Question: What are some tips and guidance for educational entities to ensure the safety and security of their IT data. What steps can and must IT leaders in schools, colleges and universities take to protect their back end data and information, and what should they be most aware about the current threat landscape?
Dr. Jay Akin, Mushroom Networks
Educational institutions are especially have unique challenges because of the large variety of different end-points that are brought into their environments. It is critical that the IT data is segregated from the networks that can be accessed by these un-managed end-point devices (such as personal mobile phones/laptops etc.). Once the IT data is isolated from the internal unintentional harm, the infrastructure security posture needs to be hardened by modern and thorough unified threat management (UTM) system.
The key tip is to keep these UTM systems up to date and current to avoid new threats. For easier consumption of UTM services, a cloud delivered UTM can be leveraged either instead of or in conjunction with on-premise based UTM solutions. In either case, considering a managed UTM solution should be considered as this will provide the security that the organization needs without significant IT effort, but rather receiving the benefits as a managed service.
Dr. Mike Lloyd, CTO, RedSeal
Schools are especially prone to ransomware attacks, due to the combination of weak security protocols, out of date computer equipment, and a lack of skilled staff. Digital infections can spread among school computers much the same as biological germs spread among students. Security is unfortunately quite a lot like a treadmill – it never stops. You can never arrive at a state of solid protection, because what was good enough yesterday won’t be good enough tomorrow. New vulnerabilities are continually being found. The need to invest in basic online hygiene is constant.
The best security leaders have given up on implementing perfect protection, focusing instead on Digital Resilience. It’s not possible to stop every attack, but it is possible to plan ahead for how you will withstand and recover from attacks. This requires detailed knowledge, ahead of the attack, about your whole network, so that you know how to recover when any part is damaged.
Schools plan for many different kinds of disruptions – extreme weather, earthquakes, etc. What all schools have in common is they are online, and this means planning for an online disruption is mandatory. A good way to start is by mapping out the school’s network of resources, to understand what depends on what.
Sivan Tehila, director of solution architecture, Perimeter 81
Cyberattacks are becoming more and more frequent and sophisticated. While at the same time, many organizations are adopting cloud-based infrastructures. This is why cloud accounts are being targeted more than ever. The easiest way to hack into your cloud environment is by exploiting the cloud account credentials. As well, there are many different types of threats for cloud environments, such as cryptojacking, insecure APIs (application programming interfaces) and more.
However, insufficient Identity accesses are the best vulnerability for an attacker to exploit. This is why we will probably see a high demand for identity providers and single sign-on capabilities and especially Zero Trust remote access solutions.