You are here

Editor's Note

Precaution Is Better Than Cure

University Business, Nov 2010

A friend recently told me that she had deactivated her Facebook account because of security concerns. Just last month we heard that some Facebook applications, such as the extremely (yet inexplicably) popular Farmville game, were causing identifying information to be sent to advertisers without the users' consent.

As our feature "Friend or Foe" (page 50) points out, whenever a new technology comes along, someone who wants to compromise it won't be far behind. In addition to the errant Facebook app, a shortened link in Twitter or a pasted URL in a YouTube video can unleash all manner of malware, according to the experts. And, as these channels become increasingly popular in college and university settings, the security challenges that IT directors face are multiplied many times over.

But firewalls and access controls can't do it alone.

Last month the University Business Leadership Institute, in partnership with GovConnection and Cisco Systems, hosted a group of higher education CIOs in a discussion of the new challenges and management of security risks in the university environment.

As Tom Gillis, vice president and general manager for Cisco's Security Technology Business Unit, told the group, "The cultural environment is one of openness and, especially in the student population, it's silly to even talk about [controlling access]. They are going to hook up that Xbox to the network anyway, so trying to stop that is like trying to hold back the ocean."

A shortened Twitter link or a URL in YouTube can wreak network havoc.

This disruptive change is difficult to respond to, he said, and security tools are still nascent. And when it comes to student access, many campus CIOs are just trying to keep things from getting out of control.

"It's not about delivering an excellent experience; it's about minimizing the cost of supporting it," Gillis said. "You have such a broad constituency that you can't please everyone. You have this incredible spectrum of missions that you need to accomplish with a single team that is usually massively under-resourced. It is not an easy task."

We here at University Business are fans and users of social media, from blogs and instant messaging to Twitter, Facebook, and other services. We find them helpful not only in promoting our publication and its various offshoots, such as web seminars, conferences, and contests, but also in keeping our collective finger on the pulse of the fast-changing world of higher education. We learn about breaking news as it happens, track trends, find sources, get opinions, and more, at the proverbial click of a mouse. But we're also aware of the threat of malware and viruses, so we exercise caution before clicking on links from unknown sources.

We encourage colleges and universities to do the same. Don't shy away from taking advantage of these valuable tools. As channels of communication, they can help keep you connected to constituents more effectively than e-mail. But you must still educate users in how such applications can be abused.

In the "Friend or Foe" article, security consultant Kurt Bertone says, "The truth is the technologists can do their best, but it's not as effective as people taking responsibility for their own actions."


Write to Tim Goral at