Information security risks on a university campus

Abstract EN

This paper is concerned with issues relating to security in the provision of information systems (IS) services within a campus environment.

It is based on experiences with a specific known environment ; namely Sultan Qaboos University.

In considering the risks and challenges that face us in the provision of IS services we need to consider a number : of interwoven subject areas.

These are the importance of information to campus communities, the types of information utilized, and the risk factors that relate to the provision of IS services.

Based on our discussion of the risk factors identified within this paper, we make a number of recommendations for improving security within any environment that wishes to take the matter seriously.

These recommendations are classified into three main groups : general, which are applicable to the entire institution ; social, aimed at the work attitudes of staff and students; and technical, addressing the skills and technologies required.