/ / October

Common Cybersecurity Mistakes and Easy Steps to Avoid Them

  1. Clicking on a link or attachments in emails from what appear to be known senders.

So much of our correspondence, business and personal, is by electronic means.  A colleague may contact you about scheduling a meeting. Or, perhaps you receive an email alert from your bank about activity on your account. It includes a link and asks you to log in and confirm account information. In either of those cases, you have received an email from what appears to be a legitimate and familiar source. But is it real?

The best policy is to verify the content before trusting it. Did the language in that email from your colleague seem different than how they normally sound? Maybe the email from your bank had its logo, but the content was not as usual.  Did it sound unprofessional or contain misspelled words? Think twice before you click on anything. Once you’ve clicked that link or attachment—it’s too late.  Considering calling that colleague and asking this that email, about the meeting, was actually from them.  If you’re concerned about the email from your bank, open a new browser and log on to the account directly.  If there are any notifications about your account, you’ll see those once you’re logged in.

  1. Failing to report suspicious activity to your IT department.

If you are receiving suspicious phishing or spam emails, your coworkers are likely receiving them as well. Reporting this to your IT department or cybersecurity officer should be the first action you take to prevent a breach. Groups looking to hack into your institution’s systems are more likely to get through if they have targeted everyone in the company with a blast email.  It only takes one person clicking on the wrong link for hackers to gain full access. This is powerful leverage against your institution, and they often demand ransom payments.

The sooner you report suspicious activity to your technology experts, the sooner they can take measures to both alert employees and prevent future content from reaching employee inboxes. It’s also important to note that while a specific attack may get addressed quickly and resolved, there will most certainly be another one down the road. Hackers understand there is tremendous financial value to acquiring your institution’s data, and they’re relentless in new ways of gaining access to confidential information. This is why staff must remain alert and vigilant at all times.  It also emphasizes the importance of incorporating cybersecurity training and measures into your operations.

  1. Using the same password for your personal and work accounts.

It’s so easy to remember your pet’s name or the make of your first car.  So, you may use that password for all your personal accounts, apps, and social media platforms. However, this may not be the best option for accessing accounts at work. It a good policy to keep work and personal separate. While you should also strongly consider using different passwords for each of your personal accounts, for business activity, you should always use completely different protocols for your logins and passwords. This is a must-do to protect against a data breach.

The media frequently reports on different customer platforms being breached and all user login and password data getting exposed on the dark web. Once hackers have your login and password, they can use bots to go from one website to the next, in seconds, trying your information to see if they can get into a valid account. If you’ve used the same password for all your accounts, you’re even more at risk. Now magnify that if you have used the same passwords for your business activity. It’s easy to see how quickly that can snowball. Now is the time to check all your online access and updates those usernames and passwords.

  1. Storing a list of your passwords in a document on your PC.

Websites continue to increase the complexity of username and password requirements.  It’s not uncommon for a website to require 12+ characters, of varying types, and a combination of upper and lower letters.  It’s tempting to create a list of them and save it on your computer. That way it’s handy when you can’t remember one of them. But what if hackers gain access to your computer, and you don’t know you’ve been breached? You’ve, essentially, handed them the playbook for retrieving all your information.  They will access accounts and vanish before you even know what’s happened.

There is an easy way to avoid this scenario – don’t store your passwords on your computer. When creating passwords for your business accounts, consider utilizing a formula. This allows you to have a different password for each business account by applying a method to how you arrive at the password for each individual account. This is just one solution you can put in place – there are many other methods you can utilize to protect not only your passwords but also all your critical business data.

Outsourcing

Outsourcing Financial Aid: A Better Economic, Strategic, and Student-Centered Model

Processing financial aid records is one the most important yet complex steps for many financial aid offices. When not administered correctly or efficiently, it can create compliance risk or delays in students receiving their awards which has real enrollment and financial consequences. The recent staffing shortages throughout the industry have only magnified these challenges.

Many university presidents and CFO’s are exploring a new model – outsourcing their financial aid processing services. Those university leaders are discovering outsourcing is a better model for 4 reasons.

  1. It is a better economic model. University leaders can better control their costs in an outsourced model rather than carrying high costs associated with large staffs with frequent turnover. In addition to the cost savings, an outsourced processing model creates greater ROI. When financial aid is administered sooner, students receive their awards earlier which creates a real recruiting and retention advantage. Even a 2% gain in admit yield or a 2% increase in retention equates to noticeable gains in headcount and significant gains in net tuition revenue. The cost savings combined with greater ROI is why university leaders are discovering the outsourced partnership is a better economic model.
  2. It is a better strategic model. When the back office processing work is outsourced, financial aid staff are unconstrained to do what they do best – counsel students and parents. Key financial aid staff can focus on higher priority strategic initiatives that achieve operational, enrollment, and student experience goals. Those strategic priorities make a significant impact on the university.
  3. Students are better served. When financial aid files are processed sooner, students receive their financial aid awards earlier increasing their propensity to enroll as new students or return as current students. Parents and family members are more engaged and satisfied in the process. Student experience is directly correlated to recruitment and retention. Most financial aid leaders entered the profession, in the first place, to help make college affordable and accessible and to serve students. This model supports that goal.
  4. Peace of mind that the university is always in compliance. Besides the benefits of timely and accurate financial aid administration, university leaders who find a trusted strategic partner can rest assured their financial aid is administered in full compliance with the Department of Education.

Important factors to consider

  • As a best practice, have the outsourced processing work completed in your student information and financial aid management system. Select a partner that is experienced and proficient in your technology system.
  • Find a partner with deep industry experience and a long-standing track record of success with their clients and who is fortified by highly experienced consultants and team members. These are the strategic partners you want.
  • Ask potential partners about their audit history. Those companies are audited each year just like universities.
  • Ask potential partners about their quality control measures and processes. The best companies will quickly respond, providing the detailed quality control measures they have in place to ensure full compliance.
  • Inquire whether the outsourced partner will just replicate your current processes or will they listen and work with you to make your current processes more efficient. Will they merge their best practices with your client-specific needs? If so, that is a good partnership.

At FAS, these are a few of the tenets and best practices we built our model on.

Final thoughts

Financial aid processing is one of the most important steps in a financial aid operation. The current staffing struggles in most financial aid offices only makes this more challenging. Those staffing challenges show no signs of lessening anytime soon. But there is an alternative. It’s a better model too. From the initial application until the last dollar is disbursed, the right outsourced partner will make a significant impact on your financial, operational, and student experience goals.

FAS Stacked Logo

180 Interstate North Parkway
Suite 550, Atlanta, GA 30339

info@financialaidservices.org
770.988.9447

Contact Us

Privacy Statement

Why FAS?

Overview

Mission + Values

Our Team

Services

Consulting + Training

Interim Staffing

Outsourced Processing

News + Events

Press Releases

Events

Resources

Innovation from the CEO

Consultant Insights

Research + Resources

Join our Team
©2023 Financial Aid Services. All Rights Reserved.