Top Cloud Computing Issues For Universities & Their Workarounds
April 2, 2014 | by techlineinfo.com
The educational market becomes more competitive each passing year. Colleges and universities are adopting new learning technologies with an aim to expand outreach, improve efficiency and gain a competitive edge.
The U.S. Department of Education has given a nod to technological development, as evident in the National Education Technology Plan. According to them, the data stored around the globe can assist the administrative and academic resources required to promote education and learning.
The speed of adoption has picked up in recent times. Box announced at the start of the year that their cloud service was adopted by more than 85 institutions with an aim to share and manage content across handheld devices between staff, faculty and students. Also, Box’s partnership with Internet2 provided a simple deployment method of the serve across Notre Dame, Stanford, University of Michigan and Cornell campuses.
But adopters have to take necessary measures to realize the full potential of cloud computing, with the most important being securing the platform.
Security of cloud computing – a concern for institutions
The current issues faced by universities are related to data access, security, ownership, contract and privacy. The compliance areas include electronic delivery, holds of litigation, HIPAA, PCI, FOIA and FERPA.
A great example of a security breach comes out of Oregon Health & Science University. After the physicians and residents in three different departments shared data of patients over Google Cloud services, the officials sent out notifications to almost 3,000 patients stating that their information was compromised.
They also mentioned that they weren’t in an agreement to use the cloud ISP. This was the fourth breach for OHSU; the first three came because of unencrypted data.
Stanford University also became a victim of a data breach earlier in 2013 when its cloud IT infrastructure revealed information and user names. The attack was suggested to be the same one that was launched on other large organizations in the U.S.; the users of the whole Stanford U network (students, faculty, staff etc.) were advised to change their passwords through a notification box on the official website.
Workarounds for universities
Some universities have already realized the issues pertaining to security and are taking necessary measures to minimize the threats. Georgia Tech, for example, recommends a two-factor authentication to reduce the vulnerability of private information stored in the cloud. This action will reduce the exposure of the entire network even if a breach occurs in a single user account. This is not something that is covered by standard software, stronger services like Trend Micro’s deep security software that is build for business’s/organizations is needed to handle their advanced networks.
And for universities aiming to expand, optimize services and reduce costs by utilizing cloud computing applications, deep security software can mitigate risks by encrypting data and key management regardless of whether it’s a private or a hybrid deployment. This becomes even more important for institutes like Indiana University, whose IUAnyWare initiative aimed at converting the end users to use virtualized network applications.
Universities are also recommended to have sufficient due diligence before embracing the cloud. As the OHSU example shows, they weren’t able to secure the data by tapping into the cloud ISP because the institute didn’t have a contractual agreement. The basic measure to take in this case is that institutions should perform an extensive analysis on due diligence before thinking about cloud integration.