Cloud Security for Higher Education & Research
Adressing security is key to focus on the education & research core mission
Higher education and research institutions today must operate efficiently and effectively within an intensively connected environment on campus, cross-campus, and off-campus. This entails maintaining an infrastructure that may be on premise, in the cloud, or hybrid and must satisfy faculty and student users who expect to access software on any device and from anywhere.
IT security has become a key concern, with challenges such as ensuring data privacy in the cloud, securing back-end access from mobile devices, and enabling single-sign-on (SSO) functionality in hybrid, on-premise, and cloud landscapes. According to Jonathan Rajewski in the Computer Forensic Professor, Higher education is one sector at exceptionally high risk of devastating attacks. Colleges and universities report astounding rates of cyberattacks, with millions of hacking attempts into information systems weekly.
Higher education and research institutions must adapt security policies and practices to address student-owned computers and devices, train staff and students in security awareness, restrict access to systems, monitor internal and external resources, and establish incident plans.
Leading higher education and research institutions recognize the potential of the cloud but are cautious to adopt as security concerns remain.
Digital Value Chains Enable Organizational Transformation
Higher Education Institutions have the opportunity to interconnect all aspects of the value chain, including their core and internal operations in real time to drive outcomes. The entire value chain can be digitized, including the core, which will serve as the platform for innovation and operational process optimization.
Cloud technologies coupled with end-to-end security are key enablers for a connected digital enterprise.
The Challenges of IT Security
Security is always a joint effort made by the university, security standards, security organizations, governments, and IT vendors. And institutions in moderately and heavily regulated industries such as higher education have increasing unique security needs with mobile student populations and are faced with trade-offs.
In addition, security requirements depend on industry requirements, local regulations, institution-specific IT infrastructure, and processes. Hence, a security concept must always be institution specific, reflecting an organization’s risk appetite and its protection goals.
Among all these aspects of IT security, there are common elements of an IT security architecture that are applicable to many organizations. It is also imperative to understand the critical importance information makes to an institution’s strategic initiatives and overall risk management.
IT environments for higher education and research institutions are unique.
Most businesses have significant control of the computers connected to their network. Massive broadband access on a campus, however, has resulted in a large part of university networks being comprised of computers the institution neither owns nor manages.
The pressure to innovate and drive new solutions to meet changing learning environments and student needs. This has forced higher ed institutions to look to cloud solutions to transform and enable convenient, on-demand access to a shared pool of configurable computing resources. There are significant benefits but also significant challenges.
How SAP Provides Security in the Cloud
Let’s give one example with our SAP HANA Enterprise Cloud solution. The SAP HANA Enterprise Cloud is a fully managed, secure cloud service that gives SAP and the institution the full ability to consider security at the very foundation of the strategic planning and implementation of the data center. It’s ideal for mission-critical applications, such as SAP Student Lifecycle Management (SLcM), the SAP Business Warehouse application, SAP Business Suite 4 SAP HANA (SAP S/4HANA), and custom applications based on the SAP HANA platform. The private cloud:
- Leverages internal IT assets with embedded user-access controls to offer computing and storage solutions to internal tenants
- Is customizable for the specific institution it supports, yet can still be managed by employees
- Addresses regulatory constraints, especially concerning data privacy, and may be financially competitive for larger financial institutions
Did you know our world wide data center meet the highest security standards?
SAP and partner data centers around the world meet the highest security standards. Data centers are certified with:
- ISO 27001 – Certification for Information Security Management Systems
- SOC 1/SSAE 16 – Statement on Standards for Attestation Engagements No. 16
- SOC 2 – Service Organization Controls Report (attestation report)
- ISO 22301 – Certification for Business Continuity Management Systems
Servers in the data centers reside in secured cages and rooms with key management systems. Access to server rooms is controlled and only possible with multifactor authentication, including access cards with PIN, biometric scanners, and mantraps.
Servers are equipped with:
- Multiple primary 10 Gbps fiber backbones
- Hardware load balancers at the Web and application tier
- Storage area network (SAN)
- Block encryption with Tripwire (FIM) or database encryption
- FIPS 140-3 certified key management
Achieving cloud transformation will require significant focus and executive commitment along with a business partnership with SAP to drive a successful outcome for your university. SAP brings unparalleled experience and a strong track record that will help you take advantage of cloud solutions in a secure way.
Recommended next steps for a nondisruptive and secure cloud transformation:
- Hold a thought leadership workshop with your campus operations and IT executives to identify key value areas.
- Visit SAP’s data centers on-site or online at www.sapdatacenter.com to get an inside look at how they are operated.
- Connect with other higher ed institutions to exchange best practices and experiences.
- Use the value engineering approach advanced by SAP to identify business and use cases.
- Design and develop a proof of concept for a specific use case.
More info on SAP & Security can be found here:
Kind regards – Rob
SAP Higher Education Solution Management