skip navigation

Add your conference to our Justice Events calendar


Register for Latest Research

Stay Informed
Register with NCJRS to receive NCJRS's biweekly e-newsletter JUSTINFO and additional periodic emails from NCJRS and the NCJRS federal sponsors that highlight the latest research published or sponsored by the Office of Justice Programs.

NCJRS Abstract

The document referenced below is part of the NCJRS Library collection. To conduct further searches of the collection, visit the NCJRS Abstracts Database. See the Obtain Documents page for direction on how to access resources online, via mail, through interlibrary loans, or in a local library.

  NCJ Number: NCJ 215953     Find in a Library
  Title: Impact of Information Security in Academic Institutions on Public Safety and Security: Assessing the Impact and Developing Solutions for Policy and Practice
  Document URL: PDF 
  Dataset URL: DATASET 1
  Author(s): Steffani A. Burd Ph.D.
  Corporate Author: Columbia University Teachers College
United States of America
  Date Published: 2006
  Page Count: 264
  Annotation: This study assessed the state of information security in academic institutions and developed recommendations for policy and practice.
  Abstract: The results suggest that academic institutions are developing a baseline level of information security. Over three-fourths of respondents reported increases in the number of attacks on their institutions compared to last year, including laptop thefts, copyright infringement, and denial of service attacks. Yet over half of the academic institutions did not employ a full-time information security officer or any full-time staff members dedicated to information security. Less than one-fourth of responding academic institutions had a formal information security policy in place. Responding institutions performed a variety of assessments over the past year, most frequently vulnerability assessments and audits. A broad range of security technologies have been utilized by responding agencies; the most commonly used technologies included anti-virus software, spam filtering, and perimeter firewalls. More than three-fourths of responding institutions considered themselves either “well prepared” or “somewhat prepared” to defend against a major information security incident. A “data-based roadmap” of practical recommendations for policy and practice were developed based on the findings. Six steps are recommended for achieving a baseline level of information security: (1) locate and classify information assets; (2) build awareness; (3) tighten security policies; (4) establish mandatory training; (5) automate and institute processes; and (6) empirically assess activity. The study design included a field survey entitled the Information Security in Academic Institutions Survey, which was completed by 72 information security professionals in academic institutions and open-ended interviews with 12 professionals. Additionally, two academic institutions provided network activity data. Future research should focus on quantifying the threat posed to public safety and security by academic institutions and should assess the types and volume of criminal activity occurring in academic institutions. Exhibits, endnotes, appendixes
  Main Term(s): Schools ; Information Security
  Index Term(s): Surveys ; Personal interviews ; NIJ grant-related documents
  Sponsoring Agency: National Institute of Justice (NIJ)
US Department of Justice
Office of Justice Programs
United States of America
  Grant Number: 2004-IJ-CX-0045
  Sale Source: National Institute of Justice/NCJRS
Box 6000
Rockville, MD 20849
United States of America
  Type: Report (Study/Research)
  Country: United States of America
  Language: English
  To cite this abstract, use the following link:

*A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's website is provided. Tell us how you use the NCJRS Library and Abstracts Database - send us your feedback.