You are here:

The Myth about IT Security


EDUCAUSE Review Volume 41, Number 3, ISSN 1527-6619


Seeing an institution's name in the headlines for a security breach may be among a CIO's-- and a president's--worst nightmares. Whether the breached data involves social security numbers, credit card accounts, clinical records, or research, this is bad news. Federal agencies that provide research funding may lose confidence in data integrity, putting millions of dollars in grants at risk. Legislators may seek additional oversight. Beyond image, institutions face issues of liability and business continuity. Considering that colleges and universities manage some of the world's largest networks and collections of computers, the risk and the importance of the issue should not be underestimated. In this article, the author suggests that, in thinking about information security, the CIO and the executive team should ask themselves the following strategic questions: (1) Should security be treated as a campus governance issue or as an IT governance issue?; (2) Is it known which institutional assets need to be protected? (3) Do all IT users consider that security is their responsibility; and (4) How are academic values and institutional integrity ensured without ensuring security? (Contains 12 notes.)


Oblinger, D.G. & Hawkins, B.L. (2006). The Myth about IT Security. EDUCAUSE Review, 41(3), 14-15. Retrieved August 18, 2019 from .

This record was imported from ERIC on April 18, 2013. [Original Record]

ERIC is sponsored by the Institute of Education Sciences (IES) of the U.S. Department of Education.

Copyright for this record is held by the content creator. For more details see ERIC's copyright policy.


Cited By

View References & Citations Map

These links are based on references which have been extracted automatically and may have some errors. If you see a mistake, please contact