Student Database (2010)

We reviewed controls over compliance with the Family Educational Rights and Privacy Act (FERPA) related to securing, managing, modifying and authorizing access to student information, as well as data security of student information systems. We recommended improvements over encryption of data in transit, monitoring of production servers to provide effective security, network security, access and account administration, user authentication, and securing web applications from known vulnerabilities.