Colleges Leverage Pandemic’s Hard Lessons to Advance Cybersecurity Strategy

Michael Corn reflects on the pandemic’s hard lessons. Photo by Matthew Furman. 

“It’s important to be ready to push back and say, ‘What do you really need to get your job done?’” she says.

Similarly, the pivot to remote learning surfaced a wide range of issues related to privacy. If a class was to be recorded, for example, the institution would need to determine how to securely store and access that recording, and it would need policies to address potential concerns.

For instance, Harris says, “How do you handle students who don’t want their faces on camera? These kinds of issues aren’t new, but institutions like ours that were classically in person now really had to wrestle with them.

FIND OUT: Should higher ed be worried about the Colorado Privacy Act?

Securing the Business Side of Higher Ed

Another organization that’s emerged from the pandemic with a better defense is Connecticut State Colleges & Universities.

“For us, the biggest challenge was on the business side of things — anything that wasn’t student-facing,” says Sherry Pesino, CSCU’s senior information security program administrator. 

Staffers across the consortium’s 17 institutions who were accustomed to working face-to-face with their colleagues “suddenly needed a way to securely communicate with each other and share the documents they used to pass between their cubicles,” she says.

CSCU had offered many courses online well before COVID-19 arrived, so it already had most of the security solutions it needed to help faculty and students go remote. For administrators, though, the staff had to start from scratch, and decided the best approach was to build secure portals.

“We’d talked about the need for these portals before, mostly for communicating with agencies outside of our office,” says Pesino. The pandemic pushed the change forward, but with the cultural shift the new technology required, the implementations were far from easy. “Part of it was that the training we provided on how use them was all done remotely,” she says.

Looking back, Pesino says the lessons she’s taken away from the pandemic range from how to securely manage a meeting in Microsoft Teams to how to talk about cybersecurity to people who aren’t IT savvy. Most of all, she says, she’s learned that it’s possible to weather a worldwide crisis “and come out with a stronger security posture in the end.”

Comments are closed.