Blog Post

Special Concerns for IT and Cybersecurity in Education

Published

Nov 18, 2020

Written by

John Headley

Filed under

Cybersecurity, Education

Even before the pandemic and the dramatic shift in both how students are learning and teachers are teaching, educational institutions have always had unique challenges when it comes to IT and cybersecurity. Not only does an educational institution have to secure a multitude of devices with different permission requirements, but it also has to ensure those devices always have reliable and high-speed access to required school resources.

The shift to work/learn from home has only compounded the challenges for the IT staff, as now these requirements for secure, high speed connectivity have extended to the homes of the students and faculty. This effectively places the majority of users outside of the secure perimeter that the IT staff has worked so hard to build on-prem.

Unsurprisingly with all these challenges, IT staff have a hard time securing the organization against every possible attack vector, and the education sector continues to be a top target for attacks. In a blog post from September 2020, “researchers at Check Point found that in the last 3 months, there was a surge in hacker interest in topics related to education, research and going back to school.” In addition, Microsoft reports Education as the most affected industry for enterprise malware encounters in the last 30 days.

In this blog post, we cover a few special concerns for IT and cybersecurity in education in detail with the recommendation that IT decision makers and their staff perform a self-assessment of their own organization in these areas.

Ransomware

According to Verizon’s 2020 Data Breach Incident Report, “Ransomware is really taking hold of Education vertical incidents, and has been responsible for 80% of the Malware-related incidents, up from 48% last year.” Edscoop also wrote a recent article in which they listed 9 high profile ransomware attacks in the education sector this year – quite an eye-opening read.

As we discussed in a previous blog post titled How to Prevent Ransomware – A Technical Checklist, a defense in depth approach must be used to protect an organization against ransomware. Note that this is only a technical checklist and it is not exhaustive. Our recommendation here is to go through the checklist, but also to consider having a security assessment performed on your organization against a trusted set of security controls, like NIST 800-53, CIS 7.1, or the ISO 27000-series, as these assess both technical controls as well as administrative controls, such as ensuring you have the correct IT and cybersecurity processes and procedures in place.

Granular Visibility & Control

Granular visibility and control is a cornerstone security capability for all verticals, but the education sector has always had one of the most challenging environments to pull this off properly in because of the wide variety of users. Faculty vs staff vs students, and all at different grade levels that have different access requirements, can leave IT staff pulling their hair out.

Luckily, there are solutions out there that simplify providing granular visibility and control even in these challenging environments. We recommend vetting your security posture for implementation of these concepts below, and if you don’t have them all in place, or you aren’t sure if you do, then please reach out to us and we’d be glad to discuss your environment in more detail.

Network Access Control

Granular Policy Enforcement

Visibility

High-Speed, Centralized Security & Network Access

Even more true in today’s unique learning environment is that education requires high speed network access, and security should not be a bottleneck. The latest generation of network hardware supports unprecedented throughput. On the LAN access side, WiFi 6 APs (802.11ax) have been released along with new “multigigabit” switches to support them, which sport 2.5/5/10 Gbps Ethernet connections.

LAN core switches now come standard with 10/25/40/100 Gbps ports, and firewalls with the same port density and speed are replacing legacy core switches in some environments. Even without venturing into chassis-based firewalls, single boxes can reach numbers of 1.2Tbps of firewall throughput and 240 million concurrent sessions, facilitating internal network segmentation and the same granular visibility and control for both north-south and east-west traffic. This is especially important for large educational institutions like school districts with a centralized firewall topology.

In addition to secure devices that support the ever-growing demand for bandwidth, management of the switches, APs, firewalls, and other infrastructure to support this goal should be painless. IT staff have a lot on their plate and the management complexity of devices can lead to a lack of standardization, misconfiguration, and ultimately a data breach.

We recommend evaluating if your current network and security infrastructure is performing up to the mark for the new demands placed upon the organization this year. Your IT staff may be spending valuable time in managing disparate and isolated infrastructure. Cost-effective solutions are available that centralize management of switches, APs, and even firewalls into one on-prem or cloud dashboard, providing a single pane of glass visibility and control into your IT infrastructure.

VPLS, a Trusted Partner in Education

VPLS has a proven track record of success within the education vertical, such as our data center migration to the VPLS Cloud for El Segundo Unified School District. Whether you want to dive deeper into the special concerns we discussed above, or you have other IT or cybersecurity items on your 2021 agenda, please don’t hesitate to reach out to us and we’d be happy to provide a free consultation.