There’s been a concerning trend over the last few years in the higher education field. No, not the sky-high tuition aimed to keep you in debt. Today we’re talking about cyber security breaches aimed at institutions, students and faculty.
Who is being attacked?
Out of all the industries being targeted by cyber hackers higher educational is second only to healthcare. So why target universities? Well just like the healthcare field cyber-attacks are aiming to score valuable personally identifiable information. Types of information include social security numbers, dates of births, and credit card numbers. Along with that login information is valuable to gain access into university sites. Another big reason is a lot of the most cutting-edge research is being done at universities. Accessing this secretive information is very valuable to the hackers because the information gained.
For example, when Penn State was hacked in 2015 Provost Nicholas Jones was interviewed here and proclaimed, “I don’t think that they were run-of-the-mill criminals after credit card information. We have a lot of really smart people here doing state-of-the-art research. It’s arguably cheaper to try to steal that information than to create it yourself.”
Now how are the hackers getting in? Well, there’s easy grabs like the email phishing. This was used to attack the University of Texas and Loyola University Chicago. Phishing emails are sent from pseudo accounts acting as urgent messages from the school requiring students or faculty to login. Doing so immediately forfeits their credentials over to the hackers. Apart from this a lot of schools have vulnerable web applications due to limited IT resources with no investment put into security. Along with this university login sites will often have no password guidelines, or may operate on a patch worked environment where one must sign onto several different applications (see my article explaining this horrific system at Rensselaer Polytechnic Institute). Having systems like this make it easy to hack into since there are many points that can be breached.
How can I protect myself?
Now I don’t enjoy focusing on the negative so let’s get into how PortalGuard can help universities combat this spree of hacking. PortalGuard is all about security and ease of use.
PortalGuard provides students and faculty the ability to enroll into Two Factor Authentication (2FA). So even if they are hit with phishing emails it wouldn’t provide the hackers with the full spectrum of information needed to get into accounts. 2FA adds an additional layer of security after the password which can range from a one-time password being sent via SMS to google authenticator. This info can all be found here! PortalGuard eliminates the unorganized nature of having multiple applications you need to login to, into a beautiful Single Sign-on page (SSO). On top of this PortalGuard also has Self-service Password Reset (SSPR) allowing IT to get less help desk calls and can focus on other innovation and protection against network breaches.
If things somehow do get bad, PortalGuard has a wonderful announcements feature that can notify students and staff of possible breaches or attacks as soon as they go to log on. PortalGuard has strict password requirements making it incredibly hard for hackers to breach your login. Lastly, PortalGuard is an on-premises solution which is less risk for breach than being hosted on a shared cloud. If someone in a shared cloud gets breached, then all users in that cloud are vulnerable. That’s a risk worth thinking about during your purchase decision.
PistolStar, Inc. Engineers are constantly updating PortalGuard to ensure it keeps up with new technology and remains an industry leader in security. Take the proactive approach and get protected today!