Home networks and personal computers often are not secured like the networks and computers on campus, which increases the risk of computer viruses and other threats. Private colleges and universities are working to ensure the safety and speed of information transmitted in the new learning environment. That environment includes the equipment used at home, data security and encryption, data usage in real time, user guidelines, and access to technical support.
Equipment Used at Home
Regarding the security of home networks, The United States Office of the Director of National Intelligence (DNI) advises changing the default password of the routing device and making sure it has firewall capabilities. Additionally, DNI suggests using “organization provided equipment and accounts to conduct work while away from the office.”
Desktops and laptops that are proprietary to the institution have been vetted by the Information Technology (IT) office, and likely have safeguards already in place to limit access to potentially harmful malware and other intrusions. However, schools typically do not furnish every person on campus with a computer. For those unable to use campus equipment, follow all safety precautions as recommended by the IT office and campus leadership.
Data Security and Encryption
DNI also recommends installing a comprehensive security suite, noting that some suites also “provide access to a cloud-based reputation service for detecting and preventing execution of malware.” Utilizing the “cloud” to store, transmit, and compute information picked up steam in the early 2000s and has evolved into the preferred way to manage large amounts of data.
These systems have become more widely available in the past ten years, but not all campuses have shifted to cloud services. Some continue to use on-site administrative systems, particularly smaller organizations.
Brigham Young University (BYU) in Provo, UT provides access to cloud storage via Box, a company focused on secure collaboration between file users and editors. Box uses advanced security controls, threat detection, data privacy, and follows industry compliance to ensure files are secure. BYU also provides Cloud Apps, so that students have enough speed and storage regardless of the status of their personal computer. Accessible only by user names and passwords, these resources also use two-factor authentication to add a layer of security.
Schools like Lewis and Clark College in Portland, OR and Alma College in Alma, MI provide remote access to on-campus systems via a Virtual Private Network (VPN). The IT office at Lewis and Clark explains that a VPN “provides a secure and encrypted way of connecting to college services remotely. If you need to use specialized software or access large data sets that you have access to on your local workstation, remote desktop may be a viable option.” Alma College also offers Remote Desktop Service so faculty and staff can access specialized reports and documents, as well as call routing, which can be turned on and off through the campus portal.
Data Usage in Real Time
An administrative system such as Enterprise Resource Planning (ERP) operations allow a multitude of processes to work at the same time and enables the flow of data between them. Day to day business activities such as equipment purchasing, bursar’s office transactions, food and beverage logistics, enrollment, and registration are managed by ERP systems. While some of that activity may have slowed due to students moving off campus, there has been an increase in usage of campus learning management software.
Students are now using Canvas, Moodle, Blackboard, SMART Learning Suite and other tools for online learning at the same time as administrators and staff are also working online in their respective software systems. The concurrent usage of data within a system may cause delays and loss of information. The increased load on the systems due to increased usage is a concern IT offices can address. For example, when the semester resumed in March at BYU, the Office of Information Technology responded to reports of lags and problems logging on to Learning Suite. Students were updated via Twitter that the office knew about issues with access to Learning Suite and were working to resolve them.
Allowing other people in the household to access the device used to work from home is risky. Even something as seemingly harmless as allowing a child to print an assignment from a work computer could compromise data security.
The information provided by DNI serves as a guideline for campus leaders. BYU advises faculty and staff to use university provided equipment, lock the computer when not in use, and limit usage to one person as ways to protect sensitive data.
Ensure the operating system is up to date, and install and regularly run antivirus software. In addition, Lewis and Clark suggest separating networks so that company devices are on a different network than personal devices, which can be accomplished by using the VPN described previously.
Alma College points to the US Department of Homeland Security warnings to be careful when clicking on links in emails and other guidelines regarding cyber scams. Updating policies and procedures and communicating the expectations set by school leadership is paramount for ensuring data security.
Access to Technical Support
Students and faculty can use this resource to ensure they are following the best practices as set forth by campus leaders and to troubleshoot an issue. Typically, IT help desks are accessible through signing in with college credentials, by phone, or by email, or live chat. Service providers also have protocols for providing support to the IT office. These protocols are found in contractual agreements and can be reviewed by administrators to ensure data privacy and continuity plans.
It is ultimately up to students, faculty, and staff to ensure online security. Using campus owned equipment when possible, following all guidelines and getting support when needed is the responsibility of the campus community. Together, amidst the COVID-19 crisis, both physical safety and online security can remain protected.