Events for all Levels and InterestsStay
Jump Start Your Career GrowthStay
Get on the Higher Ed IT MapStay
Uncommon Thinking for the Common Good™Stay
Filter by type
Filter by Publications
Filter by Library Taxonomy
- Cybersecurity [x]
- Information Technology Management and Leadership [x]
- Policy and Law [x]
- Security Management (28)
- Federal Policy and Law (21)
- Campus Policy and Law (19)
- Campus Policies (18)
- Security Policies (17)
- Institutional Management (15)
- IT Governance (14)
- Incident Handling and Response (13)
- Cybersecurity Policy (11)
- Federal Privacy Law (8)
- Security Risk Assessment and Analysis (8)
- Data Security (7)
- Privacy (7)
- Identity and Access Management (6)
- Security Awareness (6)
- Health Insurance Portability and Accountability Act (HIPAA) (5)
- Staffing (5)
The higher education sector plays an important role in the cybersecurity of America. Through its core mission of teaching and learning, higher education is the main source of future leaders, innovators, and the technical workforce. Through research, higher education is the basic source of much of our new knowledge and future technologies. Colleges and universities also operate some of the world's largest collections of computers and high-speed networks. This resource page provides information related to all aspects of cybersecurity for higher education, with an emphasis on strategies, policies, and other tools that will assist institutions of higher education to prevent, detect, and respond to vulnerabilities that threaten college and university computers and networks.
EDUCAUSE is actively involved with this area through the EDUCAUSE/Internet2 Higher Education Information Security Council (formerly the Security Task Force).
Information Security Guide: Effective Practices and Solutions for Higher Education
The Information Security Guide: Effective Practices and Solutions for Higher Education is now available in wiki format. This resource provides practical approaches to preventing, detecting, and responding to security problems in a wide range of higher education environments. This online service is designed with colleges and universities in mind, balancing our need for security with the need for an open, collaborative networking environment. Also, because one of the overarching concerns in college and university information technology (IT) departments is a lack of resources, an effort is made to provide low-cost solutions. The target audiences are those responsible for information security in colleges and universities and information technology staff who implement and manage security measures. Recognizing that many institutions have initiated or are in the process of developing IT security programs and policies, an effort is made throughout this resource to present practices that are useful at each stage of the developmental process.
As a community-driven, community-serving project, it is important for this initiative to incorporate experiences and perspectives from many different institutions. To contribute case studies that have been effective in your institution, please contact firstname.lastname@example.org.
View past and future security-related events.
InCommon will be heavily involved in a $1.8 million grant awarded to Internet2 to build a consistent and robust privacy infrastructure. Partners include Carnegie Mellon, Brown, University of Texas...
Virginia Tech has become the first identity provider to achieve Bronze and Silver certification as part of the InCommon Assurance Program.
The annual EDUCAUSE Conference in Denver will provide an opportunity to explore the range and depth of issues that campuses must consider as they build...
Find a variety of E12 security and privacy-related sessions in Denver or online.
Find resources and see what other campuses are doing this October for NCSAM.
NCSAM article in the latest EDUCAUSE Review offers resources and suggestions for campuses to support security awareness efforts in October.
Library Items on this Topic
EDUCAUSE Library Items for Cybersecurity
- Enterprise Content-Aware DLP Solution Comparison and Select Vendor Profiles
May 14, 2013
This Gartner report covers content-aware data-loss prevention, which has grown up and is on the verge of becoming a standard part of security architecture. A small set of vendors dominate a major…
- Software-as-a-Service Email Security: Risk vs. Trust
May 31, 2012
Many organizations would be interested in treating e-mail as a commodity —cutting costs and resource investments by outsourcing it to a software as a service (SaaS) provider. However, …
- Who Should Get In?
June 1, 2011
Back to ECAR 2011 Identity Management Research Hub This chart reflects findings from the ECAR 2011 research of identity management (…
- Does Higher Education Need a New Ethical Framework for the Internet?
March 22, 2011
This ECAR research bulletin is designed to help decision makers in higher education assess the applicability of four significant historical codes of ethics as they evaluate their current polic…
- Privacy and Confidentiality: Holding IT Service Providers Accountable
November 3, 2009
This ECAR research bulletin addresses the data privacy issues that must be covered by contractual language when entering into an agreement for externally provided IT services or for external con…
- Collective Wisdom on E-Mail Outsourcing
November 17, 2009
This ECAR research bulletin covers experiences and lessons learned from 10 IT leaders who have transitioned their institutions to an outsourced e-mail solution. It provides data from the 2009 EC…
- Information Security Governance: Standardizing the Practice of Information Security
August 19, 2008
This ECAR research bulletin discusses the trend to use a variety of risk assessment frameworks and standards to create an information security program that is sufficiently comprehensive for colle…
- Regulatory Compliance Training: Public Jobs, Private Data
April 15, 2008
This research bulletin details the procedures and processes undertaken by the University of Minnesota to ensure that all employees, from student workers and custodial staff through senior researc…
- IT Security Officer Survey
April 9, 2008
This April 2008 survey is a critical component of the EDUCAUSE Center on Applied Research (ECAR) study of information security officers in higher education. It seeks to understand the important c…
- Managing IT Risk in Higher Education: A Methodology
March 18, 2008
This research bulletin presents a methodology, used successfully at the University of Technology, Sydney (UTS) in Australia, for managing and assessing risks related to information technology sys…