January 19, 2015
Common Information Security Threats involving Ethical and Legal
Technologic advances occur at a rapid pace, with new devices coming out at frequent intervals. These new devices are appealing to college students who want to do everything as quickly and easily as possible. Because of the numerous smartphones, tablets, and laptops used by students and employees, college campuses face various security issues from mobile devices that connect to the network, often unintentionally.
Identification of Threats
There are many threats a network faces when the IT department allows students to connect to the network or Internet using mobile devices. Some threats affect the campus network only, while other threats directly affect students or employees. For the campus network, threats include
Social media vulnerabilities,
Unauthorized access to employee or student information, and
Email attacks (phishing)
For students, the main threat comes from identity theft, often a result of inappropriate practices connected to social media and email attacks. Often, attacks to a college network occur because of unintentional and misguided errors from students.
Students use mobile devices, ranging from smartphones to tablets to laptops, to access class schedules, grades, email, and social network sites. Many devices have the capability to store user ID’s and passwords but personal security measures on these devices are not stringent, making it easy for an unauthorized person to intercept this information. Even though a college computer network may have numerous levels of protection, the system cannot easily track student authentication when mobile devices are used. This lack of authentication provides easy access for even a semi-skilled hacker to the user ID/password combination. Once the hacker has this information, he or she can take over
References: Conklin, W. A., White, G., Williams, D., Davis, R., & Cothren, C. (2012). Principles of computer security: CompTIA Security+™ and beyond (3rd ed.). New York, NY: McGraw Hill. Whitman, M. E., & Mattord, H. J. (2010). Management of information security (3rd ed.). Boston, MA: Course Technology. Whitman, M. E., & Mattord, H. J. (2011). Readings and cases in information security: Law and ethics. Boston, MA: Course Technology.