CDW-G Higher Education IT Security Report Card 2005



CDW-G conducted an informal survey of higher education IT professionals to understand the challenges that IT directors and managers face as they implement security programs on campus.

Specific objectives of this study were to:
  • Determine the major barriers IT directors face when trying to improve security on campus
  • Allow higher education IT directors to rate the support they receive from various higher education communities - administration, faculty and students
  • Gain a greater understanding of higher education IT director pain points
  • Generate results that will serve as a platform for future research on the topic of IT security in higher education



Administration earns an "A-" for making network security a priority and a "B+" for support: Eighty-seven percent of respondents state that that the executive administrations at their schools are either very supportive or supportive of IT security initiatives. However, 42% note that the biggest problem they face with their administrations is a lack of funding for IT security, while 33% say their administrations are not committed to enforcing security policies.

Faculty earns a "B": Seventy-three percent of respondents note that higher education faculty is very supportive or supportive of IT security initiatives. The biggest challenges IT directors face with this audience are lack of awareness (45%) and lack of consistent policies across departments (32%).


Students earn a "C-": While 45% of respondents report that students are either very supportive or supportive of IT security initiatives, 38% state that students are not very supportive and 17% say that students are not at all supportive and resistant to change. Respondents cite disregard of rules/policies (36%) and lack of awareness (25%) as the major roadblocks with students. In short, students seem to be more careless than malicious.



The primary results reveal that securing faculty support and the free exchange of information in an academic environment are less significant obstacles to improved information security than are basic requirements such as funding and staff time. Other deductions made through analysis of the responses include:


Higher education institutions are secure, but not secure enough.
IT security is not "counter to the culture." Despite "free flow of information" in the academic environment, most constituencies are supportive of IT security initiatives.
  • IT security is the top or very high priority for 69% of institution administrations.
  • IT security policies are supported by 73% of faculty members.
  • IT security policies are supported by 87% of those in executive administration.
Organizational resource allocation does not match stated priorities.
  • While 64% of respondents say that IT security is among their top five priorities and 69% say that it is the highest or top priority for their administrations, 66% say they spend less than one-quarter of their time on IT security.
  • Lack of funding (50%) and lack of resources (12%) are the top two barriers.
While college and university administrations are supportive of IT security initiatives and recognize IT security as a priority, they are not backing this up with funds and resources.
  • 87% of respondents say that their administrations are either very supportive or supportive of IT security initiatives.
  • However, 42% note the biggest problem they face when dealing with their administrations is a lack of funding for IT security programs. Thirty-three percent say their administrations are not committed to enforcing policies and funding training programs
  • 33% say their administrations are not committed to enforcing policies and funding training programs.
While student support for IT security needs improvement, the survey results show that students are more often careless or unaware of policies than they are maliciously trying to circumvent them.
  • 45% of respondents say that students are supportive of IT security initiatives, but 38% say that students are not very supportive and 17% say that students are not at all supportive and resistant to change
  • Disregard for policies (36%) and lack of awareness (25%) are more significant problems than peer-to-peer file sharing (14%) or malicious actors (3%)
Faculty are supportive, but not always aware of appropriate policies. More training is needed.
  • 73% of respondents note that higher education faculty are very supportive or supportive of IT security initiatives
  • Biggest challenges: lack of awareness (45%) and lack of consistent policies across departments (32%)





The CDW-G Higher Education Security Report Card 2005 is based upon an informal online survey of 102 higher education IT professionals drawn from a sample frame of 8,100. The survey was conducted between October 5, 2005 and October 12, 2005.

CDW-G plans to conduct in-depth research on the topic of IT security in the coming year. This initial survey enabled the company to survey a segment of the marketplace to begin to understand the specific challenges IT directors and managers face as they implement security programs on campus.



Barbara Crystal
CDW-G Public Relations
847-968-0710
bcrystal@cdw.com