Is Cloud Security a Good Investment for Colleges and Universities?

[fa icon="calendar"] Sep 29, 2016 9:22:33 AM / by Bob Mitchell

college-students.jpgIt wasn’t that long ago —around five years — that major industries, including higher education, had just started discussing cloud computing. Corporate CIOs pledged to never put mission critical systems out on the cloud, but that thinking has shifted today.

Why Higher Education Invests in the Cloud

Cloud computing, which delivers scalable IT resources over the Internet, as opposed to hosting and operating these resources locally on servers and networks, includes both applications and services, as well as the infrastructure on which it once operated.

With that shift, many colleges and universities have seen the value in placing things in the cloud as a way of conserving storage space and more effectively using its technology only when it’s needed; calling upon the cloud services only when an application or service is required.

However, higher education has unique constituents that require a perspective that might be seen in the corporate world. For instance, higher education’s strong commitment to the student. And when those students walk onto campus, they bring their own devices and expectations about how and when they want to use them.

According to Saulo Bomfim at Ellucian Cloud Services, college and university IT departments must provide interoperability between areas of the campus and to other students. Higher education also brings a complex financial model and includes a highly participatory decision-making model.  The uniqueness of cloud computing in higher education is clear.

However, with these investments comes a specter of concerns.

Security Concerns

Unauthorized access, dissatisfaction with security tools in the cloud, and compliance, security visibility and policies round out the concerns for many technology executives who have moved some technology to the cloud. These concerns and others were outlined in the 2016 Cloud Security Spotlight Report.

Holger Schulze, founder of the Information Security Community on LinkedIn, said, “as organizations look to cloud computing to reduce IT costs, increase agility and better support business functions, security of data and applications in the cloud remains a critical requirement.

“The 2016 Cloud Security Report indicates that as organizations increase investments in cloud infrastructure, they want a similar level of security controls and functionality to what’s available in traditional IT infrastructures,” Schulze said. However, they are finding traditional security tools ineffective in the cloud. “In a shared responsibility model, this is an opportunity for organizations to implement effective cloud security solutions to strengthen their security postures and capitalize on the promise of cloud computing.”

Susan Grajek, vice president of data, research and analytics at EDUCAUSE, a high education non-profit that advances higher education through IT, says the technology environment in higher education is shifting with many leaders now paying much closer attention to data security.

Security incidents, breaches and stolen identities continue to escalate and is why security is a top priority in higher education.

While cloud computing is a good thing for colleges and universities, it requires much more thought from a security perspective.

One such suggestion is a Cloud First Strategy. Using Cloud First, all new services are deployed in the cloud whenever possible. The Cloud First strategy focuses the value of limited IT resources on delivering the most business value to the University.

In Cloud Strategy for Higher Education: Building a Common Solution, the authors outline some examples of cases where cloud computing works effectively: in alert notifications; authentication, authorization and accounting; and education apps.

All of this surrounded by increased security.


Read about the advantages of node-based cloud security

Download Now

Topics: Higher Education

Bob Mitchell

Written by Bob Mitchell

Mr. Mitchell is an experienced technology journalist, managing editor, freelance writer, and marketing communications professional. He served as managing editor of ADVANCE for Health Information Executives, until it met its untimely demise in 2010. He writes for his personal blog C-Cookies, where he continues his passion of writing about topics at the intersection of IT and health care.