Ethics Anonymous Reporting Hotline

Auburn University has contracted with an outside provider, Ethicspoint, Inc. of Portland, Oregon to receive reports regarding concerns over financial irregularities (and similar ethics related matters) and NCAA violations. To file a report, click the Ethics Hotline link or read the FAQ for more information.


 



Kevin Robinson
Executive Director
Kevin Robinson
CIA, CFE, CCEP
Monthly Newsletter
Case In Point:
Lessons for the pro-active manager
Vol. 7 No. 2


As we noted in last month’s Case-in-Point, we linked 580 stories during 2014 dealing with diverse issues and sometimes even entertaining events that occurred within higher education. This month we begin analyzing those 580 stories to see what we can learn and hopefully prevent in our areas of responsibility.

Within the Information Security and Technology category, we had 118 stories linked during 2014.

The breakdown within this category for 2014 is:

  • Hack/Data Breach 58%
  • Accidental Data Disclosure 23%
  • Social Media Issues 8%
  • Other 8%
  • Cyber Insurance 3%

As a point of comparison the 2013 results are:
  • Hack/Data Breach 44%
  • Accidental Data Disclosure 25%
  • Social Media Use 13%
  • IT Resources/Use 10%
  • Other 8%

The clear leader over the past two years in stories we linked involved “Hack/Data Breach” where someone outside of the institution (or without legitimate internal access) attempted to obtain some protected data.

The second most common event we observed in this category involved accidental data disclosure by an employee. Most frequently noted was the situation where an employee thought they were storing electronic files in a secure place, but in reality they were open for anyone to view. We also included device loss or theft in this category. Laptops, smartphones, and thumb drives are all easily lost/stolen and can have major implications if not adequately protected.

Social media continues to be a fairly substantial topic as well with items ranging from institutional policy issues to specific social media posts by either students or employees being topics we noted during the past year.

Due to the importance of this topic we will look at some best practices in the data security and IT realm to help manage these events. We did this last year and think the topic is worth a reminder. In future months we will delve into the other categories in more depth.

As always we invite you to review the events from this month and consider ways you can help proactively manage risks.

(more)



Latest IT Security News



Lenovo vows to stop shipping PCs with third-party bloatware after Superfish fiasco02/27/2015
Flaw in popular Web analytics plug-in exposes WordPress sites to hacking02/25/2015
Google scraps annual Pwnium bug-hunting contest02/25/2015
Chrome security update warns against sneaky software downloads as well as malware02/24/2015
InfoWorld's 2015 Technology of the Year Award winners01/26/2015
CheckPoint, Watchguard earn top spots in UTM shoot-out01/07/2015
Review: The best password managers for PCs, Macs, and mobile devices06/18/2014


Last Updated: February 27, 2015

Internal Auditing | Auburn, Alabama 36849 | (334) 844-4389 |
Website Feedback | Privacy | Copyright ©