Survey data from IT security professionals in education highlights flexible cybersecurity policies and company culture as source of risk
Apricorn, the leading manufacturer of software-free, 256-bit AES XTS hardware-encrypted USB drives, announced findings for the education sector from the Apricorn 2021 Global IT Security Survey. According to the survey, the education industry has a greater risk for cybersecurity breaches and data loss than other industries due to limited IT security policies related to remote work, as well as a lack of concern about security threats from employees. In fact, 69.4% of respondents say employees at their organizations don’t think of themselves as targets that attackers can use to access data, compared to 37.5% in information technology (IT).
Recommended ITech News:  Google Cloud Region Goes Live in Delhi NCR in India
“Educational institutions house a significant amount of personal data about students including health information, social security numbers, and parents’ payment information, all of which is at risk,” said Kurt Markley, U.S. Managing Director, Apricorn. “Student data is a highly sought-after target for identity theft because it can go on undetected, leaving damaging results for children and families. It’s critical that educational institutions reevaluate their security practices regarding remote work. The remote learning of the past year–which expanded third-party app and device use–means organizations have to double-down on data security efforts now and into the fall semester.”
More than 400 respondents completed the survey which compares various industries’ cybersecurity policies in relation to remote and hybrid work. The education industry consistently lags behind other industries like manufacturing, healthcare, financial services and IT when it comes to implementing policies around data security and lost/stolen devices. Notably, only 26% of respondents in education agreed they have lost/stolen device policies in place compared to 55% in IT.
Recommended ITech News:  Free Email Security Monitoring for the First 10,000 Microsoft 365 Admins Who Register for Powerful New App
Many education institutions will be returning to in-person instruction in the Fall, however most survey respondents in the education sector (90.77%) stated a hybrid work-option exists. When asked about policies and procedures that have been put in place regarding transporting devices and data, organizations in education demonstrated a trend of allowing employee-choice when it comes to policy adherence. More than half of organizations allow the use of personal USB devices and only 20% require encrypted hardware, compared to an average of 52% for other top industries.
“Utilizing data encryption and developing a culture of security is essential to mitigate cybersecurity risks in education,” added Markley. “The past year has shown us that students’ ability to learn is reliant on technology. With the plethora of third-party apps, virtual learning platforms and other digital tools being used by schools and educational institutions, administrators need to be sure student data is protected and that employees in the industry are educated about IT security risks and how to prevent them.”
Recommended ITech News:  Semtech Successful Collaboration With the Swiss Post Results in Universal Postal Service
