In today’s educational landscape, universities and colleges face distinct identity and access challenges unlike those encountered in retail and other commercial environments. And while retail, financial services, and the like are generally viewed as higher-risk from a cybersecurity point of view, the risks to higher education are just as critical. In fact, higher education “accounts for 17 percent of all reported data breaches, ranking second only to the medical industry,” according to Privacy Rights Clearing House. In this first post of our two-part series, we will take a look at some of these  challenges that are unique to higher education.

Today, I want to look at one of the ways that RapidIdentity allows administrators to automate tedious and cumbersome tasks. I’ll demonstrate a way to analyze Windows domain controllers for the presence of a specific software installation and also provide the entire RapidConnect action at the end of the post, so that you can modify it to fit your needs.

As the higher education landscape evolves, the community college system is growing in importance. For example, it is now commonplace for community college campuses, such as Houston Community College (HCC) and California Community College System, to serve as physical locations for associated state university classes. With this partnership in place, state universities can increase revenue and serve a broader student population, working to educate students who previously would not have been able to attend university classes.

In a recent analysis of the top 1,000 global companies, 97 percent were found to have had leaked credentials that were made publicly available on the Web. While this statistic is disturbing enough by itself, what is more troublesome is how that information is captured and made public.

Many leaked credentials come as the result of an organization suffering from a data breach, but another method that attackers are using is to steal credentials from a third-party source, similar to what happened when Spotify and Pandora were attacked. In both of these incidents, corporate emails used to sign up for accounts were either published or sold. Dating and adult websites are also common places where corporate emails are inappropriately used to create accounts, resulting in more than 300,000 corporate or government worker email addresses being exposed.

Are you using an identity and access management (IAM) solution designed for the enterprise to manage user identities and access privileges at your community college or university? If so, then you’ve likely already run into some serious difficulties—and if you haven’t yet, it’s only a matter of time. An increasingly complex IT environment and growing number of users that require access to systems and data have made user identity and permissions management more challenging than ever, particularly in higher-education institutions.

One of the most concerning trends for 2016 seems to be "Another day, another healthcare data breach." Breaches are becoming an all too regular occurrence and not just among healthcare providers. Retailers, credit and financial institutions, entertainment giants, and even governmental agencies are falling prey to the hackers, and in many cases are allowing access to very private customer data, at an alarming rate.

Quick. Think fast! Which industry is the most under attack by cybercriminals?

If you guessed the financial sector, which has historically been the most targeted industry, then it’s time to update your understanding of today’s cybersecurity threats because retail has taken the top spot, according to 2016 NTT research.

Recently, one of our RapidIdentity customers ran into a conundrum. While the customer heavily uses RapidConnect to synchronize their various application and authentication identity sources, they awoke to a mass Email stating that during their morning provisioning the displayName attribute on every user in their environment was changing!

Compliance with the Payment Card Industry Data Security Standard (PCI-DSS) alone does not ensure security against data breaches and stolen payment card records. Even the PCI-DSS website defines the standard’s priorities as helping: