Communicating the benefits of IT security in higher education


As part of my job I spend a lot of time on college campuses talking with administrators, faculty and staff. One of the special things about higher education (for good or for ill) is the decentralization of basically everything.  Since many parts of a college or university have control over their own funding they run a lot of their own systems.  Right down to things like email servers.  This decentralization can often lead to exposure for IT breaches.

With an increased focus on data privacy and security (even the President is talking about it) how do administrators get everyone on board?

  • Avoid FUD (Fear, Uncertainty and Doubt) tactics, but do articulate the risks and costs to both the institution and individuals (faculty, administrators and students) of a data breach. Each group will be impacted differently, from costs to the institution, potential loss of research and compromise of research data for academics and loss of individual privacy for students. The impact must be understood for end users to change current behaviors.
  • Communicate that the provided services meet the academic communities’ needs. Whether it be seamless file sharing or collaboration solutions, end users will gravitate towards the solutions that are easy to use.
  • Involve the campus community in the assessment of needs and deployment of IT solutions. A shared ownership in the end product increases the likelihood that the community will use the central services and encourage others to do the same.

The above is from a post on cybersecurity I wrote for Take a look and let me know what you think.