College of Southern Idaho constantly working at cybersecurity
In the tech department at the College of Southern Idaho there’s this board with four screens.
“It’s like our threat dashboard,” said Kevin Mark, the chief information officer with the college.
It’s so workers can see if someone’s trying to take data. For an institute that either employs or enrolls thousands of people in Southern Idaho, protecting all of those people’s information is a big task.
“Cybersecurity isn’t a project, it doesn’t have a start date and an end date, it’s just part of everything that we do,” Mark said. “We have to be diligent, it’s the new world of digital business.”
There’s a lot of laws and regulations to protect specific information. Different guidelines lay out protections on grades, medical history and financial information. There’s also protections on personal data, stuff like religion or politics. The same type of stuff Facebook recently got in
for not protecting.
“It’s basically any data that can be directed back to a single individual,” Mark said.
For all of these protections there are external and internal audits, there are in-house trainings, and constant developments in technical protection. The college is also ready for the system not to work, either by accident or from a malicious hack.
“Another really important component of cybersecurity is our ability to respond to incidents,” Mark said.
Mark said the tech department isn’t alone. They work with other parts of the college as well as federal and local law enforcement if something goes wrong.
CSI is also developing security infrastructure to comply with as much of the guidelines from the Center for Internet Security as they can. Last year Idaho Governor Butch Otter
an executive order requiring public institutions to comply with the first five of those guidelines. Mark said they want to try and comply with all 20.