Pages

Tuesday, October 2, 2018

Where is Your Student Data Stored and How is it Being Secured?

Best Practices to Guard against Cyber Threats, Especially from Third-Party Vendors

By John Ramsey
National Student Clearinghouse Chief Information Security Officer
Cybersecurity White PaperThe National Student Clearinghouse, EDUCAUSE and the Research and Education Networking Information Sharing and Analysis Center (REN-ISAC) released today the white paper, “Cybersecurity: Why It Matters to Registrars, Enrollment Managers and Higher Education,” to kick off October as National Cybersecurity Awareness Month.
Registrars and enrollment managers play central roles in an institution’s cybersecurity posture. The choices they make each day directly affect student data security. Yet there can be a disconnect between that data’s primary custodians and the information technology (IT) department that manages the systems on which the information is stored. It is imperative that both the registrar’s office and enrollment management office are in lockstep with the IT department with respect to the institution’s cybersecurity efforts, to guard against cyber threats, especially from third-party vendors.
Also, if administrators are using third-party vendors, where is student data stored and how is it being secured? If registrars and enrollment managers do not know, it’s time to find out. This is the only way they can fulfill their responsibility as a careful steward of student data.
The most important cost to keep in mind is the long-term cost that students face after they have had their personal information stolen, which can translate into lifelong negative effects if their data is used.
The white paper is based on the Clearinghouse’s 25-year record of maintaining the confidentiality and privacy of student records and frequent cybersecurity conversations with registrars, enrollment managers and other institution officials, EDUCAUSE and REN-ISAC’s cybersecurity work over many years, and current best practices expressed in two recent major reports.
To learn about other best practices to guard against cyber threats, especially from third-party vendors, review Cybersecurity: Why It Matters to Registrars, Enrollment Managers and Higher Education” today for guidance from the Clearinghouse, EDUCAUSE and REN-ISAC.
image of a monitor screen with data explaining where data breaches happen
If administrators are using third-party vendors, where is student data stored and how is it being secured? If registrars and enrollment managers do not know, it’s time to find out.

partially reposted from: National Student Clearinghouse Blog, Oct 1, 2018