Search The Site
 
More options | Back issues
Home
News
Opinion & Forums
Careers
Multimedia
Chronicle/Gallup
Leadership Forum
Technology Forum
Resource Center
Campus Viewpoints
Services

The Chronicle of Higher Education
The Wired Campus

May 9, 2008

Software Vendor Has Agreed to Pay for Credit Monitoring for Students

Richard Blumenthal, Connecticut’s attorney general, said he is encouraged by SunGard’s response this week to his questions regarding the steps the software company has taken to protect students’ personal data. The attorney general castigated SunGard last month for a computer-security breach that affected 3,502 current or former students at the Connecticut State University System. A laptop owned by a consultant for the company was stolen at a New York college campus. The laptop, which has not been recovered, contained Social Security numbers and other confidential data for tens of thousands of students at college campuses across the country.

In a phone conversation Thursday, Mr. Blumenthal said SunGard has agreed to pay for two years of credit monitoring and $25,000 in identity-theft insurance for each of the affected students in Connecticut. However, SunGard has declined to pay for students to freeze and unfreeze their credit reports, as the attorney general requested. He said officials from his office will be meeting with those from SunGard to discuss the issue.

Meanwhile, The Chronicle has learned that two more campuses have been affected by the security lapse. About 150 students at Yeshiva University in New York City have been notified that their information was on the laptop, as have 5,400 students at Argosy University. —Andrea L. Foster

Posted on Friday May 9, 2008 | Permalink | Comment

May 8, 2008

Educause Survey: Top 10 IT Issues in Higher Education

Educause, the higher-education-technology consortium, released the results yesterday of its 2008 survey on the top IT issues in higher education.

The top-10 issues “most important for… institutions to resolve for strategic success” are:

1) Security
2) Administrative/ERP Information Systems
3) Funding IT
4) Infrastructure
5) Identity/Access Management
6) Disaster Recovery/Business Continuity
7) Governance, Organization, and Leadership
8) Change Management
9) E-Learning/Distributed Teaching and Learning
10) Staffing/HR Management/Training

Since 2003, the top three issues issues have been, in various rankings, security, administrative/ERP information systems, and funding IT. This year was the first time that “change management” appeared in the top-10 list, however.

Click here to find resources relating to each of these issues and an additional breakdown of the survey results.—Catherine Rampell

Posted on Thursday May 8, 2008 | Permalink | Comment [3]

May 7, 2008

'Twittering' During a Campus Lockdown

Over on the blog bavatuesdays, a professor tells of a visit yesterday to the University of Richmond for a lecture that was interrupted by a lockdown following reports of a gunman on the campus. As the audience sat in a dark, locked room awaiting their fates, hoping and praying that tragedy wouldn’t befall another Virginia university, they began communicating and comforting each other via Twitter.

“I found the act to be really soothing,” Jim Groom, an instructional-technology specialist and adjunct professor at the University of Mary Washington, wrote on his blog. “People at UR were sharing information and giving advice to one another, while the larger network from around the world was sending regards, prayers, questions, and their well wishes.

“I had a very powerful sense that those ‘others’ were there with us from beyond that lab, or even the UR campus. I can’t fully explain why that felt so good, someone even offered a Safety dance from abroad, nothing like a laugh during a moment of untold strangeness. …

“For those thinking about a means to manage a crisis, I would put Twitter, or an application like it at the top of the list. It proved invaluable today for all sorts of reasons, and it made all the other means of connecting with others and collecting information dreadfully inadequate.”

Here’s a link to Mr. Groom’s tweets from the day. —Catherine Rampell

Posted on Wednesday May 7, 2008 | Permalink | Comment [5]

May 5, 2008

Officials Discuss the Importance of Privacy in Online Class Discussions

Arlington, Va. — Holding class discussions online raises privacy issues that colleges are still struggling to work through, said David Escalante, director of computer policy and security at Boston College, during a session today at Educause’s annual conference for campus-security officials, held just outside of Washington, D.C.

If online discussions had been around when today’s presidential candidates were in college, he suggested, their words might be dredged up and used against them now by political enemies. “Can you make a statement in an online forum and not worry that someone’s going to whack you with it later?” asked Mr. Escalante.

He said that many class discussions take place using course-management systems, and that the discussions are usually archived — and sometimes even made public online. Making discussions public that have traditionally happened behind closed classroom doors could hamper freewheeling debate, he said.

He suggested that colleges make sure that online discussions can only be seen by students taking the course. Or that if discussions are made public, that students be allowed to remain anonymous (except to the professor). Even so, however, there’s nothing stopping students in a course from saving all class discussion to their own drives and making it public later.

“Somebody’s going to get badly burned by this,” he said, “because people aren’t thinking about this.” —Jeffrey R. Young

Posted on Monday May 5, 2008 | Permalink | Comment [6]

May 2, 2008

More Colleges Warn Students About Identity Theft Following SunGard Security Breach

Last week The Chronicle reported that at least 18 colleges were hurriedly trying to inform tens of thousands of students that their identities were at risk of being stolen after the software vendor SunGard announced that a thief took off with a laptop owned by one of its consultants.

Since then, at least three more colleges have revealed that confidential data about their students was on the laptop, too. The institutions are: Meridian Community College, in Meridian, Miss.; Virginia Tech, in Blacksburg, Va.; and St. John Fisher College, in Rochester, N.Y. Meridian advised 4,454 former students to take steps to protect their credit. St John Fisher did the same for nearly 2,000 current and former students. Virginia Tech has not disclosed how many people have been affected by the security breach. —Andrea L. Foster

Posted on Friday May 2, 2008 | Permalink | Comment [9]

May 1, 2008

U. of Florida Searches for Person Who Disclosed Controversial Admissions Decision

The University of Florida will begin combing through the e-mail messages of students and faculty members in search of someone who leaked to the press information about a controversial admissions decision, The Gainesville Sun reports today.

The newspaper reported in April that the son of a Republican fund raiser was admitted to the university’s College of Medicine even though the committee charged with making admissions decisions had rejected him. The dean of the medical college, Bruce C. Kone, overrode the committee’s decision, the newspaper reported.

It identified the admittee as Benjamin Mendelsohn. His father is a Hollywood, Fla., ophthalmologist who gave, and encouraged others to give, money to the 2006 campaign of Gov. Charlie Crist.

E-mail messages from faculty members at state-run universities are considered public records in Florida. Student e-mail messages, on the other hand, are considered protected personal information under the federal Family Educational Rights and Privacy Act.

But a spokeswoman for the university, Janine Sikes, is quoted saying the university is justified in searching through students’ e-mail messages in this case. Only university e-mail accounts will be scanned, she said, not those that students establish via commercial providers. —Andrea L. Foster

Posted on Thursday May 1, 2008 | Permalink | Comment [36]

April 30, 2008

Princeton U. Scientist Questions N.J. Voting Results in Presidential Primary

Did Sen. Hillary Rodham Clinton really prevail over Sen. Barack Obama in the Democratic presidential primary in New Jersey in February? That’s the official word. But Edward W. Felten, a renowned computer-security expert at Princeton University, who regularly takes apart electronic voting machines, is raising questions.

He analyzed vote totals from three different sources in the New Jersey district of Pennsauken, and discovered a disquieting discrepancy in the Democratic count. (People cast their votes on Sequoia touch-screen voting machines.) Vote totals reported by the country clerk show 279 votes were cast: 181 for Ms. Clinton, 94 for Mr. Obama, two for Gov. Bill Richardson, one for John Edwards, and one for Sen. Joseph Biden. Voting machines tapes confirm that the total Democratic turnout in the district was 279. But a tape of “candidate totals” shows that Mr. Obama received 95 votes, making the total Democratic turnout 280.

“This is wrong,” Mr. Felten wrote on his blog last week, of the incongruity. He is calling for an independent investigation of the voting results. —Andrea L. Foster

Posted on Wednesday April 30, 2008 | Permalink | Comment [21]

April 28, 2008

Hacker Is Able to View Private Data at Southern Connecticut State U.

Shortly after warning students that their personal information — stored on a laptop — may have fallen into the wrong hands, Southern Connecticut State University is grappling with yet another, apparently unrelated security breach.

A hacker gained access to a university Web server containing 11,000 names linked to Social Security numbers, and other personal data. Richard Blumenthal, Connecticut’s attorney general, sent a letter last week to Michael J. Hogan, president of the University of Connecticut, describing the breach and advising him that the many campuses he oversees should be vigilant about their storage, use, and disposal of confidential data.

Mr. Blumenthal said it was unclear what the motive was for the hacking. He said Southern Connecticut State was providing those affected by the incident with two years of credit-monitoring services, and paying for them to freeze their credit reports.—-Andrea L. Foster

Posted on Monday April 28, 2008 | Permalink | Comment [7]

April 9, 2008

At Least 86 Campuses Have Been Hit in E-Mail 'Phishing' Scam

An informal survey conducted this week on an e-mail list for campus computer-security administrators showed that at least 86 campuses have been hit in an e-mail scam aimed at colleges.

As we reported last week, malicious hackers are sending e-mail messages to students, professors, and staff members at colleges around the country that seek to trick them into giving away their college-network password and other personal information. The approach is known as “phishing,” and until recently the most common targets were online banking and payment services rather than college networks.

Douglas Pearson, technical director of the Research and Education Networking Information Sharing and Analysis Center at Indiana University at Bloomington, polled members of the center’s e-mail list about the phishing scheme at the request of The Chronicle. About 250 colleges are represented on the e-mail list, he said, and about 107 replied to the survey.

Most of the respondents reported seeing the scam messages on their networks. “Of those sites that received the phish, 61 reported that someone at the institution fell for the attack, 9 reported no, and 16 reported unknown,” wrote Mr. Pearson in an e-mail interview. At campuses where users fell for the trick, 42 reported that the passwords were used to break into the campus network.

The source of the messages is unclear, though some officials have been trying to track down the culprits. “A good number of the attacks appear to be from a common source,” said Mr. Pearson. —Jeffrey R. Young

Posted on Wednesday April 9, 2008 | Permalink | Comment [6]

Malicious Hackers Send Users of Community College's Home Page to Porn Site

Some users who tried to view Blue Mountain Community College’s Web site this week saw pornographic images instead. A computer attacker had redirected one of the Oregon college’s Web addresses to a site promising “adult webcam girls.”

The incident happened while administrators were switching to a new Web address, bluecc.edu Malicious hackers hijacked the old address and set it so that users who had bookmarked the old address, or who found the site through a Google search, got a surprise, according to a report in the East Oregonian.

The problem has now been corrected, and officials say no sensitive information was breached. —Jeffrey R. Young

Posted on Wednesday April 9, 2008 | Permalink | Comment [3]

Previous

Copyright © 2008 by The Chronicle of Higher Education | Contact us
User agreement | Privacy policy | About The Chronicle | Site map | Help
Subscribe | Advertise with us | Press inquiries | RSS | Today's most e-mailed
Home | Chronicle Careers | The Chronicle Review