November 3, 2021
Higher education is one of the top sectors targeted by hackers, because college and universities store enormous amounts of personal data about students, faculty, and staff – including social security numbers, financial data and health care information.
The data is necessary for basic operations, such as awarding financial aid packages and complying with accessibility policies. But the potential value is even greater when decades of data are aggregated and analyzed. Schools across the United States are using predictive analytics to shape recruitment, retention, and advancement initiatives.
The question is not whether colleges should use data to improve outcomes. The question is how to do it safely, so that the information doesn’t fall into the wrong hands. The financial and reputational risks posed by data breaches are too high to ignore, especially as legislation around privacy rights becomes the norm.
In the United States, the Family Educational Rights and Privacy Act (FERPA) and the Health Insurance Portability and Accountability Act (HIPAA) already regulate the use of students records and health information, respectively. At the state level, more and more U.S. states are establishing privacy rights by passing legislation that limits the use of sensitive data and enforcing those rights with robust penalties.
In other words, higher education institutions have much to be concerned about when it comes to handling data, but that shouldn’t prevent them from taking advantage of the insights that data has to offer when it’s aggregated in one location. The solution is to not only control access but to control access at scale.
Ultimately, when students do better and have better outcomes, they succeed in their post-college life, which builds the reputation of the school over the long-term, leads to more advancement opportunities and so on.
For example, at Michigan State University, students were only required to live on campus their first year of school. When they looked at the data, however, they found that students who lived on campus for two years have a better pace to graduation. That led the university to implement a new requirement that students live on campus for two years, a change based on data that predicted better student outcomes.
Another example: The university analyzed data and found that students who attempted 15 credits a semester were on a better pace to graduate. Even if they didn’t complete the 15 credits, they were more successful than students who attempted the minimum. As a result, the university launched an initiative to encourage students to take more credits.
ALTR’s data control and protection solution allows colleges and universities to mine records for value without sacrificing control over who has access to them, when they have access, how they can access, and what they have access to. Because ALTR makes it safer to control access to data at scale, colleges and universities can use that data to improve outcomes for existing students, recruitment efforts for new students, alumni outreach, and even employee retention.
Moreover, ALTR works so that organizations can often leverage the tools they already use to govern their data, with integrations across all the major cloud databases, business intelligence, ETL, and governance platforms such as Snowflake, Redshift, Tableau, ThoughtSpot, Matillion, Collibra, and more. In fact, ALTR gives organizations the confidence to move more data into these platforms, so they can extract more value from them.
Of course, visibility and transparency are the keys to success. With ALTR, an institution can start by discovering and classifying the data at hand. The system records every request, so administrators can visualize how sensitive data is being used and who has access to it. The records are also useful for compliance audits. From there, administrators can implement automated controls based on institutional policies, ensuring that every request for data follows proper governance policy and only those with legitimate educational interest have access to sensitive data.
Administrators can set limits not only on who has access but when they have access. For instance, a staff member who needs to run analysis on mass data has permission to do so, but only on weekdays during business hours. If they access the data at 2 a.m. on a Saturday from an unrecognized location, ALTR can stop that request in real time and notify the school’s security team. Furthermore, when universities are working with the most sensitive data and want to protect it at rest from privileged users on a cloud data platform, ALTR can tokenize data before it goes into the cloud so that it's safe no matter where it resides.
To take the cost and complexity out of controlling data access at scale, ALTR is delivered as a service. To make it even easier to get started, ALTR offers a free plan so institutions can sign up, learn about their data and how it is being used, and control access to data immediately. They can stay on the free plan forever or upgrade to scale governance controls across their institution.