Category Archives: Security


The ‘Heartbleed’ Bug and How Internet Users Can Protect Themselves

Security professionals working in higher education are updating servers, reissuing certificates used to guarantee secure Internet transactions, and encouraging students and faculty and staff members to take a break from the commercial Internet following the discovery of a programming flaw in a widely used Internet tool.

Dubbed “Heartbleed,” the Internet-security breakdown cuts across industries and has raised anew questions about the vulnerability of proprietary data and personal information sh…


QuickWire: Contractor Says He Hacked Maryland Network to Expose Flaws

A former employee of a University of Maryland contractor has told The Baltimore Sun that he breached the university’s network in an effort to highlight cybersecurity flaws that he said were being ignored.

The employee, David Helkowski, was with a company hired to work on a university website when, he said, he noticed and reported security flaws. When no action was taken to correct them, he said, he took administrators’ information, including President Wallace D. Loh’s Social Security and cellpho…


Google Blocks U. of Illinois at Chicago From Emailing Its Own Students

The University of Illinois at Chicago recently found itself living a modern nightmare: Google’s automated cybersecurity regime mistook the university as the culprit in a spam attack on the university’s students and began blocking university email accounts from sending messages to Gmail users.

The blocking went on for more than two weeks, and the affected Gmail users included 13,000 of the university’s own students. University officials describe those two weeks as a Kafkaesque state of limbo.

On …


Harvard U. Committee Proposes Standards for Email Searches

In the wake of a 2013 ruckus that cost a top Harvard University dean her job, a committee appointed by Harvard’s president has recommended that the university adopt institutionwide standards for gaining access to email and other accounts used by students, faculty members, and employees.

“At present, the university lacks a clear, overarching policy in this area,” says the committee’s report. “The absence of a single, visible, and comprehensive policy has led to confusion and uncertainty.”

The com…


Data Breach at Indiana U. Exposes Information on 146,000 Students

Data stored in an insecure online location for nearly a year exposed personal information on 146,000 students and recent graduates of Indiana University, officials said on Tuesday. The lapse occurred in the registrar’s office when a data file was placed in the wrong folder; it was discovered by an employee last week.

There is no evidence that the university was the target of a cyberattack, said Bradley C. Wheeler, vice president for information technology and chief information officer for the …


White House Releases Framework Meant to Reduce Cyberattacks

The White House released on Wednesday a framework of best practices in cybersecurity designed to help businesses and organizations protect critical infrastructure and intellectual property.

While the education-technology consortium Educause maintains a cybersecurity guide that dates back a decade, the new framework could still prove useful in higher education, where chief information and chief security officers cite cybersecurity attacks as a growing problem. During the last year, many coll…


QuickWire: Security Lapse at Arizona 2-Year Colleges Could Affect 2.5 Million

The Maricopa County Community College District, a 10-college system based in Tempe, Ariz., said on Wednesday that it was notifying almost 2.5 million people that their names, birth dates, Social Security numbers, and bank-account information may have been exposed to unauthorized viewers.

In a news release, district officials said they had begun investigating the security of their computer networks after federal authorities warned them about problems in late April. Among those whose information i…


Emergency App Puts a Panic Button in Smartphone Users’ Hands

When Chad Salahshour’s daughter was accepted into the law program at Cleveland State University three years ago, he wanted a way to know she was safe on the campus. Having worked as a technology officer in a local police department for more than 20 years, and having created security apps for law enforcement as well, he knew about measures that could help prevent crime. So he decided to take matters into his own hands and make a campus-specific emergency app for smartphones that students could …


U. at Albany Will Share Technology Services With Community College

The State University of New York’s University at Albany and nearby Hudson Valley Community College have agreed to take the first steps in what officials envision as a long-term, multifaceted sharing of information-technology services and facilities.

They are the first institutions in the 64-campus SUNY system to share information-technology resources, and the arrangement could become a model for other colleges, officials say. Each institution will house secondary backup servers for the other, an…


QuickWire: How Good Are Your Cybersecurity Practices?

The Higher Education Information Security Council is calling on colleges and universities to mark the 10th annual National Cyber Security Awareness Month, which kicked off on Tuesday, by promoting best practices in information security.

The council, part of the larger education-technology organization Educause, held its own information-awareness video and poster contest to engage students. It also developed a resource kit for colleges and a calendar of related events on campuses across the count…