Educational institutions behind in spam and security fight

I can’t help but think that colleges and universities were under some delusion of being immune to spam and other security issues. The problem has been on our heals for some time, yet issues with these institutions continue to make the news.

Wondering whether I am missing something, I checked back through the Spamroll archives, and found quite a few stories covering educational bodies.

– We find the University of Texas selling their email lists, then blocking the purchaser’s mail – dumb to begin with, and more than a little unethical on the back end; it forced Spamroll to question why some educational institutions were getting into the list business;

– A pack of college students are hit by tech saavy phishing attempts;

– UC Berkeley gets hit by data theft, and it isn’t the first time; and

– A smaller institution spends years and thousands for a proprietary anti-spam implementation that solves a small percentage of the problem.

One group seems to be heading on the right path, although they seem to be a little behind (see UC Irvine sticks with OSS).

And there is some light in the endless tunnel too. If college students are left to their own devices (literally – meaning their cell phones), they are hard to fool.

Why is it that the one place that you would think has so much in the way of technical (and brainpower) resources, has such a hard time keeping the security bugs out of their houses?