Need a perfect paper? Place your first order and save 5% with this code:   SAVE5NOW

Laws Influencing Information Security and Privacy in the Education Sector

Introduction

In 2020 and 2021, when institutions started migrating to digital systems to battle the pandemic, many new risks surfaced. Hackers have traditionally seen schools as soft targets because of the wealth of personal information they store on students, faculty, and staff. This is why universities and colleges are the exclusive victims of 75% of all data breaches inside the educational sector. Attacks on colleges have increased after the notorious cyber breach in 2018, wherein Iranian hackers targeted more than 300 institutions (AlKalbani et al., 2017). Since several U.K. institutions had to temporarily shut down for two weeks or more following each incident during the pandemic, it seemed as if a fresh attack had happened almost every week. More than a quarter of universities say they have stolen sensitive data, including materials needed for national security and medical research. Ninety-one percent have experienced a significant cyberattack. Since cybercrime has become the top threat that institutions must deal with today, it is not surprising that phishing campaigns targeted at students have increased.

Brown University in Providence, Rhode Island’s capital, is a private research university with a stellar reputation. Of the total student body of 9,521, 6,182 are enrolled in the undergraduate program. The distinguished staff and wide range of courses offered by Brown University have made it famous (78 specializations). The computer systems of Brown University were the target of a ransomware assault in August 2016. The Ivy League school’s I.T. department warned that the virus was targeting Windows P.C.s and mobile devices, urging the campus community to take preventative measures (Snide et al., 2021). According to the officials, “several preventative procedures” were taken to preserve the University’s digital infrastructure. In order to accomplish this goal, we have blocked access to our significant data center and the services housed there as part of our efforts. The Chief Information Officer at Brown informed employees that they “may contact their I.T. Support Consultant (ITSC) to verify whether their Windows P.C. has ‘known-clean’ status,” which indicates a malware attack but did not give any other information.

Personal and academic information about a student is hidden from the general public’s gaze per the Family Educational Rights and Privacy Act (FERPA) provisions. In order to receive federal money, educational institutions in the United States must comply with stringent standards outlined by the Department of Education. According to the Family Educational Rights and Privacy Act (FERPA), schools must obtain written consent from the student’s parents or the student themselves, if applicable, before sharing any information from the student’s education record. This consent can come from either the student or the student’s parents. Schools may release “directory information” even if they do not have permission from parents or students, but they must give them notice of their right to decline. The Family Educational Rights and Privacy Act (FERPA) was referenced in the case U.S. v. Miami University, in which a student was accused of breaking the law by disclosing the e-mail address of every student in his dorm. The case was initiated because of FERPA (All share et al., 2018). Considering that the student did not provide any “education records,” the court found that he had not violated FERPA. The court concluded that the school had behaved in a manner that was compliant with FERPA when it disclosed the student’s disciplinary record to the family. In the case of Goss v. Lopez, which the Supreme Court heard, it was decided that a student has no due process safeguards under FERPA should their school suspend them. Following an examination of whether or not it has the authority to do so under the Due Process Clause of the 14th Amendment, the court came to the conclusion that it did. It has been suggested that the safeguards provided under the Family Educational Rights and Privacy Act (FERPA) are inadequate to guarantee the safety of student’s personal information and education records. They believe that schools are not compelled by law to remove outdated student information and that schools may reveal student data to other parties even though those third parties do not know the children or their parents. In addition, they claim that schools are permitted to sell student data to other parties.

Brown University’s innovations, designs, and other types of intellectual property are legally protected. The University’s trademark licensing system helps prevent its trademarks’ unauthorized use. Researchers at the institution have developed and patented several groundbreaking technologies, including a method for synthesizing carbon nanotubes. Secret recipes for the University’s ice cream, known the world over, are among the many practices that are well-held secrets. Brown’s patent for innovation policy strives to promote the institution’s fundamental teaching, research, and service principles. The Brown University, Patent and Invention Policy received final approval from the Brown University Corporation on December 13, 2019, making it an official University policy. This new Policy supersedes the University Patent on Invention Policy that was authorized and enacted on May 30, 2005, and is effective immediately. Immediately upon its adoption, this revised Policy shall become effective (Alshare et al., 2018). On October 16, 2020, Brown University’s Copyright Policy underwent certain amendments, which the Corporation authorized. Before May 30, 2005, when the University Patent and Invention Policy was approved and put into force, the copyright policy of the University was also contained in that document. The previous Policy is replaced by this new one, which is in force now. This Policy is in force right now and supersedes any earlier ones. The Policy’s overarching goal is to uphold the University’s philosophies regarding the open dissemination of research breakthroughs as well as the advancement of scholarship and study without regard to the potential of financial gain while acknowledging that making intellectual property related to specific studies widely available is a technique for striving to maximize the benefits to society. The Policy emphasizes the need to provide all employees, students, and teachers with a level playing field regarding legal protections and financial rewards from intellectual property creation.

The Brown University campus might be the target of a cyberattack or other event requiring forensics investigation. The computer systems of Brown University were the target of a ransomware assault in August 2016. The company had to pay a ransom to get back into its computers. Brown University’s I.T. security team discovered an issue in Microsoft Windows. The group has identified this danger (Jennings, 2018). The group working on Computing and Information Services reacted swiftly to the danger and started building a comprehensive response strategy. They also began an investigation and were working on it simultaneously. Because the risk is so significant, the University’s Center for Information Security (CIS) has implemented various safeguards to secure its digital assets. One of these preventative measures is to disable access to our primary data center and the linked systems. Due to maintenance, we cannot access some of our cloud-based platforms now; however, others, such as Canvas, Zoom, and Workday, are still operational. Commonly used services, including Banner, VPN, Remote Applications, and several websites hosted on Brown.edu, are now unavailable due to routine maintenance. Service will be restored as quickly as possible thanks to our collaboration with colleagues throughout the University. Windows computers at the University seem to be the attack’s intended target. For this reason, management has pushed for the widespread use of non-Windows computers, mobile devices, and others.

The law may be able to help the Brown University risk consultant out. Trademarks, patents, and other kinds of intellectual property owned by the business are secure thanks to the measures taken. The University has a trademark licensing program to prevent the misuse or theft of University trademarks (Brown, 2019). Since the University’s foundation, several patents have been issued for technologies produced there. There are many secrets held inside the walls of the University, but the ice cream recipe has found its way throughout the globe. The company may be at risk if a cyberattack or other incident requires forensics analysis. The establishment may not even be a target at all.

Conclusion

It has been shown that the public’s understanding of cybersecurity has dramatically improved due to consistent education campaigns, resulting in an 80-90% decrease in the number of effective phishing attempts and significantly less financial and public relations harm to educational institutions (Jennings, 2018). On Tuesday, Brown found out about a security breach that had affected the availability of several systems on the University’s network. As soon as we became aware of the situation, we took measures to protect sensitive data stored on our computers and launched an internal inquiry. We are treating this situation with the highest seriousness, and our top goal right now is to safely and promptly restore the affected services. Our inquiry is still in progress, and we will keep the public informed as new details emerge.

References

AlKalbani, A., Deng, H., Kam, B., & Zhang, X. (2017). Information security compliance in organizations: An institutional perspective. Data and Information Management1(2), 104-114.

Jennings, M. (2018). Business: It’s Legal, Ethical, and Global Environment, 11th Ed. Boston, MA: Cengage Learning.

Share, K. A., Lane, P. L., & Lane, M. R. (2018). Information security policy compliance: a higher education case study. Information & Computer Security.

Brown, C. S. (2019). Cyber-Attacks, Retaliation and Risk. National Security: Breakthroughs in Research and Practice: Breakthroughs in Research and Practice, 331.

Snider, K. L., Shandler, R., Zandani, S., & Canetti, D. (2021). Cyberattacks, cyber threats, and attitudes toward cybersecurity policies. Journal of Cybersecurity7(1), tyab019.

 

Don't have time to write this essay on your own?
Use our essay writing service and save your time. We guarantee high quality, on-time delivery and 100% confidentiality. All our papers are written from scratch according to your instructions and are plagiarism free.
Place an order

Cite This Work

To export a reference to this article please select a referencing style below:

APA
MLA
Harvard
Vancouver
Chicago
ASA
IEEE
AMA
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Need a plagiarism free essay written by an educator?
Order it today

Popular Essay Topics