As BYOD becomes a reality on campus, a multi-layered strategy that secures networks from within is key to protecting data and devices.

It’s a digital explosion of devices and things, and it’s happening all around us. The question is, are you ready for it?

In recent years, the education sector has become not just a target, but rather a lucrative target, for nefarious network activity. Tens of thousands of students, staff and network administrators have been put on high alert, and institutions have been disrupted due to threats as extreme as a murder, or exorbitant demands for ransoms.

The sheer number of devices that flood a campus network on any given day can overwhelm most IT departments. Plugging the holes of vulnerability and devising new methods to protect against attacks from hackers and outsmart criminals is a full-time job.

Man holding phone with cyber-security app for blog

One of the reasons that cyber attackers target schools is that the networks are easy to crack. In fact, school districts often set up wireless systems to make connecting easy for students. Unfortunately, it also makes it easy for those with bad intentions. With free Wi-Fi in school buildings and students glued to their devices, there are thousands of opportunities for hackers to gain access to school networks.

And, if deliberate malicious attacks are not enough to deal with, what about the unwitting student who finds a USB drive left on a desk in the school library and plugs it into a computer unleashing a virus that takes down the school’s network. These are the realities faced by network administrators every single day.

Tackling the security challenge

Where do you even start? Well, it starts with an institution-wide security strategy. Most institutions have adopted the best practice advice of ‘defense in depth’ – meaning that there are multiple security layers which persons of ill intent would have to thwart.  In the era of GDPR, defense in depth has been expanded to mean securing both data and devices. It’s no longer about just setting up a firewall to protect a campus from exterior threats at the network perimeter and between servers. It’s about having a multi-layered strategy that protects the network from within by creating policies and procedures at the user, device and application layers.

IoT containment is one example where you can create virtual and segregated environments. These environments are known as ‘containers’, and exist within a single converged network. With IoT containment, specific connected devices can be isolated and managed using a set of policies. This strategy lets you group together a common set of devices, which only a defined group of users and servers can interface.

One example of this strategy would be in a college campus environment where only authorized security staff could access the IP security cameras. The cameras would be grouped in a ‘container’ and only able to communicate with the application that controls them. Defining a specific set of cameras in the group to only transmit video data would protect them, and prevent them from sending unexpected data, in the event of a compromised camera. Policy management lets IT staff see the complete network, which gives them the power to restrict or limit the privileges of devices and users to prevent deployment of unauthorized devices. You may recall the 2016 DDoS attack on the DNS provider DYN – if the compromised IoT devices had been containerized, the attack would not have happened. As you can imagine, this containment strategy is quickly being adopted to ensure a cybersecure network.

Are you ready?

So what happened when the student plugged that wayward USB into the library computer? Well, it would depend on the network equipment. Some network devices can automatically detect known threats and isolate or quarantine them.  Even if your equipment doesn’t have those features, with defense in depth, eventually your IPS, IDS, NMS or Firewall will detect the anomalous traffic and alert you.

The reality is that students are going to continue to bring their devices and the campus network is going to continue to increase the number of devices and things that need to be managed. The good news is, a solid security strategy that creates policies and procedures at the user, the device and the application layers are ready to take on today’s security challenges.

Learn more about how the education sector is digitally transforming to ensure a secure environment for students, staff, devices and things. Visit: https://www.al-enterprise.com/en/company/news/ale-expands-its-mobile-campus-solution

Tags - Education, IoT, Mobile Communications

Browse Blog Posts
Browse Blog Authors
About the author
Greg Kovich photo for blog author page

Greg Kovich

Global Sales Lead, Education Vertical

Greg Kovich leads global sales for ALE’s Education vertical.  Greg has overseen or created several Education solutions including “The Fundamentals of Communications” – a vendor neutral course on digital network communications; “Safe Campus” – a solution uniting emergency alerts with first responder collaboration and mass notification; “Secure Campus” – a solution that allows instructors to limit student network access to determined sites; and “Pandemic Education Continuity” – a solution that enables classroom instruction in the event the institution is closed due to health or environmental crisis. 

He is a 1992 graduate of Indiana University with over 20 yrs experience in Information Technology.

Latest Blogs
blog-pageheader-1200x299 eSports — A New Competitive Differentiator

Steps that must be taken by education providers to make esports a key part of their student attraction strategy

blog-pageheader-1200x299 Data sovereignty and security reign in the new work world

The new work world is bringing the need for data sovereignty and security to the forefront, as businesses move to the cloud to enable people to work everywhere and anywhere.

blog-pageheader-transportation-railway-1200x299 A Day in the Future of Mobility

Transportation leaders unleashing the future of safe, sustainable mobility invest in intelligent, autonomous networks, and ubiquitous collaboration platforms

blog-pageheader-1200x299 The call of the wild – urban and rural

Delivering 6000 kilometers of coverage demands experience. Sipwise and ALE provide solutions to help Oricom deliver the services their customers need.

blog-pageheader-1200x299 Bringing Esports into education: 7 Things to consider

The evolution of Esports is creating new opportunities in the education sector. However, a few things should be considered before creating a program.

Rainbow classroom blog #2 blog header image Education continuity: Create an in-class experience remotely

Rainbow Classroom helps teachers collaborate in-person, remotely, or in a hybrid environment, protects their privacy, and enables professional development.

Read More
Industry Perspectives