Image Source: Flickr
Context-aware security decisions must be made every day in higher education institutions to ensure safety. A security guard must make a swift decision on allowing a visitor entry based on vehicles and their drivers. Cybersecurity teams must assess the nature of a device and the information it handles to decide allowing or denying exceptions to endpoint security policies. Context-aware security is here to help make decisions based on background information, which can only be made more effective through automation and analytic. Analysts will be able to dig into security data with less time and effort, which will only reap the greatest rewards for institutions.
Context-aware security requires context, which institutions lack. Contextual and wise security decisions require deep information about users and data, which in turn require a robust identity and access management infrastructure capable of providing useful attributes about individuals. The security data would not have to be in depth, but be able to provide a person’s status, student for example, and their department. With a strong data classification program, there is a helpfulness in identifying important elements of sensitive information handled on the campus.
For example, social security numbers or financial aid records would be labeled as sensitive information, and can be distinguished from general campus population by the context-aware products.
Products for context-aware security takes human and financial capital to release, but once set up, they can add a lot of value to the cybersecurity efforts. If the highly sensitive information has been identified, then the next step would to be to follow the data and build the context-aware controls around that information. To really maximize the amount of returns would be to target the higher value departments like finance, accounting, or human resources.
For more information, please visit EdTech for the full article