23-Oct-2018

As BYOD becomes a reality on campus, a multi-layered strategy that secures networks from within is key to protecting data and devices.

It’s a digital explosion of devices and things, and it’s happening all around us. The question is, are you ready for it?

In recent years, the education sector has become not just a target, but rather a lucrative target, for nefarious network activity. Tens of thousands of students, staff and network administrators have been put on high alert, and institutions have been disrupted due to threats as extreme as a murder, or exorbitant demands for ransoms.

The sheer number of devices that flood a campus network on any given day can overwhelm most IT departments. Plugging the holes of vulnerability and devising new methods to protect against attacks from hackers and outsmart criminals is a full-time job.

Man holding phone with cyber-security app for blog

One of the reasons that cyber attackers target schools is that the networks are easy to crack. In fact, school districts often set up wireless systems to make connecting easy for students. Unfortunately, it also makes it easy for those with bad intentions. With free Wi-Fi in school buildings and students glued to their devices, there are thousands of opportunities for hackers to gain access to school networks.

And, if deliberate malicious attacks are not enough to deal with, what about the unwitting student who finds a USB drive left on a desk in the school library and plugs it into a computer unleashing a virus that takes down the school’s network. These are the realities faced by network administrators every single day.

Tackling the security challenge

Where do you even start? Well, it starts with an institution-wide security strategy. Most institutions have adopted the best practice advice of ‘defense in depth’ – meaning that there are multiple security layers which persons of ill intent would have to thwart.  In the era of GDPR, defense in depth has been expanded to mean securing both data and devices. It’s no longer about just setting up a firewall to protect a campus from exterior threats at the network perimeter and between servers. It’s about having a multi-layered strategy that protects the network from within by creating policies and procedures at the user, device and application layers.

IoT containment is one example where you can create virtual and segregated environments. These environments are known as ‘containers’, and exist within a single converged network. With IoT containment, specific connected devices can be isolated and managed using a set of policies. This strategy lets you group together a common set of devices, which only a defined group of users and servers can interface.

One example of this strategy would be in a college campus environment where only authorized security staff could access the IP security cameras. The cameras would be grouped in a ‘container’ and only able to communicate with the application that controls them. Defining a specific set of cameras in the group to only transmit video data would protect them, and prevent them from sending unexpected data, in the event of a compromised camera. Policy management lets IT staff see the complete network, which gives them the power to restrict or limit the privileges of devices and users to prevent deployment of unauthorized devices. You may recall the 2016 DDoS attack on the DNS provider DYN – if the compromised IoT devices had been containerized, the attack would not have happened. As you can imagine, this containment strategy is quickly being adopted to ensure a cybersecure network.

Are you ready?

So what happened when the student plugged that wayward USB into the library computer? Well, it would depend on the network equipment. Some network devices can automatically detect known threats and isolate or quarantine them.  Even if your equipment doesn’t have those features, with defense in depth, eventually your IPS, IDS, NMS or Firewall will detect the anomalous traffic and alert you.

The reality is that students are going to continue to bring their devices and the campus network is going to continue to increase the number of devices and things that need to be managed. The good news is, a solid security strategy that creates policies and procedures at the user, the device and the application layers are ready to take on today’s security challenges.

Learn more about how the education sector is digitally transforming to ensure a secure environment for students, staff, devices and things. Visit: https://www.al-enterprise.com/en/company/news/ale-expands-its-mobile-campus-solution

Tags - Education, IoT, Mobile Communications

Browse Blog Posts
Browse Blog Authors
About the author
Greg Kovich photo for blog author page

Greg Kovich

Global Sales Lead, Education Vertical

Greg Kovich leads global sales for ALE’s Education vertical.  Greg has overseen or created several Education solutions including “The Fundamentals of Communications” – a vendor neutral course on digital network communications; “Safe Campus” – a solution uniting emergency alerts with first responder collaboration and mass notification; “Secure Campus” – a solution that allows instructors to limit student network access to determined sites; and “Pandemic Education Continuity” – a solution that enables classroom instruction in the event the institution is closed due to health or environmental crisis. 

He is a 1992 graduate of Indiana University with over 20 yrs experience in Information Technology.

Latest Blogs
23-Feb-2021
blog-pageheader-1200x299 ITS makes driving a breeze

Smart cities that adopt a plan for connected transportation have the opportunity to create easy to navigate, safe and secure highways.

07-Jan-2021
blog-pageheader-1200x299 Global health crisis takes eSport learning to the next level

Adapting to our new normal means thinking outside the box. eSports provide new opportunities for students to interact, learn, and have some fun along the way.

21-Dec-2020
Keep employees and customers safe with asset tracking Keep employees and customers safe with asset tracking

Hotspot tracking and contact tracing enables businesses to re-open while keeping employees and customers safe.

15-Oct-2020
Colleagues open space working page header banner image Optimize your Wi-Fi to create a hybrid work environment

A hybrid work environment provides the flexibility and security to get your business back to business-as-usual

06-Oct-2020
Education Smart Communities blog header banner -1200x299 Your smart campus is your smart community

Digital transformation enables university campuses to create a smart, safe, secure and successful community for students and faculty.

09-Sep-2020
NTT Pro Cycling page header NTT Pro Cycling leverages ALE Wi-Fi on the team’s cars

Thanks to always-on Wi-Fi capabilities from Alcatel-Lucent Enterprise, NTT Pro Cycling stays connected, regardless of the environment 

Read More
Industry Perspectives