“Security is always a top concern. Other highly regulated industries—such as financial services, insurance and healthcare—have mandatory government regulations to guide them, but it is often unclear to higher ed which data can or cannot be stored in the cloud. I’ve seen universities adopt a hybrid
approach to cloud strategy, where general business information—such as campus emails, time-off requests and publicized research papers—is the first to be migrated to the ‘self-service’ systems. Sensitive information, such as private student data, degree reports and financial information, is still
managed and stored in a local data center.”
— Linda Ding, education program strategist, Laserfiche
“The primary concern is ensuring that their compliance requirements with laws like HIPAA, FERPA and state regulations for the data can be met. The second concern is overall data security. The third concern, assuming the first two concerns have been met, is what solutions should be leveraged to get the data into and out of the cloud.”
—David Blankenhorn, vice president of engineering
and chief cloud technologist, DLT Solutions
“Most of the IT professionals we work with in higher education understand that the security standards and practices we employ are far more rigorous and thorough than what they would be capable of deploying, simply because of the scale at which we have to deploy these solutions. Their biggest challenge is in battling the perception problems that exist within their constituencies—students, faculty, staff and executive leadership teams—that have a perception of the cloud being vulnerable, given some of the more visible breaches that have made headlines. Most of these issues are focused on people and process, not technology.”
—Cole Clark, global vice president, education and research, Oracle
“In our work providing cloud-based enterprise content management to higher education clients, we generally see their data security concerns falling into one of two areas. First, all institutions worry about security and reliability so they can ensure ongoing access to student records. As you consider cloud storage options, ask each vendor specific questions about their ability to meet FERPA regulations—including the ability to lock down records so only those with permission can access student information, and the ability to send annual notifications to students regarding their privacy rights.”
—HK Bain, CEO, Digitech Systems
