Data security ranks among the top priorities of IT directors and managers in higher education, a survey has found.

CDW Government released the results of its third annual Higher Education IT Security Report Card on Monday. The report is based on a national survey of 151 higher education IT directors and managers. It gauges IT security and support on campuses over a three-year period.

It reveals that, despite increased attention to better IT security in higher education, there has been little progress. The report concludes that less than half of campus networks are safe from attack, with 58% reporting at least one security breach in the last year. Data loss or theft has increased 10% in the last year, up to 43%, according to the CDW-G. That includes loss or theft of staff and student personal information.

CDW-G found that increased attention to the convergence of IT and physical security solutions has failed to expedite adoption of related security tools. Managers and directors cite lack of staff resources as the biggest barrier to improving campus IT security

Eight percent of respondents reported "very secure" networks," and 47% report their "moderately secure" networks that require some improvements. Directors and managers said data protection is their third-highest priority among the top five IT security risks on their campuses. "Sensitive data residing on unprotected machines" and "intruders gaining access to high-profile material" topped the list, CDW-G said.

The report called the rise in data loss or theft compared with the previous year "alarming."

"Ensuring IT security at higher education institutions is challenging," Julie Smith, director, higher education for CDW-G, said in a statement. "The amount of data residing on the network is growing exponentially and IT directors struggle to balance security concerns with the open nature of higher education."

The survey found that convergence is increasingly a priority, with 38% of respondents spending more time on it than the previous year. Eighty-six percent of respondents noted that their campus has the network infrastructure to support converged solutions, but only 6% have fully converged IT and physical security solutions, the survey found.

IT directors and managers gave administrations a "B" for their support of IT security and said they need more funds and better enforcement of IT policies. They gave "Cs" to faculty and students, saying both lack awareness. Faculty expect exceptions to security policies and students disregard rules, they said. Many campuses reported some benefit from network access control and tutorials or classes on IT security.

CDW-G found that campus IT security hasn't improved during the three years the report cards have been issued and places the responsibility on the shoulders of college administrations.

The report states that convergence of IT and physical security tools offer opportunities for consolidation and streamlining human and financial resources while strengthening overall security

CDW-G recommends a layered security approach including network access control, content filtering, end-point security, network security, and compliance, as well as funding and support for increased IT security education.