Data Breaches are Real

Your campus merchants are ripe targets of opportunity for hackers and phishers.

If you haven't seen this article in the Wall Street Journal online, I recommend you read it. It is about a small business that downloaded some malware (very easy to do; very tough to eliminate once you do), and as a result they suffered a major data breach. Well, maybe not "major" in the sense of making the headlines, but it nearly put one small business out of business.

The moral of the story is simple: this could happen to you...to your campus...to your auxiliary organizations like parking or bookstore or any other campus merchant.

Please give a thought to passing this link to your campus merchants. I'd also suggest you make stories like this a part of your security training.

The bad guys are increasingly targeting small and medium sized businesses. With the typical open networks and varying degrees of security on most campuses, you should consider yourself at risk every day. Which reminds me, have you taken a look at your latest vulnerability scans? When was the last time you updated anti-virus and installed patches on ALL your systems?

Please don't be the next one in a headline. It'll surely ruin your day.

Credit Card History

I'll admit it: I am a credit card junkie. For others similarly afflicted or those who might want to see what it is like, take a look at a post at MSN Money on "18 Fun Facts about Credit Cards". There is nothing new here, but it is a good collection of some historic milestones in the plastic payment business.

Higher Ed Credit Card Agreements

Does your school have a co-brand credit card agreement? Usually, it will be your Alumni Association, Foundation, or even the Athletics or an academic department that has partnered with a bank to issue one of these co-branded cards. If you have one of these, you may want to compare your program with your peers. Thanks to the Federal Reserve and the Credit CARD Act, this is possible.

The Federal Reserve has released its second "Report on College Credit Card Agreements." A copy is available for download at the Fed's site (click here to download a pdf version).

By way of background:

Section 305 of the Credit CARD Act and the Board’s implementing regulations, 12 C.F.R. § 226.57(d), require credit card issuers to submit to the Board each year a copy of any college credit card agreement between the issuer and an institution of higher education or an alumni organization or foundation affiliated with an institution of higher educa- tion (an “affiliated organization”) that was in effect at any time during the preceding calendar year. Issuers also are required to submit the following informa- tion with respect to each agreement: (1) the number of credit card accounts opened pursuant to the agreement (“college credit card accounts”) that were
open at year-end (regardless of when the account was opened); (2) the amount of payments made by the issuer to the institution or organization during the year;2 and (3) the number of new college credit card accounts that were opened during the year.

Issuers were required to make their second annual submission to the Board by March 31, 2011. This submission comprised college credit card agreements to which the issuer was a party during 2010 and information regarding payments and accounts as of December 31, 2010.

The document mainly contains tables of individual Higher Ed institutions' programs, but there is some text and lots of footnotes. There is also an online database of the agreements.

Compliments to the folks at Payments News for pointing out this information.