For the annual EDUCAUSE Conference, which was held from October 22 - 25, 2022, we set off to Denver to discuss today's prominent topics in cybersecurity for higher education institutions. The BIO-key team connected with a range of colleges and universities to explore the major cybersecurity challenges and pain points many are experiencing, as well as the opportunities ahead to overcome these barriers.
After days of engaging in conversation, we gathered the most popular topics and compiled a first-hand list of cybersecurity trends in higher education for 2022.
Trend 1: Higher Education Still in Early Stages of IAM Journey
Simply put, many higher ed institutions are struggling to implement a unified Identity and Access Management (IAM) strategy. Regardless of the size of the institution, many described having a piecemeal approach in place for their IAM strategy caused by gaps in solutions from multiple, existing vendors that needed to be aggregated or solutions gaps from a single IAM vendor. On top of the inherently complex and at times overwhelming nature of IT decision-making, education institutions are also dealing with incredibly large numbers of identities. IT teams at colleges and universities are tasked with cleaning up accounts and tackling accounts that continue to live far past the student's enrollment. Thus, before they can achieve aggregation to a single Identity Provider (IdP), higher education institutions must clean up hundreds of thousands of accounts.
"We saw many higher ed institutions rolling out homegrown solutions, like student portals and custom Single-Sign On (SSO) and Multi-factor Authentication (MFA). While deploying this type of cybersecurity program is largely for financial purposes, these 'free' options often lack sufficient security, require a tremendous number of resources to manage and maintain, and do not work for all users. Over the course of the week at EDUCAUSE, we were able to have some great conversations with a broad range of colleges and universities about how BIO-key can support their IAM journey." - Kim Biddings, VP of Product Marketing, BIO-key.
Trend 2: Unique Multi-factor Authentication (MFA) Scenarios
The COVID-19 pandemic has drastically changed the learning environment for students, particularly in higher education. First and foremost, the notion of college campuses as singular, physical space is almost entirely a thing of the past. Over the past two years, there has been an explosion of remote learning - and with it comes a disparate student body and a greater need to secure remote access. Secondly, in part as a result of more scattered student bodies, access to offline learning has become more important to higher education than ever before. When students need to be in the cloud or using school WiFi, a large portion of students learning remotely miss out on their education entirely.
Trend 3: Lacking Investment and Support in Cyber Resources
Many higher education institutions are seeing massive decreases in student enrollment. As a result, higher ed administrators are being forced to make difficult funding decisions around key resources across the board. With thin budgets, many colleges and universities are simply looking for the most affordable option on the market. These options, however, often fall far short of meeting today's cybersecurity standards, and, in turn, IT teams turn to a piecemeal or 'stop-gap' approach to their security. Additionally, many IT and cybersecurity professionals familiar with legacy security solutions are now retiring, and higher education must deal with a massive wave of turnover and recruit new cybersecurity talent with modern-day cybersecurity skills.
"While many higher education institutions we spoke to were experiencing massive budget cuts, we also saw that many colleges and universities were unknowingly - and unnecessarily - wasting valuable IT money. One educational institution, for example, was spending $1.2M a year on password resets. This was alarming to hear, but also a great opportunity to show them how implementing a simple self-service password reset solution could allow them to allocate that money elsewhere." - Kim Biddings, VP of Product Marketing, BIO-key.
Higher Education Cybersecurity: The Bottom Line
By the end of the week at EDUCAUSE 2022, it was clear that colleges and universities of all sizes need to affordably aggregate their security solutions. The learning landscape looks completely different today than it did even five or ten years ago, but higher education is not keeping pace accordingly. On top of the many challenges described in this blog, the education sector also faces some of the strictest regulations and compliance standards in order to best defend a cyber incident. They're responsible for handling and protecting sensitive and private student data.
For decades, we've been working hand-in-hand with leaders in higher education to provide tailored cybersecurity solutions that work for everyone, anywhere, all the time. Colleges and universities should not have to choose between paying high costs or increasing their cyber risk to potentially experience a data breach. We look forward to partnering with even more higher education institutions to help solve their security needs in the coming year and beyond.
Interested in hearing more about our work with higher education? Check out our Cybersecurity in Education eBook to explore case studies, customer success stories and details on BIO-key solutions.
