Cyber Security in Title IV Financial Aid
You see it in the news every day…a new breach of customer information that results in hundreds, thousands, millions and in a recent case even billions of people’s personally identifiable information (PII) being stolen, and sold to businesses without authorization, taken by scammers and sometimes even grabbed by identity thieves across the globe. Many of these companies are caught unprepared and then scramble to save their businesses, often losing sight of what is most important during this time of crises…their customers’ privacy and the security of their identity.
As a service provider of Title IV Financial Aid management and processing services for institutions of higher learning, Weber & Associates, Inc. (Weber) is committed to continuously improving the prevention of and preparation for the unlikely event of a data breach of our systems. Weber is dedicated to both proactive and reactive best practices to maintain data security and mitigate data breach risks for all our customers and your students. We hold the trust placed in our organization by your institution and the United States Department of Education in the highest regard and are absolutely committed to maintaining that trust as one of our primary responsibilities.
At Weber, we have modeled our security policies and data breach policies after the SANS Institute’s cybersecurity tactics, providing both proactive protection and monitoring of all our information technology assets and data, as well as fast response incident management that would immediately mitigate as much risk as possible for all our customers and students. To provide the best possible proactive protection, Weber is in the process of upgrading our current perimeter defense systems to the latest and best technology to detect and prevent all attempted breaches or our systems or data.
While our current systems are Family Educational Rights and Privacy Act (FERPA) and Gramm-Leach-Bliley Act (GBLA) compliant and have provided superior protection over their years of service, our commitment to your trust requires us to continuously search out and evaluate improvements to our existing programs. We have identified newer, faster, more advanced, and better technology that meets all the requirements of FERPA and GBLA, as well as addressing the ever-changing landscape of cyber security threats. These systems will be employed at Weber by the end of 2018.
To mitigate any effects of a potential breach, Weber has teamed with Travelers Insurance for a cyber security policy that will provide access to a wealth of resources through the Travelers eRisk Hub before a data breach occurs, during an actual data breach, and after the breach has been mitigated. These resources include:
* a cyber resilience readiness assessment;
* cyber security professional consultation;
* cyber security training resources for all employees;
* constant updates on the latest research and trends in cyber risk management;
* a cyber breach coach that is experienced in dealing with cyber security breaches and mitigating their effect on customers;
* a team of experienced forensic experts that can quickly close any breach, as well as determine the exact extent of the breach;
* communications support to help insure that all affected parties are properly informed and kept up to date on all issues; and
* credit monitoring for all affected parties in the unlikely event that a breach actually occurs.
By employing both proactive and reactive measures, keeping up to date with current best practices, technology and trends; and our philosophy of continuous improvement, Weber is committed to maintaining the integrity and security of our systems, your data, and the trust placed in us. Our security policies and data breach policies establish a well-tested framework for maximum protection of your institution and students’ information. For more information, please refer to our Weber Security & Disaster Recovery Synopsis as well as our Weber Data Breach Policy on your institutions VFAO Support Site.
Weber & Associates