skip to main content
Close Icon

In order to deliver a personalized, responsive service and to improve the site, we remember and store information about how you use it. This is done using simple text files called cookies which sit on your computer. By continuing to use this site and access its features, you are consenting to our use of cookies. To find out more about the way Informa uses cookies please go to our Cookie Policy page.

Global Search Configuration

Ovum view


A former student at the University of Iowa has been arrested for installing keyloggers on campus computers to record his professors’ keystrokes, gaining information to improve his grades 90 times in 21 months. The case highlights the need for more attention on insider threat in higher education.

Higher ed has unique IT security challenges

Colleges are keen to maximize wireless access across campus but don’t necessarily abide by wireless security rules, and even if they do, a lot of users are not aware of these rules, making their machines susceptible to becoming wireless bridges. Add in the fact that the internet has shredded notions of personal privacy, while cutting and pasting has seriously undermined the concept of plagiarism, and you begin to see the extent of the problem.

The Iowa case should give institutions pause. A tech-savvy kid gamed the system, and colleges must guard against such insider exploits. In this case, the miscreant was discovered, perhaps because of his sheer persistence or lack of knowledge about existing monitoring systems, but imagine a scenario where the misbehavior was more widespread, benefiting multiple students, and was only discovered much later. Imagine having to recalibrate all degrees awarded for an entire year, three years after data theft took place, for instance.

Security teams cannot rely on the professors, who may be Nobel Prize winners in their fields but won’t necessarily have a clue about IT security, so technology is needed to detect and remediate. Endpoint detection and response (EDR) technology, part of a broader endpoint protection platform (EPP), needs to be in place.

College IT teams are doing their best with the small amount of security resources available, but small teams and small security budgets are always going to hinder their efforts.



Rik Turner, Principal Analyst, Infrastructure Solutions

Recommended Articles


Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700

Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

+44 (0) 207 551 9047 - Operational from 09.00 - 17.00 UK time

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 7770704398 or email us at

Contact marketing -

Already an Ovum client? Login to the Knowledge Center now