Information Technology Security: Governance, Strategy, and Practice in Higher Education

Published:: Friday, October 24, 2003
: Briefs, Case Studies, Papers, Reports

Author(s) and Contributors:: Author(s): Bob Kvavik John Voloudakis Judy Caruso Richard Katz Paula King Judy Pirani

Source(s) and Collection(s):: Sources(s): EDUCAUSE Research Collection(s): Research Report

ParentTopics:: Incident Management and Response Information Security Governance IT Governance Security Awareness Cybersecurity Policy Security Policies

Abstract

U.S. higher education institutions have historically enjoyed a culture of open access to information. The free flow of information faces increasing challenges as concerns about information security continue to mount. This study examines how higher education is coping with the growing cost of information technology security and with the tensions between preserving confidentiality, ensuring data integrity, and maintaining an academic environment in which information is easily available to authorized users. The study reports the results of a quantitative survey of 435 higher education institutions as well as interviews with 42 technology executives, managers, and faculty members at 18 institutions. Companion publications include case studies on incident management and information technology security at six institutions.

Table of Contents
Entire Study	Information Technology Security: Governance, Strategy, and Practice in Higher Education
	Foreword
Ch. 1	Executive Summary
Ch. 2	Introduction
Ch. 3	Methodology and Participant Demographics
Ch. 4	IT Security Technologies Implemented by Higher Education Institutions
Ch. 5	Organization, Leadership, Policies, and Awareness
Ch. 6	IT Security Planning and Practice
Ch. 7	IT Security Incidents, Response Practices, and Procedures
Ch. 8	IT Security Program Success: What Matters
Ch. 9	Effective Practices and Lessons Learned
Ch. 10	Present and Future Alignment of Security Practices
Appendix A	Interviewees in Qualitative Research
Appendix B	Institutional Respondents to the Online Survey
Appendix C	Glossary
Appendix D	Bibliography

Case Studies
Incident Response: Lessons Learned from Georgia Tech, the University of Montana, and the University of Texas at Austin
Information Technology Security at Indiana University
Information Technology Security at MIT
Information Technology Security at the University of Washington

Online Supporting Materials
Survey Instrument
Key Findings
Roadmap

Download Resources

Download PDF
Survey Instrument
Download PDF
Entire Study
Download PDF
Key Findings
Download PDF
Roadmap