10/23/2018

As BYOD becomes a reality on campus, a multi-layered strategy that secures networks from within is key to protecting data and devices.

It’s a digital explosion of devices and things, and it’s happening all around us. The question is, are you ready for it?

In recent years, the education sector has become not just a target, but rather a lucrative target, for nefarious network activity. Tens of thousands of students, staff and network administrators have been put on high alert, and institutions have been disrupted due to threats as extreme as a murder, or exorbitant demands for ransoms.

The sheer number of devices that flood a campus network on any given day can overwhelm most IT departments. Plugging the holes of vulnerability and devising new methods to protect against attacks from hackers and outsmart criminals is a full-time job.

Man holding phone with cyber-security app for blog

One of the reasons that cyber attackers target schools is that the networks are easy to crack. In fact, school districts often set up wireless systems to make connecting easy for students. Unfortunately, it also makes it easy for those with bad intentions. With free Wi-Fi in school buildings and students glued to their devices, there are thousands of opportunities for hackers to gain access to school networks.

And, if deliberate malicious attacks are not enough to deal with, what about the unwitting student who finds a USB drive left on a desk in the school library and plugs it into a computer unleashing a virus that takes down the school’s network. These are the realities faced by network administrators every single day.

Tackling the security challenge

Where do you even start? Well, it starts with an institution-wide security strategy. Most institutions have adopted the best practice advice of ‘defense in depth’ – meaning that there are multiple security layers which persons of ill intent would have to thwart.  In the era of GDPR, defense in depth has been expanded to mean securing both data and devices. It’s no longer about just setting up a firewall to protect a campus from exterior threats at the network perimeter and between servers. It’s about having a multi-layered strategy that protects the network from within by creating policies and procedures at the user, device and application layers.

IoT containment is one example where you can create virtual and segregated environments. These environments are known as ‘containers’, and exist within a single converged network. With IoT containment, specific connected devices can be isolated and managed using a set of policies. This strategy lets you group together a common set of devices, which only a defined group of users and servers can interface.

One example of this strategy would be in a college campus environment where only authorized security staff could access the IP security cameras. The cameras would be grouped in a ‘container’ and only able to communicate with the application that controls them. Defining a specific set of cameras in the group to only transmit video data would protect them, and prevent them from sending unexpected data, in the event of a compromised camera. Policy management lets IT staff see the complete network, which gives them the power to restrict or limit the privileges of devices and users to prevent deployment of unauthorized devices. You may recall the 2016 DDoS attack on the DNS provider DYN – if the compromised IoT devices had been containerized, the attack would not have happened. As you can imagine, this containment strategy is quickly being adopted to ensure a cybersecure network.

Are you ready?

So what happened when the student plugged that wayward USB into the library computer? Well, it would depend on the network equipment. Some network devices can automatically detect known threats and isolate or quarantine them.  Even if your equipment doesn’t have those features, with defense in depth, eventually your IPS, IDS, NMS or Firewall will detect the anomalous traffic and alert you.

The reality is that students are going to continue to bring their devices and the campus network is going to continue to increase the number of devices and things that need to be managed. The good news is, a solid security strategy that creates policies and procedures at the user, the device and the application layers are ready to take on today’s security challenges.

Learn more about how the education sector is digitally transforming to ensure a secure environment for students, staff, devices and things. Visit: https://www.al-enterprise.com/en/company/news/ale-expands-its-mobile-campus-solution

Browse Blog Posts
Browse Blog Authors
About the author
Greg Kovich photo for blog author page

Greg Kovich

Global Sales Lead, Education Vertical

Greg Kovich leads global sales for ALE’s Education vertical.  Greg has overseen or created several Education solutions including “The Fundamentals of Communications” – a vendor neutral course on digital network communications; “Safe Campus” – a solution uniting emergency alerts with first responder collaboration and mass notification; “Secure Campus” – a solution that allows instructors to limit student network access to determined sites; and “Pandemic Education Continuity” – a solution that enables classroom instruction in the event the institution is closed due to health or environmental crisis. 

He is a 1992 graduate of Indiana University with over 20 yrs experience in Information Technology.

Latest Posts
10/11/2019
SCS blog 5 blog header image Analytics email to my father

Schools can use analytics to drive student success and retention

10/10/2019
SCS blog 3 blog header image Making the connection: Decoding the trends and challenges of Wi-Fi on campus

Robust, reliable Wi-Fi across your campus is needed to provide a new world of personalized learning

10/10/2019
SCS blog 1 blog header image CPaaS- The heart of digital transformation

Schools can use cloud-based communications to deliver true personalized digital engagement with students and faculty.

9/30/2019
Blog 1200x299 Tour de France

Alcatel-Lucent Enterprise customers and prospects attended stage 4 and 5 of Tour de France to discover the backstage of this amazing race

9/25/2019
Blog 1200x299 IT Vanguard wins with automation

Did you know AI and IT Automation can lead to customer happiness?

Read More
Industry Perspectives