Make no mistake: Colleges are wired. As a student, you can download the new Coldplay single, order that pair of Diesels you've been craving, drop your best friend an IM, pay your cell phone bill, check your midterm grade, and chat it up with your philosophy classmates--all at once. College life just wouldn't be complete without the pleasures and conveniences of high-speed Internet technology, available on virtually every campus nationwide.

But the online college lifestyle may cause as many problems as it solves. Cyber-centric living has become such an integral part of the college life that many students don't think twice about regularly entering credit card numbers, Social Security numbers, and other personal information on Web sites. Nor do they take safety measures seriously. Unfortunately, their college's computer networks may not be as secure as they think.

In fact, according to a new survey, almost one-third (30.4 percent) of campus IT officials cite network and data security as the most important IT issue currently confronting their institutions, up from one-fifth (21.2 percent) in 2004. The survey, entitled The 2005 National Survey of Information Technology in US Higher Education, was conducted by the Campus Computing Project, a research group based in Encino, California. Don't think you could be hacked at your school? Think again.

The reality of risk
An alarming number of major universities, including the University of Nevada in Las Vegas and the University of Connecticut in Storrs-Mansfield, have reported major hacking incidents this year. At these and other schools, servers containing personal data--Social Security numbers, dates of birth, phone numbers, and addresses--were illegally infiltrated. And just because a school is unaware of any security breaches doesn't mean the breaches haven't happened.

"I don't think any school can say beyond a shadow of a doubt they've never had an instance of unauthorized access," says Jason Wallace, chief information security officer at Norwich University in Northfield, Vermont. "Higher education is a very different situation than the corporate world--it's much more difficult to deal with security at a college or university."

Open wide....
Why is a university so much more difficult to protect than a corporation or a home computer? "The whole concept of higher education is about openness and the availability of resources," Wallace explains. "I can't imagine a college anywhere that's running a Web site filter."

"Schools are trying to play catch up," explains Dave Grant, director of product marketing at Watchfire, a company that produces Internet security software. "I'd say half of college Web sites are exploitable today, and about 75 percent of the hacks that occur are happening because the sites aren't secured as well as they could be. The average Web developer doesn't necessarily know much about security, so the sites get created with flaws."

Human error
Beyond the "open" nature of colleges, sometimes people just make mistakes that compromise security. More than 300 students at the City University of New York (CUNY) were shocked and alarmed to discover their personal information--including Social Security numbers, loan information and amounts, and direct-deposit information--freely available on the Internet. According to CUNY spokesman Michael Arena, the student info was made available due to a human error. A worker at the school had accidentally placed the file outside the school's protected firewall, making it accessible to anyone--the private data even appeared on Google, the massively popular search engine.

What can you do?
If you've ever lost a wallet, you know the stress of having to cancel your credit cards, get a new ATM card, order a new Social Security card, and reconstruct the life that you so conveniently carried around in your pocket or purse. Now imagine if all that information were not merely lost, but deliberately stolen from you, and then exploited.

"It's only been during the past five or so years that we've been using the Internet for buying things, ordering products, entering personal information," explains Grant. "We have good reasons for doing it, but it's gotten easy for hackers to steal personal information as we're pushing more and more of our lives onto the Web."

Protect your PC
If you're a typical college student, your parents may have given you a hard time about last month's "emergency" credit card bill. But how would you explain the card getting maxed out by an anonymous and untraceable user? In order to prevent this and other cases of identity theft from occurring, you can take several precautionary steps.

"The important thing for students to understand is that protecting themselves from things like identity theft is largely dependent on them," says Matt Curtin, author of Brute Force: Cracking the Data Encryption Standard (2005) and frequent lecturer at Ohio State University. "Keep personal information personal. On campuses you'll find people with tables set up trying to offer you credit cards or free cell phones, and requiring that you give them your Social Security number. Don't do it. The only time you ever need to give that out is for tax purposes or when dealing with the Social Security Administration."

Also, take the time to set up your personal computer to be as hacker-proof as possible. "Using common-name passwords--your girlfriend's or boyfriend's name, no combination of numbers and letters--is a big problem," explains Grant. "They are easy to crack because hackers have programs that run through millions of simple login names looking for a match."

Updated virus protection is a must as well. "There's plenty of free anti-virus and anti-spyware software out there," he adds. "Download it, and keep it current. Software that is a month old is useless, because new viruses are constantly popping up."

Inside job
So these hackers are big, bad cyber meanies with nothing better to do than steal your personal info, right? Actually, sometimes the culprits are your peers.

This past March, approximately 150 applicants to six of the country's top business schools took advantage of a security vulnerability on a widely used admissions database for colleges and universities. They accessed information from schools that included Dartmouth College, Carnegie Mellon University, Duke University, Massachusetts Institute of Technology, and Harvard University. In fact, it seems that Harvard wins the prize for this year's most overzealous applicants, with 119 people wrongfully accessing their admissions database. Every school but Dartmouth refused to admit any of the students, calling the infiltration a serious breach of ethics.