"Scott Shackelford, professor of law and cybersecurity program chair at Indiana University at Bloomington, said it is not uncommon for organizations to take several months to release patches addressing security issues, particularly if they “don’t think it’s particularly troublesome.”
Moving forward, Shackelford encouraged colleges and universities to pay attention when companies release updates and install them “as quickly as possible.”
“This really boils down to basic cyberhygiene,” he said. He encouraged institutions to limit the number of users with administrative privileges for Banner and other enterprise resource planning software."
- Date Published:07/19/2019
- Original Publication:Inside Higher Ed