Five steps to ZTNA cybersecurity on campus

Greg Kovich
Mai 19, 2023

Zero Trust Network Access (ZTNA) cybersecurity allows academic institutions to realise important benefits across all operations.

A man working on a computer

Trust no one. Sounds ominous, right? Well, unfortunately, it’s today’s reality — at least when it comes to network security. According to experts, the only network cybersecurity strategy that can effectively counter today’s threats is one that trusts no user, no device and no application, no matter where they are located — on-campus, in the cloud or off-campus. It’s a strategy known as Zero Trust Network Access (ZTNA), and is based on the following assertions:

• The network is hostile

• External and internal threats are always present

• Location is not enough to determine trust

• Every device, user and network flow must be authenticated and authorised

• Policies must be dynamic and use as many data sources as possible

Tackling these issues requires a thorough approach to security. A Zero Trust Network Access (ZTNA) strategy provides comprehensive protective mechanisms to stop unauthorised users, devices and applications from accessing the network. At ALE, we’ve identified five steps to help you develop a ZTNA cybersecurity strategy to protect your academic institution from the nefarious actors who lurk among us.

Step 1 – Monitor: Monitor the network to create an inventory of all devices and applications — authorised and unauthorised — that request or deliver information on the network and the protocols they use to do so. There are many tools available to collect information from the network and create a report that categorises devices by type, manufacturer, model, operating system and other factors. Flow monitoring tools that identify the different application traffic flows on the network are also available.

Step 2 – Assess: Assess and validate your inventory. Start by assessing devices and applications by their type and role. This process helps identify shadow IT devices that can be eliminated to reduce the attack surface, and limit risk and mitigation measures required in response to cyberattacks.

Step 3 – Plan: Plan your approach to authentication, authorisation auditing and administration. A multidimensional plan that includes macro-segmentation and micro-segmentation is best. Macro-segmentation segregates users, devices and applications on the network. Micro-segmentation defines how those users, devices and applications are mapped to their network segment and security policies.

Step 4 – Simulate: Test and validate the approach developed in Step 3. Use the insights to fine-tune security policies and ensure they cover all scenarios. Simulations should include issuing certificates, configuring policies, configuring quarantine scenarios, simulating log flows and testing firewall integrations.

Step 5 – Enforce: When tested and validated security policies are enforced, unauthorised devices are blocked from accessing the network and unexpected flows are dropped. In addition, devices can be put in quarantine and IT teams alerted to the situation.

While following these five-steps map out a path for ZTNA cybersecurity, it’s not enough on its own. Training, patch management and vigorous shadow IT management are required to ensure comprehensive security.

Successful outcomes

A secure network means faculty and students can take advantage of innovative digital technologies that improve learning opportunities and student success. For example:

• Faculty can develop lessons that inspire students, expose them to cutting-edge innovations and encourage them to participate, whether in the classroom or remote.

• Students can experiment with new technologies, collaborate with one another and faculty from anywhere, and incorporate the latest digital innovations into their assignments to showcase their potential.

With a deeper understanding of the institution’s cybersecurity status, IT teams can make better decisions about new technology strategies, such as adopting a cloud-first approach or supporting BYOD. They can also better protect and control the digital infrastructure and ensure the appropriate use of valuable network resources and bandwidth.

A trusted network foundation ensures academic institutions can remain focused on teaching and learning. To find out more, check out our "Rethinking cybersecurity in education" infographic or contact us today to discuss your specific needs.

Don’t forget to check back here for my next blog focused on what you need to know, from A to Z, for a comprehensive cybersecurity strategy.

Greg Kovich

Greg Kovich

Global Sales Lead, Education Vertical

Greg Kovich leads global sales for ALE’s Education vertical.  Greg has overseen or created several Education solutions including “The Fundamentals of Communications” – a vendor neutral course on digital network communications; “Safe Campus” – a solution uniting emergency alerts with first responder collaboration and mass notification; “Secure Campus” – a solution that allows instructors to limit student network access to determined sites; and “Pandemic Education Continuity” – a solution that enables classroom instruction in the event the institution is closed due to health or environmental crisis. 

He is a 1992 graduate of Indiana University with over 20 yrs experience in Information Technology.

Über den Autor

Neueste Blogs

TAA compliant logo
USA Federal

ALE OmniSwitch ist vielleicht der sicherste Switch auf dem …

OmniSwitch ist der perfekte Switch, um die von Regierungen geforderte Zero-Trust-Netzwerksicherheit zu erfüllen.

A woman working from home.
Hybrid Workplace

Hybrides Arbeiten mit UCaaS: Erfolg auf der ganzen Linie

Ein hybrides Arbeitsumfeld mit UCaaS führt zu verbesserter Mitarbeiterproduktivität, höherer Kundenzufriedenheit, strafferen Betriebsmodellen und hervorragendem ROI.

a group of people looking at a computer screen together.

3 Faktoren für den optimalen digitalen Arbeitsplatz

Mit der richtigen Grundlage können Behörden sichere digitale Arbeitsplätze schaffen und die Kommunikation, Zusammenarbeit und Service verbessern.

a woman with her hands on her chin

Auf dem Weg zum digitalen Arbeitsplatz: Der Übergang zur ne…

Nach zwei Jahren globaler Umwälzungen kann man mit Sicherheit sagen, dass sich Regierungsorganisationen erfolgreich auf den Weg zum neuen digitalen Arbeitsplatz machen.