Security guidelines of electronic academic assets

Abstract

As the country moves into the Information Age, the use of Information and Communication Technology (ICT) has become a ubiquitous activity in university departments for academic and administrative purposes. University academic information resources are valuable assets and the security of these assets should be managed properly so that these information resources can be accessible when and where it is needed. Without proper security measures and controls may result in the compromise, improper modification, or destruction of the information resources. This paper addresses security issues in the context of electronic academic assets. Threats and vulnerabilities of academic assets are discussed. Assets, threats and vulnerabilities of academic information resources are determined through a risk analysis approach, whereby a survey is conducted amongst academic staffs as respondents. Security controls that can be employed to reduce the risks of attacks on these assets are then determined. The final outcome of the research is a security guideline that may be followed by academic staffs and others who are responsible for the security of electronic information in a university environment. The guideline addresses issues such as choosing good passwords, preventing virus attacks, e-mail security, pc intrusion and administrative responsibilities. It defines the security responsibilities of both the users and the administrators who manage computers and networks. With the availability of security guideline and proper training to staffs who managed academic assets, the security of academic assets can be enhanced and the network in the academic environment as a whole gains more trusts.