Student data breach a lesson in security

By: Jorge Valens / Staff Writer

No one likes receiving a letter that says a server sitting in a room somewhere was hacked and personal information might have been compromised.

The University announced in September that servers used to store sensitive student information were hacked. A smiley-faced emoticon served as the only evidence of the crime.

Standing outside looking in, I really do not know what types of security the University used to protect this server. It would be unfair to say that it was solely at fault for this smiley-faced security breach. However, just because the University was not completely to blame does not mean it should not learn from the experience.

A security breach is still unacceptable. Those responsible at the University should always assume that world-class hackers are out to download the information on their servers, and protect them accordingly.

From the moment someone becomes a student to the moment they graduate and are added to the obnoxious alumni mailing list, their information needs to be safeguarded.

The act of accepting that information is an agreement. Storing my information and using it to make things like registering for classes easier for all parties gives the University a responsibility to protect it.

Security breaches are not uncommon in the fast-paced world of information technology. Everyone from Sony’s Playstation Network to the Pentagon has experienced a large and embarrassing security breach. In this overly connected world, it’s part of the game.

A hacker with determination, experience and resources can break through most anything with the right amount of time. The Playstation Network was down for months after its systems were compromised while teams assessed the damage.

In exchange for convenience, we sacrifice a lot of our personal information. Rather than walk in to the gas station to pay in cash, we now can pay outside with debit cards. Instead of going to the bank to deposit a check, we now use our smart phones to deposit and move money around.

A person has limited control over their information on a server somewhere, but keeping an eye on bank statements and credit reports can go a long way in catching a hacker before it gets worse.

This is a situation where everyone involved learned something. The University learned about its vulnerabilities while students and faculty learned that when it comes to the Internet, you can never be too secure or secure enough.