In response to the news that University of East Anglia leaked confidential health details to hundreds of students in a mass email, Matt Lock, Director of Sales Engineers at Varonis provides an insight below.
Matt Lock, Director of Sales Engineers at Varonis:
“The leakage of personal information is becoming commonplace: Academic institutions are prime targets for cyber criminals: A large university often has sensitive personal identifiable information (PII) and protected health information (PHI) on tens of thousands of students.
It’s important for universities to secure their data, educate their employees and contractors to ensure they have good cyber hygiene and take the steps to automate the prevention of human error – in this case preventing inappropriate access to personal information and incorporating utilities to prevent the exposure.
The way that personal data is collected and stored is a huge privacy concern, particularly in light of the upcoming GDPR: universities (and individuals) need to keep an eye out on privacy policies and data gathering in order to consistently meet business policy and security requirements.
Exposed personal data can be a huge vulnerability – not only an abuse of personal data privacy, but can be leveraged to breach more secure systems and put critical data at risk.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.