Escolar Documentos
Profissional Documentos
Cultura Documentos
!1
!2
!3
have gone so far as to offer a free one-year membership for a identity theft protection service
to all those directly impacted (McCleery & Wang, 2014).
Ethical Concerns
Higher-education data breaches relate most closely to Section 1.7 of the Association for
Computing Machinery (ACM) Code of Ethics which states that as an ACM member, one will
respect the privacy of others, and therefore make sure to maintain the privacy and integrity
describing individuals (ACM Council, 1992). It is clear then that the hacker in question, whose
name has yet to be publicly revealed, was not an ACM member. This brings to mind the fact that
those handling computer security at Butler University, were they members of the ACM, would
further hold responsibility, in this case, to take precautions in order to protect sensitive data of all
personnel in the university from unauthorized access or accidental disclosure to inappropriate
individuals (Code of Ethics, 1992).
In terms of what the HU Information Technology policy lays out to students and faculty,
data breaches at Hampton would be a rare event. Because the policy aims at making sure all
members of HU can be afforded privacy and cannot be unwillingly subjected to abusive
behavior, the crime of computer invasion is never tolerated. These guidelines even go so far as
to point out the Virginia Code 18.2-152.5, which criminally charges those who intentionally
examine employment, salary, credit, financial, or personal information without any authority
to do so (Hampton University Center for Information Technology, 2014).
However, to be fair, Butler University had equally reputable intentions listed in their
Computer Use Master Policy which lays out similar ground rules that every member should be
!4
mindful of when utilizing technology at Butler (Butler University Policy & Procedure, 2010).
Making note of this, it is vital for all universities to realize that even carefully planned out,
inscribed precautions may not be enough to sustain a privacy attack on the entire school given
valid security protocols that are currently in place. In addition to the universities being at a
terrible financial risk if they are breached, the IT departments have to pay the price by coming up
with even more strict regulations that can mitigate these attacks and provide the much needed
support for those that were potentially affected through the exposure of their personal
information (Virgillito, 2014).
Final Thoughts & Conclusion
This hapless breach of Butler could have been prevented, no doubt. However, data breach
insurance is both difficult to obtain and costly for any university. This is primarily because before
the institution can opt for insurance, insurance companies offering protection maintain a
checklist of what kind of computer architecture is required to comply with modern security
protocols (Virgillito, 2014). However, other measures of security that can be taken include
establishing stringent data security policies in which all members of the university are required to
strictly follow. Personally, I believe the advice of J.J. Thompson, the CEO of Rook Security,
which is a global provider of IT security solutions, bears great importance for the cyber-security
of all educational institutions (Ragan, 2014). He mentions three vital steps educational
institutions can take to prevent future breaches: identify where sensitive data is stored, confirm
current software can prevent and detect breaches appropriately, and ensure existing architectures
does what it is meant to (Ragan, 2014). Following this advice is a critical first step to a more safe
and secure campus virtually and physically in these newfangled times of ours.
!5
Bibliography
Butler University Policy & Procedure. (2010, March 1). Computer Use Master Policy. Retrieved
July 12, 2014, from http://www.butler.edu/information-technology/policies-security/
computer-use-master-policy/
Code of Ethics. (1992, October 16). Association for Computing Machinery. Retrieved July 12,
2014, from http://www.acm.org/about/code-of-ethics
Hampton University Center for Information Technology. (2014). Information Security. Retrieved
July 12, 2014, from http://cit.hamptonu.edu/page/Information-Security
Longnecker, E. (2014, June 29). Data breach at Butler exposes nearly 200K people. 13 WTHR
Indianapolis. Retrieved July 12, 2014, from http://www.wthr.com/story/
25900150/2014/06/29/data-breach-at-butler-exposes-nearly-200k-people
McCleery, B., & Wang, S. (2014, June 30). Cybersecurity expert says little risk from Butler data
breach. INDYSTAR. Retrieved July 12, 2014, from http://www.indystar.com/story/news/
crime/2014/06/30/butler-university-data-breach-affects-k-school-ties/11745909/
Ragan, S. (2014, June 30). Butler University data breach impacts 163,000. CSO Online.
Retrieved July 14, 2014, from http://www.csoonline.com/article/2429410/disasterrecovery/butler-university-data-breach-impacts-163-000.html
Virgillito, D. (2014, July 9). The State Of Data Breach In Universities | VPN Creative. VPN
Creative. Retrieved July 12, 2014, from http://vpncreative.net/2014/07/09/state-databreach-universities/