Data breaches are unfortunately being carried out left and right, and nobody is spared in the process. This fact was illustrated recently when a series of universities fell victim to attacks on their internal infrastructures that contained highly privileged student and faculty information. The breaches occurred all over the country, from Maryland to Indiana to North Dakota, according to The Chronicle of Higher Education.
Among the largest was a breach on a University of Maryland database containing student and personnel records. The attack ended up impacting more than 300,000 people. Attacks like these come at no small cost to the organization they impact. According to privacy breach specialist Paul Nikhinson, the dollar toll for the Maryland breach may end up running into the multiple millions – since it includes investigating the attack, paying legal fees and offering free credit monitoring for all the victims (a standard practice for breached enterprises).
In the wake of the attack, one thing is certain: Maryland does not want something like this happening again. As a means of coping with the breach and preventing a future data incursion, Maryland is moving its operations to the enterprise cloud.
Maryland selects enterprise cloud to smooth out operations moving forward
When a major breach happens, it does not stop at the organization. It usually continues through courtrooms, and even occasionally to Congress. And it was in the chambers of the Senate Commerce Committee that Maryland's president William Loh recently admitted his school was unprepared for the breach.
As far as the university's response to the attack, "We were just flying by the seat of our pants," local CBS affiliate WUSA9 reported him as saying.
One of the main problems with the university before the attack is that it was using an internal IT platform. And it was precisely through this platform that a criminal was able to enter the administrative infrastructure by breaching the password of various Maryland IT administrators. Once the cybercriminal discovered these passwords, the hacker was able to login to the system with administrative privileges.
The data breach exposed the inherent security vulnerability of having an enterprise IT platform. But Loh said the school is taking measures to rectify the situation.
Chief among those was a much-needed move.
"We have migrated almost all of our Web sites to the cloud," he told the Committee, according to ThreatPost. For the university this is absolutely a strong move, since the enterprise cloud provides a stringent security infrastructure.
Better security in the enterprise cloud
According to OnlineTech, the enterprise cloud is the best place to guarantee secure computing. Whereas in the public cloud, individuals and companies risk their information being seen by unwanted parties. Those in the public cloud also place themselves under the control of their cloud service provider as far as security goes, which can be far from optimal for businesses that have highly specific needs for safeguarding their information.
But in the business cloud these problems do not exist. The private cloud places enterprises firmly in control of their data, giving them the opportunity to build a security system uniquely tailored to their needs. With the enterprise cloud, organization are able to fully reap the benefits of virtual computing – including increased storage space, greater mobility and faster growth potential – while also enhancing the security system that keeps intruders out.
As Loh pointed out, "The people who play offense will always be one step ahead of those who play defense." That was a lesson the university had to learn the hard way. But other enterprises can heed Loh's advice and stave off a breach before it does damage.