[an error occurred while processing this directive] [an error occurred while processing this directive]

Press Release:
University Data Under Siege

November 2002

“Bits get to the future one day at a time”, according to Clifford Lynch of the Coalition for Networked Information, “but they may not be the bits you intended to send there.” Given the insecurity of online information systems, those bits may have been replaced with something else by an amused hacker.

An international expert on Internet infrastructure and applications development, Lynch noted that the net “has become an astonishingly hostile environment in the last five years”, and that “the systems at our university campuses are being continually probed for weaknesses”. As a result university technology and records experts are concerned about their ability to maintain accurate and authentic electronic records for audits, business continuity, and institutional memory.

David Sobel of the Electronic Privacy Information Center noted that student and faculty privacy is another area of concern for universities. “As more and more information becomes available, becomes accessible, there are more and more entities and individuals who are going to seek access to that information. For that reason, the creators and maintainers of the information are increasingly going to have less and less control over how that information is used.”

“The huge quantities of data being produced at universities and insecure information systems expand the opportunities for unauthorized or inappropriate use of information. Unfortunately, recent proposals for development of secure computing technologies focus more on rights management for software and entertainment content than for business records and personal information”, said Rob Spindler, co-chair of ECURE 2002: Preservation and Access for Electronic College and University Records.

Colleges and universities across the nation must balance access and academic freedom with security. Educational institutions work to actively defend their information systems, but like any large business it is difficult to secure all the systems all the time, especially when sensitive content is retained in desktop machines not managed by professionals. “We’ve turned our faculty members and our graduate students into systems administrators in their copious spare time“ said Lynch.

Representatives of several colleges and universities shared strategies for balancing security and access at ECURE 2002. Now in its fourth year, ECURE has many related presentations on its website at www.asu.edu/ecure. The fifth ECURE conference will be held March 1 - 3 2004, on the Arizona State University campus at Tempe, Arizona.

Contact:

Jeremy Rowe, ECURE co-chair, jeremy.rowe@asu.edu
Rob Spindler, ECURE co-chair, rob.spindler@asu.edu