When we attended the EDUCAUSE Conference several weeks ago in Philadelphia, we learned about major changes and expectations from IT professionals in the education sector. Top IT issues included being cyber-everywhere, modernizing systems, and the move to the cloud. For 2022 and beyond, institutions are looking at new technologies and solving new challenges, which we've included below in our key takeaways from our time in the City of Brotherly Love.
COVID-19 made permanent and temporary changes
Ever since COVID-19 shutdown many universities during 2020, educational institutions have been struggling to find a footing. Online classes presented issues for students and faculty, and with the shift to going remote happening so quickly, both parties found it difficult to adjust. As we enter 2022, online classes are becoming the standard as more students choose remote learning over in-person learning. These changes open up a whole new world of security risks, leaving many institutions with cybersecurity concerns for the upcoming year.
Convergence of MFA Solutions
Universities are complex ecosystems with multiple entry points and applications for multiple user profiles. Currently, many universities use multiple point solutions for requirements around multi-factor authentication, for example by combining Microsoft Authenticator and DUO Security, but many problems have arisen from using two separate systems, not to mention the high total cost of ownership. Often one method will work for only a subset of the institution's users, forcing them to continue to "bolt-on" additional MFA solutions and methods. Universities are now looking for a consolidated system to be more secure, user-friendly, adaptable, and flexible to accommodate all their users including students, faculty, and staff.
Lacking IT Support & Investment in Cyber
The education sector continues to under-invest in cybersecurity. While a research study by Osterman Research revealed that 96% of IT decision-makers in education believe their organization is susceptible to external cyberthreats, institutions still struggle to find the budget and talent to expand on their cybersecurity strategies. In fact, one of the universities we spoke to during the conference only has two people for their IT department, supporting thousands of users.
Institutions are Collaborative
Education institutions are collaborative, working with their peers to solve cyber challenges. With the entire education sector under cyberattack, institutions look inwards to figure out best practices from each other to avoid these pitfalls. Real-world scenarios are now critical moments that the industry can learn and improve from. At the conference, there were many first-hand experiences shared by IT professionals who have experienced an incident and those looking to prevent them. The EDUCAUSE conference gave them the opportunity to connect and exchange ideas about existing technologies, how the landscape is going to change, and discuss recent responses to cyber threats.
Better Student Experience
For many students, attending university is a big step in their lives, and the experience they have during it is important to them. Having a better student experience, both online and on-campus has become a differentiator when a student chooses a university. A major challenge for institutions is how to make their student experience stand out from the rest. For example, 3D-rendering mapping can improve a freshman’s online experience to seek out classrooms and get to know the campus.
With most of the student experience now online and supported by multiple applications, the login experience, how they gain access must be seamless. Pressuring students to enable MFA for their login and offering a “one size fits all” authentication method can quickly frustrate students and ruin the first impression of their online experience. Students, faculty, and staff all want flexible options. For example, students may prefer a phone-based option while faculty do not carry smartphones on-campus. Institutions are focused on the flexibility and usability of authentication methods.
Multi-factor for Cyber Insurance
Maintaining cyber insurance and fulfilling cyber insurance requirements are a driving force behind institutions looking to implement MFA for all users. With many attendees stopping by it was clear the rush to implement MFA has added pressure to the situation and the need to find a solution. For example, one IT Director said he had a month to implement MFA for every user after his procurement department failed to share the new requirements provided by their insurance company. Institutions are struggling to find the right solutions that are within their limited budget to meet these demands.
Great to Connect at EDUCAUSE
Overall, attending EDUCAUSE was very eye-opening as it exposed many common trends for higher education institutions and their IT teams. People were happy to finally attend a conference in person, albeit with social distancing, and it was great to connect with a large mix of representatives from small, medium, and large universities. Throughout 2022, it will be exciting to see how these trends continue to evolve and we are looking forward to working with higher education institutions as they tackle many of these challenges.
In this whitepaper, we look at the cybersecurity threats the education sector faces and highlight new security solutions, like different methods for multi-factor authentication (MFA).
Download this whitepaper to learn more about:
• The education sector's characteristics making it susceptible to cyberattacks
• How elevated security protections without improving convenience will fail
• Best practices for cybersecurity preparedness