Addressing Higher Education Security Testing Needs with Core Security
Organizations in the education sector face a litany of complicated security challenges driven by their need to protect IT assets and data while supporting networks that permit use by large numbers of individuals working across a wide range of academic and research pursuits. Engaging in frequent, proactive penetration testing using our products to safely replicate real-world hacking and malware threats empowers security professionals in higher education to isolate and prioritize their most critical vulnerabilities to more effectively address risks, ensure that defensive mechanisms are functioning properly, and prepare for mandated compliance audits.
Learn how conducting penetration testing at educational institutions can help you to:
- Assess exposure to potential data breaches
- Insulate networks from unmanaged devices
- Limit unauthorized insider activities
- Drive down web-based security risks
- Maximize limited security staffing
- Diminish the impact of social engineering
- Validate security investments
- Meet compliance demands
Please review the below resources for more information about CORE IMPACT’s relevance to university and college environments:
Documents
- CORE IMPACT Pro Overview Data Sheet
- CORE IMPACT Pro Business Case/Cost Justification
- Southern Illinois University Case Study
- University of North Florida Case Study
- Virginia Tech University Case Study
Webcasts
- Best Practices in Higher Ed Security Assessments: Virginia Tech’s IT Security Review Process
Join Randy Marchany, director of the VA Tech IT Security Lab and SANS faculty member will share his insights from Virginia Tech’s proven IT Security Review process, which includes the proactive replication of threats originating from both inside and outside the university
- Comprehensive Penetration Testing with CORE IMPACT Pro
View a recorded demonstration of network, endpoint, web application and wireless penetration testing with CORE IMPACT Pro.
Compliance Information
- The Payment Card Industry Data Security Standard (PCI DSS)
Using CORE IMPACT to test your security measures is one of the easiest things you can do to comply with and validate multiple PCI requirements. IMPACT enables you to run regular, controlled and safe data breach attempts against your network, endpoint, web application and wireless security infrastructure. As a result, you can quickly and easily demonstrate whether your security defenses and response plans are in-place and working properly as mandated by the PCI Standard.
- The Heath Insurance Portability and Accountability Act (HIPAA)
The Security Rule of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) mandates that healthcare institutions implement appropriate information security policies and procedures to protect ePHI (electronic Protected Health Information) from "reasonably anticipated threats and hazards". Penetration testing with CORE IMPACT helps to ensure the integrity and confidentiality of patient information, while enabling you to abide by HIPAA security standards.
- The Gramm-Leach-Bliley Act (GLBA)
The Gramm-Leach-Bliley Act (GLBA) was enacted in response to the rapid increase in Internet banking and online access to account information. The law stipulates that all financial institutions establish appropriate security standards to protect customer data from internal and external threats and unauthorized access occurring through online systems and networks. Penetration testing with CORE IMPACT helps you to secure your student, staff and employee information and comply with the GLBA.
- The Family Educational Rights and Privacy Act (FERPA)
Regular, proactive penetration testing with CORE IMPACT comprises a critical security control that can help your institution to address the Safeguarding Recommendations laid out in FERPA. Click the above link to learn more about FERPA on the U.S. Department of Education web site.