As BYOD becomes a reality on campus, a multi-layered strategy that secures networks from within is key to protecting data and devices.

It’s a digital explosion of devices and things, and it’s happening all around us. The question is, are you ready for it?

In recent years, the education sector has become not just a target, but rather a lucrative target, for nefarious network activity. Tens of thousands of students, staff and network administrators have been put on high alert, and institutions have been disrupted due to threats as extreme as a murder, or exorbitant demands for ransoms.

The sheer number of devices that flood a campus network on any given day can overwhelm most IT departments. Plugging the holes of vulnerability and devising new methods to protect against attacks from hackers and outsmart criminals is a full-time job.

Man holding phone with cyber-security app for blog

One of the reasons that cyber attackers target schools is that the networks are easy to crack. In fact, school districts often set up wireless systems to make connecting easy for students. Unfortunately, it also makes it easy for those with bad intentions. With free Wi-Fi in school buildings and students glued to their devices, there are thousands of opportunities for hackers to gain access to school networks.

And, if deliberate malicious attacks are not enough to deal with, what about the unwitting student who finds a USB drive left on a desk in the school library and plugs it into a computer unleashing a virus that takes down the school’s network. These are the realities faced by network administrators every single day.

Tackling the security challenge

Where do you even start? Well, it starts with an institution-wide security strategy. Most institutions have adopted the best practice advice of ‘defense in depth’ – meaning that there are multiple security layers which persons of ill intent would have to thwart.  In the era of GDPR, defense in depth has been expanded to mean securing both data and devices. It’s no longer about just setting up a firewall to protect a campus from exterior threats at the network perimeter and between servers. It’s about having a multi-layered strategy that protects the network from within by creating policies and procedures at the user, device and application layers.

IoT containment is one example where you can create virtual and segregated environments. These environments are known as ‘containers’, and exist within a single converged network. With IoT containment, specific connected devices can be isolated and managed using a set of policies. This strategy lets you group together a common set of devices, which only a defined group of users and servers can interface.

One example of this strategy would be in a college campus environment where only authorized security staff could access the IP security cameras. The cameras would be grouped in a ‘container’ and only able to communicate with the application that controls them. Defining a specific set of cameras in the group to only transmit video data would protect them, and prevent them from sending unexpected data, in the event of a compromised camera. Policy management lets IT staff see the complete network, which gives them the power to restrict or limit the privileges of devices and users to prevent deployment of unauthorized devices. You may recall the 2016 DDoS attack on the DNS provider DYN – if the compromised IoT devices had been containerized, the attack would not have happened. As you can imagine, this containment strategy is quickly being adopted to ensure a cybersecure network.

Are you ready?

So what happened when the student plugged that wayward USB into the library computer? Well, it would depend on the network equipment. Some network devices can automatically detect known threats and isolate or quarantine them.  Even if your equipment doesn’t have those features, with defense in depth, eventually your IPS, IDS, NMS or Firewall will detect the anomalous traffic and alert you.

The reality is that students are going to continue to bring their devices and the campus network is going to continue to increase the number of devices and things that need to be managed. The good news is, a solid security strategy that creates policies and procedures at the user, the device and the application layers are ready to take on today’s security challenges.

Learn more about how the education sector is digitally transforming to ensure a secure environment for students, staff, devices and things. Visit: https://www.al-enterprise.com/en/company/news/ale-expands-its-mobile-campus-solution

Tags - Bildungswesen, IoT, Mobile Telefone

Browse Blog Posts
Browse Blog Authors
About the author

Greg Kovich

Global Sales Lead, Education Vertical

Greg Kovich leads global sales for ALE’s Education vertical.  Greg has overseen or created several Education solutions including “The Fundamentals of Communications” – a vendor neutral course on digital network communications; “Safe Campus” – a solution uniting emergency alerts with first responder collaboration and mass notification; “Secure Campus” – a solution that allows instructors to limit student network access to determined sites; and “Pandemic Education Continuity” – a solution that enables classroom instruction in the event the institution is closed due to health or environmental crisis. 

He is a 1992 graduate of Indiana University with over 20 yrs experience in Information Technology.

Latest Blogs
blog-pageheader-1200x299 Datenhoheit und -sicherheit: Säulen der neuen Arbeitswelt

In der neuen Arbeitswelt wird auf die Cloud gesetzt, damit zeit- und ortsunabhängiges Arbeiten möglich ist. Das setzt Datenhoheit und -sicherheit voraus.

Kontinuität in der Bildung: Lehren und Lernen in der Krise

Remote unterrichten, Lernumgebungen verwalten − eine Herausforderung. Zusammenarbeit und Kontrolle bietet speziell für Bildungszwecke entwickelte Technologie.

girl-government-page-headers-1200x299 4 Wege zur effektiveren Kommunikation zwischen Verwaltung und Bürger

So steigern Sie mithilfe technologischer Neuerungen die Effektivität öffentlicher Dienstleistungen.

blog-pageheader-1200x299-healthcare6 Stoppen Sie mit Asset-Tracking die Abwanderung von Klinikpersonal

Gesundheitsdienstleister brauchen Technologien wie z.B. Asset-Tracking, um den Verlust von Geräten zu verhindern und das Klinikpersonal von administrativen Aufgaben zu befreien.

blog-pageheader-1200x299 So bleibt ihr Betrieb am Laufen und Ihre Mitarbeiter sicher

Sorgen Sie in der aktuellen Krise für einen stabilen Betrieb und die Sicherheit Ihrer Mitarbeiter – über eine einfache und sichere Vernetzung als Remote-Lösung

blog-pageheader-1200x299 Wi-Fi-Lösungen für stark frequentierte Bereiche

Von Universitäten und U-Bahn-Stationen über Hotels und Krankenhäusersprawling bis hin zu großflächigen Einkaufszentren und Stadien: Das Wi-Fi-Netzwerk gehört inzwischen zur Basisversorgung.

Industry Perspectives