- Associated Press - Thursday, March 20, 2014

CEDAR FALLS, Iowa (AP) - A state audit shows the University of Northern Iowa has unencrypted laptops and portable devices that could pose a risk for identity theft, but school officials say they doubt it was the source of a recent such incident at the university.

The report released last July said encryption software had not been installed on all laptop computers and portable storage devices that could store sensitive information, the Waterloo-Cedar Falls Courier reported (https://bit.ly/OA3Azn ). This includes USB drives.

Dozens of university employees have said they’re victims of identity theft that was discovered after they filed their taxes this year. UNI officials later announced a data breach at the Cedar Falls school, and told all employees to assume they’ve been affected.

UNI officials don’t know where the breach occurred. Still, UNI spokesman Scott Ketelsen said there’s no reason to believe an unencrypted laptop used by an employee is the source. He said the school’s information technology department has been using special software for years that scans and locates sensitive information on computers.

“All the machines that have even a remote chance of any kind of personal or sensitive information on it have been encrypted since 2006,” he said.

Auditors recommended that all portable devices, included those used by students, be encrypted. But school officials say it would be “prohibitively expensive” to do so, and many personal laptops don’t have sensitive university data.

The data breach case remains under investigation. The school has hired a security firm to provide services.

Warren Jenkins, chief deputy auditor of the state, said it’s up to UNI to protect the university, staff and students from such security risks.

“Obviously, we feel it should be done as quickly as possible,” he said. “Encryption of any personal data is extremely important whether with a university, private sector entities or anybody.”


Information from: Waterloo-Cedar Falls Courier, https://www.wcfcourier.com

Copyright © 2018 The Washington Times, LLC.

The Washington Times Comment Policy

The Washington Times is switching its third-party commenting system from Disqus to Spot.IM. You will need to either create an account with Spot.im or if you wish to use your Disqus account look under the Conversation for the link "Have a Disqus Account?". Please read our Comment Policy before commenting.


Click to Read More and View Comments

Click to Hide