From financial aid information to social security numbers, students regularly share private information with their universities trusting that the university will keep it safe. That’s why it was disappointing when three major universities this summer disclosed that students’ information had been compromised. Private information including social security numbers, addresses and financial aid information were all sitting in email accounts thanks to email exchanges between students and staff. Email is easy to use, so it makes sense that universities gravitate towards it but when students trust universities with private information, universities have to protect that information.
Email Doesn’t Cut it
Think of email as sending a postcard. Anyone can see it, anyone can copy it, and anyone can write on it. Email is fundamentally insecure because it isn’t encrypted and stores information by default. You can use email security software to protect your mailboxes but even those can be easily decrypted (our CEO goes into detail on that here). That means that third parties can read emails in transit and even change their contents. Private information that gets sent over email just sits there, waiting to be discovered by anyone who accesses the account, like in the case of the universities who reported the breaches this summer.
That isn’t to say universities should never use email. In some situations, email makes a lot of sense—like a university-wide announcement about an upcoming event. But when it comes to protecting students’ private information, email isn’t the way to go.
Protecting Students’ Private Information
Protecting students’ information is about using the very tools email doesn’toffer: encryption and secure storage. Any conversations about students about topics like financial aid, healthcare, or other sensitive information should always be encrypted and happen over a closed network. The information should never remain on multiple devices or servers—instead, they should be kept in a single, protected repository so that the university can ensure it is meeting its students’ expectations and trust.
Communicate Securely and Quickly
Students expect their private information to stay secure when they share it with universities but both staff and students need an easy, efficient way to share that information. In the past, sharing private information meant meeting in person to ensure the information stayed safe. Today that’s no longer true. Secure communication has become as easy to use as email or text messaging. With Vaporstream, university staff and students can share confidential documents over phones, tablets, and laptops without any risk of the information being accessed by a third party. The kind of breaches that occurred this summer—where hackers accessed sensitive information sitting around—simply can’t occur with Vaporstream. Students can share private information with their universities and universities can guarantee that the information stays protected. See what we look like in action here.
*** This is a Security Bloggers Network syndicated blog from Vaporstream authored by @vaporstream. Read the original post at: https://www.vaporstream.com/blog/universities-and-secure-communications/