Educational Entities Can Do Some Learning About IT Infrastructure
By Jay Akin, CEO, Mushroom Networks, Inc.
K-12 and higher education entities require different perspectives on their IT strategy compared to IT strategies for corporate campuses. However, there are common themes and major technology trends that create similar IT challenges for both.
The proliferation of personal internet connected devices (primarily in the form of cell phones and other gadgets) and new web applications have caused various tectonic shifts that require similar fundamental changes in the security posture and campus connectivity strategies.
Corporations have tried to resist the use of personal connected devices within the office network environments and have tried to block the use of other unauthorized web applications even when used to serve some business need. This was an unfruitful strategy and the hidden shadow IT, as it is sometimes called, won this grassroots driven trend. For example, employees started using the freely available file sharing apps (such as Dropbox, Google Drive, etc.) when their corporate offered alternative lacked in features and ease-of-use.
Similarly, employees continued to use their personal cell phones for business use cases when it was more convenient. Corporate IT had no choice but to embrace the fact that their employees would bring their own devices and in some cases adopt their preferred applications to solve their specific needs. This set of challenges also goes the other way with corporate provided connected devices finding their uses in personal use cases such as corporate provided laptops being used at homes.
The solution for corporations is to modify their security posture and rethink their connectivity architectures to be able to support the new reality. These changing trends have meant a shift towards a no-trust security posture versus solely relying on a on premise-based firewalling approach. It also meant starting to adopt software defined network architectures, namely, SD-WAN (Software Defined Wide Area Networking), for managing and controlling bandwidth in their campuses.
Educational entities are in a similar situation when it comes to the proliferation of connected devices and the use of student-driven applications that can stress the wide area network bandwidth if not properly planned for. Therefore, it makes sense to look at some of the corporate solutions to these very same challenges to figure out how to handle the changing security environment and the increased pressures on bandwidth requirements.
Educational entities and campuses should also modify their security posture to have a zero-trust model whereby it is understood that solely protecting the perimeter of the network, although certainly required, is not enough for a completely secure network design. Unauthorized and uncontrolled devices (such as personal cell phones) will be present with all of their malware that may have collected over time and can create a threat from the inside of the network. Short of keeping these devices off of the network (which we know is not a practical solution) the next best option is to carve out and segregate the bandwidth available for such devices out of the network that the institution uses. By definition, all the sensitive data and resources will therefore be isolated and protected from any potential malware that may be on the personal devices.
This approach, which can be achieved with modern cognitive networking solutions in a highly cost-effective manner, will also provide the much-needed control of WAN bandwidth usage for both networks.
Once a software-defined approach is adopted, IT teams can take advantage of various other features that these modern technologies offer depending on the needs of their networks. For example, multi-WAN aggregation for additional capacity, adding premises-based or cloud-delivered UTM (unified threat management) security solutions and various others are some of the features that can be leveraged.
Even though at a high level corporate networks and networks of educational institutions are highly different with respect to their role, the important commonalities in the challenges both environments face allows both IT teams to learn and adopt solutions that the other has tried and tested.