BitSight Insights, an industry standard in security ratings, released a 2014 report on collegiate cybersecurity, revealing just how vulnerable students are to attack. According to the report, “These institutions are also a gold mine of information, from faculty and student Social Security numbers to football fans’ credit card information and sensitive intellectual property.” This data, combined with a “Bring-Your-Own-Device” culture, can breed an environment ripe for hacking.
Students have a lot to lose, too. MyBama accounts control finances, email accounts, course schedules and contain valuable personal information like Social Security numbers.
“In short, blackhat hackers could ruin your life,” said Matthew Leeds, a sophomore majoring in computer science. “It’s very important to use strong, unique passwords and difficult security questions on any service that’s important to you. You can accomplish this by doing variations on a base password for each domain, or using a secure password manager with a two-factor authentication enabled.”
“You could also simply use a pass phrase,” said Luke Zahorik, a freshman majoring in computer science who said he intends to specialize in cybersecurity. “Short, cryptic passwords may be harder for you to remember but they’re easier for a computer to guess. Try a full sentence instead, complete with capital letters and spaces. It’s easier to remember, and far more effective.”
Students’ myBama accounts are not their only area of weakness, however. BitSight regards malware like Trojan viruses and Flashback as very destructive to personal computers.
“Apple computers are often at the greatest risk because of their popularity on college campuses combined with the incorrect belief that they cannot get viruses,” Zahorik said.
Zahorik said smartphones are at risk, too.
“Lots of people forget that smartphones are computers too,” he said.
Students can help protect themselves by downloading antivirus apps, such as “Lookout,” from the App Store.
While UA students face security risks online, they are better off than many other college students in the U.S. According to the BitSight report, the SEC ranks No.3 in school security, with a score just four points lower than the Ivy League’s.
The University also uses WPA2 Wi-Fi, one of the most secure network types, Zahorik said.
“The benefit of WPA2 is that all users on the network have to have a registered login,” he said. “That way, dangerous activity can be more easily traced to an individual.”
The University of Alabama’s Office of Information Technologies posts security alerts online to keep students and faculty members aware of the most recent threats to their technology. Additional resources about cybersecurity safety can be found at oit.ua.edu/oit/security.