University and college campus electronic security presents special problems for information assurance (IA) specialists.

The culture of academia is not inherently supportive of restrictions on access to knowledge and information compartmentalization. Academic institutions have faced legal challenges over violations of intellectual property rights by students and faculty. In many institutions, security policies are weak or vague because of control by faculty members who have limited understanding and less interest in security.

Even where there are policies in place, academic information security officers constantly face challenges from innovative and rebellious members of their communities who find technical ways of getting around technical barriers intended to maintain those security policies.

Dartmouth College, in Hanover, N.H., has a history of computing that dates to a demonstration of remote computer access over telephone lines by Bell Labs’ George Stibitz in 1940, through the creation of the BASIC computer language by former professors John Kemeny and Thomas Kurtz in the 1960s (Kurtz was one of my PhD examiners in 1976), to the present as one of the first campuses to offer ubiquitous wireless network access.

Dartmouth College will host its second conference on "Securing the eCampus: Building a Culture of Information Security in an Academic Institution" Nov. 11-12, 2008. Focusing on the unique challenges of cyber security in academia, the conference welcomes CIOs, CISOs, and other academic IT leaders to discuss and explore what it takes to develop a more secure information environment on college campuses.

This workshop is co-sponsored by Dartmouth’s Institute for Security, Technology, and Society and Dartmouth’s Computing Services Department. 

Ellen Waite-Franzen, vice president for IT and chief information officer at Dartmouth and a co-host of the event, notes:

“When I started in this business, we all knew that computing technology was exciting, fast-moving, and sometimes risky. But the risks 10 years ago were nothing like the exposures we face today. Today, the lives of our institutions depend on network services at every single level, and it's critical to constantly review security best practices and consult with our colleagues to maintain the computing trust of our constituents.”

M. E. Kabay, PhD, CISSP-ISSMP, specializes in security and operations management consulting services. CV online.