Abstract
The paper investigated sources of threats and vulnerabilities to Nigerian university computer networks and assessed the adequacy of security controls in place to mitigate the occurrence of successful intrusion. This was with a view to enhancing the integrity of data transactions on the Universities' computer networks. Data for the study were sourced from 18 purposively selected universities in Southwestern Nigeria. Three universities, each representing federal, state and private were selected from each of the six states in the zone. Primary data were obtained through the use of validated questionnaire. The result revealed that 81.3% of the universities had internet presence. The Universities' Organisation Information Criticality Matrix (OICM) showed the bursary unit with highest weighted average. The result further showed that web services posed the greatest source of threat and vulnerability to the university networks. Indeed, 72% of the universities ran e-portal services that incorporated electronic payment but none of the universities was digitally signed with Certificate Authority (CA). The result also showed that single factor authentication using usernames and passwords were the only network access identifier employed by all the universities. The study noted that the security controls to safe guard the integrity and non-repudiation of networktransactions in the universities were weak and high potential existed for possible compromise of the network system. The study therefore concluded by proposing a layered approach to managing security on the university network.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.