Application Security Inc. - Database Security for Educational Organizations

home

client login

partner login

purchasing info

search:

add this

1.	DbProtect Datasheet
2.	Federal Continuous Monitoring On Demand Webinar
3.	Steps to PCI Compliance
4.	Segregation of Duties and SOX Compliance
5.	Two Minute Tutorials

Higher Education

Overview
In the age of information warfare when sensitive information can be easily sold, the databases of colleges and universities are a logical target for cyber criminals. Higher education institutions maintain a constant flow of students, faculty, and alumni and as a result possess a great deal of Personally Identifiable Information (PII.) University networks are widely accessible and carry high volumes of traffic on a daily basis, providing potential cyber criminals with easy access to large amounts of personal data.

Why Now?
From 2009 to 2010 there were over 60 data breaches at higher education institutions, the largest of which resulted in the loss of over 230,000 records. College and university databases house a broad spectrum of sensitive data, including social security numbers, credit card numbers, and the financial information of both students and parents. Most higher education databases also contain personal health information and medical records. With colleges and universities storing countless sensitive data, isn’t it time they start protecting it?

As recently as July 2010, a private university located in Iowa had 93,000 records stolen. Those records contained names, social security numbers, and driver's license numbers of applicants, current and former students, parents, faculty and staff, alumni and donors. The records dated back as far as 1987.

According to the Ponemon Institute each record hacked equates to an average remediation cost of $204 for the institution that was breached.
With 93,000 records compromised, estimated costs to the university as a result of the breach were $18,972,000
With 12,230 students in attendance, the cost of this breach equates to $1,551 per current student.
To learn more about recent breaches visit DataLossdb and Privacy Rights Clearinghouse

Colleges and universities store some of our most sensitive data; however, most universities and colleges face serious challenges in protecting that data leaving them with minimal protection and a constant risk of database security breaches.

Requirements
Several Security Risk and Compliance acts apply directly to higher education institutions. These acts include:

Family Educational Rights and Privacy Act (FERPA) – guidelines for the protection of student records and privacy rights.
Gramm-Leach-Bliley Act (GLBA) – outlines requirements for the collection of personal financial information.
Health Insurance Portability and Accountability Act of 1996 (HIPAA) – defines requirements for the access and transfer of health and medical records.
Payment Card Industry Standard (PCI-DSS) – defines requirements for the protection of cardholder information.

Why dbProtect?
DBProtect is the leading enterprise solution for database Security, Risk, and Compliance. It utilizes a recognized security lifecycle approach to ensure that risks are minimized, security is ensured, and compliance requirements are met. DbProtect can be applied to the higher education model to provide a successful solution and optimize educational data risk management. The solution allows IT administrators at colleges and universities to rapidly implement a scalable centralized security system that manages and maintains control over the distributed database environment common in most educational organizations. DBProtect safeguards institutional data through the following enterprise functionality:

Click here to learn more about DbProtect.

Review Analyst Reports