Bad actors have continued to target higher ed security vulnerabilities over the past twelve months, according to a recent report by cybersecurity company CrowdStrike. The annual global report pointed to financially motivated criminals along with hacktivists and nation-state entities. The report highlights that cybercrime has increased across nearly all sectors, but the education sector continues to struggle with security hygiene.
Universities Struggle with Access Control
Access control is still behind some higher ed security vulnerabilities. Another recent survey of the Educause IT Support Services Community Group showed that many colleges and universities are still supplying staff and faculty administrative privileges on computer networks. The survey highlighted that little progress has been made in higher ed’s approach to admin policies.
Specifically, the report showed that roughly 30% of respondents said their school automatically granted admin privileges to all employees in 2017. This percentage remained the same in 2022. The silver lining is that this year’s survey found that 30% of respondents say they plan to adopt more stringent policies for admin privileges. This percentage is down compared to 20% in 2017. Transitioning to systems where admin permissions for non-IT staff are only granted on request is ideal.
This is key in a sector where security vulnerabilities are typically tied to end-user admin rights. It’s a simple fix. However, many institutions believe they will receive pushback from non-IT users who do not want to relinquish admin rights. Undoubtedly, leadership buy-in is necessary for this type of change.
Ransomware Still Among Top Higher Ed Security Vulnerabilities
CrowdStrike’s report also noted that ransomware is becoming easier for bad actors to carry out. This is especially threatening to higher ed, which foreign-backed threats and financially motivated bad actors regularly target.
Massive user bases, large stores of intellectual property, and high-value research all make higher ed institutions prime targets for these nefarious characters. It’s such a problem that the FBI released a warning to universities earlier in the year about the availability of stolen network credentials on criminal forums.
As ransomware-as-a-service becomes a prominent threat, institutions face an onslaught of cybercrime from both sophisticated and novice criminals who view them as easy targets. And one doesn’t have to look far to see the gravity of attack consequences. Lincoln College, based in Illinois, closed earlier this year after a ransomware attack contributed to other financial struggles.
A Secure Campus is a Smart Campus
Colleges and universities are ground zero for digital innovation. Maintaining that badge of honor requires equally innovative security solutions that protect sensitive data. The goal is to implement robust security measures that do not hamper speed or creativity.
Payments security should also be a priority, especially on evolving campuses that want to provide the best emerging payment options to students, faculty, and staff. Yet cobbling together disparate security systems without expertise in payments can seem like a crippling endeavor.
Arrow Payments can help. Our experienced team of payments security experts can help you create a multi-layered defense against bad actors and fraud. From tools and devices to integration and more, Arrow Payments is your one-stop shop for addressing higher ed security vulnerabilities. We’ll help you achieve the highest level of security while maintaining operational efficiency. Contact us today for your free consultation.