Does your university have a shadow IT problem? The answer is most likely yes. Higher education institutions across the country are struggling with shadow IT challenges resulting from devices, services, and software residing outside of IT’s control and/or ownership.

Your organization likely realizes the unfettered access that traditional IT privileged accounts provide and has taken proactive steps to lock down access to these accounts. But what about critical business systems that offer the ability to cause reputational damage or that provide access to monetizable data, such as protected health information (PHI), credit card numbers, and social security numbers?

With the explosion of the number of cyberthreats, higher education institutions are struggling to secure their IT infrastructures in the face of limited budgets and staff. Add to this the decentralized nature of these institutions, and you have a recipe for cyber disaster.

Traditionally, privileged accounts are IT-based and have special active directory (AD) attributes. IT administrators use them to log into servers, switches, routers, and applications and perform tasks without restriction.

Legacy security systems focus on protecting these AD privileged accounts, and with good reason: Once obtained by hackers, the accounts can be used to access the most sensitive data, lock out legitimate users, and create ghost accounts and back doors that are not easily seen.

In our last post, we discussed the cybersecurity talent shortage and its impact on the IT industry. The enormous gap between the industry’s needs and the actual pool of qualified employees has left many IT departments and security teams with a shortage of qualified personnel, resulting in an overwhelming workload that only exacerbates security events and data breaches.

No single access methodology can effectively manage every access use case across an organization. While Role-Based and Attribute-Based Access Controls (RBAC and ABAC) can cover the majority of a given user’s access needs, neither method is ideally suited for every use case; there will always be exceptions.

If you are thinking of moving to the cloud or have already started that transition, you’re in good company. An impressive 80 percent of school districts are using cloud-based software. It’s easy to see why.

The cloud offers many benefits for students, educators, and administrators. Students are able to learn technology skills, collaborate with other students, hold group discussions online, and get valuable information from outside experts.

There have been a slew of major data breaches in recent years. The number of records exposed in data breaches last year alone reached 174.4 million—close to five times the 36.6 million records exposed in 2016, according to the Identity Theft Resource Center.

At the end of 2017, the first deadline passed to comply with a new set of federal regulations that will force colleges and universities that enter into contracts with federal agencies to tighten their cybersecurity practices. The Department of Education has made it clear that it will compel universities and colleges to comply with NIST’s Special Publication 800-171, which is designed to protect the confidentiality of controlled unclassified information (CUI).

Identity Automation supports OpenID Connect (OIDC), a modern and secure authentication protocol based on OAuth 2.0 authorization framework. Our customers can now use OIDC with RapidIdentity products and services, including Single Sign-On (SSO) and Multi-Factor Authentication (MFA).