IT in the Campus (cont.)

Technology executives in colleges and universities lead by convincing, not commanding--and must balance security with academic freedom

Kevin Roberts, CIO, Abilene Christian University

Adding to the pressure is the fact that some hackers target academic systems because commercial CIOs, under pressure from new security laws and regulations, "are cleaning up their act," notes Burd. Her study showed colleges and universities haven't done as well in improving their security. It found that fewer than one quarter of the 72 academic security professionals interviewed have a formal security policy. Over the last year, more than half of those surveyed indicated their penalties for violating campus security policies have been either nonexistent or inconsistent.

Burd, now a risk mitigation consultant for security and information technology consultancy igxglobal Inc., says it will take a "unifying carrot or unifying stick" to convince colleges and universities to tighten their security. One motivator, she suggests, would be a requirement that colleges and universities meet at least minimal security standards before receiving federal research funding. Such a funding requirement "is most likely the only way" to encourage compliance with such security rules, agrees Bockholt.

Cost-effective solutions

The innovative use of new technologies is helping some academic technology executives cope with such challenges. Bockholt, for example, says, "it's far easier to encourage the use of new security tools if they clearly make life better for everyone." Symantec Brightmail AntiSpam has reduced the amount of spam users receive by about 70 percent since its deployment in 2006, he says. Because Brightmail also reduced the number of false positives (which required the university to transmit even spam to users), the school has postponed about 250,000 euro (or about US$337,000) in email-related server, storage, and backup upgrades, he reports.

At Abilene Christian University, one of the moves Roberts is most proud of is switching from an older email and calendar system to Google's more familiar and user-friendly Web-based equivalent. At NUS, Hor transmits students' grades via SMS (Short Message Service) so they can receive them on their cell phones anywhere in the world, an important touch for a school in a global competition for students.

For those who can balance the demands, the academic IT environment can provide unique rewards as well as unique challenges. "Higher ed is hands-down the most rewarding industry I've ever worked in," says Roberts. "It's a dream job; I relish getting up in the morning and coming to work."