payment needs, including unique processes...

Gain Visibility into Your Higher Education Payment Systems

Find out what’s happening in every department and start building solutions that address fundamental needs.

Start My Discovery