Network and Data Transfer Security Management in Higher Educational Institutions

Abstract

This chapter explored communications security through the use of an empirical survey to assess the extent of network and data transfer security management in Ghanaian higher educational institutions. Network security management controls consist of monitoring of networks, posture checking, network segmentation, and defense-in-depth. Data transfer security management includes encryption, media access control, and protection of data from public networks. Data were collected from information technology (IT) personnel. The ISO/IEC 21827 maturity model for assessing IT security posture was used to measure the controls. Overall, the result showed that the institutions were at the planned stage of communications security management. In particular, network monitoring, defense-in-depth, and the protection of data from public networks were the most applied controls. Conversely, posture checking was the least applied control. Higher educational institutions need to review their communications security plans and better manage network and data transfer security controls to mitigate data breaches.