IT Security for the Education Sector

Arguably, no other sector tests its IT infrastructure more in terms of security and performance...

The education sector is a top target for cyber crime, especially because of the sensitive and important data they store and process. Managing a modern-day IT network for a school, college or university would test even the most seasoned IT professional.

The state of cyber-security in education is unsteady. A recent 'ethical hacking' study of over 50 UK universities found that 100% were successfully breached, some within just 1 hour!

Schools and universities must take steps to evaluate and update their IT networks in order to maintain compliance and protect their staff and students.

Thankfully, SysGroup's partnership with WatchGuard makes it possible for educational institutions to fit exceptional cyber-security into their tight budgets with ease.

Here are the top cyber-security challenges for the education sector, along with IT security solutions to match:

1) Maintaining Compliance & Accreditation 

Statutory guidance like the government's KCSiE (Keeping Children Safe in Education) guidelines are designed to safeguard impressionable children under the age of 18. Core to the KCSiE regulation is the requirement for schools and colleges to do all they reasonably can to limit a child’s exposure to risks from the school or college’s IT system.

Solution: 

• Complete a network security assessment to identify gaps in your network
• Block access to inappropriate material and websites with content filtering tools. We use WatchGuard and Mimecraft filtering tools to block access to illegal content included in the IWF CAIC list, all helping to keep your IT systems, data and emails secure.
• Employ visibility tools that track and expose threats and identify user behaviour. The architecture of WatchGuard solutions allows for granular policies to be designed and implemented.

2) Securing BYOD (Bring Your Own Device)

Schools and colleges that implement BYOD programs enjoy major cost savings, not least of which is negating the need to purchase hundreds of laptops and the various maintenance and services that come with them.

But there are many security and privacy concerns with students having uninterrupted access to their devices – after all, BYOD has coined a copycat term: Bring Your Own Risk. Personal devices are much more prone to malware and access sites that don’t necessarily provide the same level of security.

Solution:

• Implement secure Wi-Fi. WatchGuard Cloud-Managed Access Points have been architected from the ground-up to focus on ease of deployment and administration, simplifying even the most complex aspects of Wi-Fi management and making fast, secure, and intelligent Wi-Fi accessible to schools and colleges large and small.
• Establish acceptable use policies. The greatest concern for many parents and educators is the possibility that students will view inappropriate material. A stringent acceptable usage policy will help students and staff alike remember that Internet access is a resource privilege.

3) Funding for Cyber-Security

Today, schools and colleges can’t afford NOT to invest in network security. As budgets remain tight, information security provisions are often limited, making schools an easy target. Cyber criminals are well aware that network defences in education are often poor and ransoms are more likely to be paid; after all – schools cannot function without access to their data.

The implications of such attacks can be considerable, resulting in major financial losses, stolen data, hardware rendered useless, failed compliancy and collapsing Ofsted ratings.

Solution: 

• WatchGuard’s SchoolMate programme offers a generous 10% discount to all qualifying government, education, and non-profit institutions purchasing WatchGuard products to secure their networks.

4) Keeping Pace With Evolving Resources 

New educational technology is emerging every day, enabling more effective teaching methods and engaged students. In particular, the last few years have seen significant strides in STEM learning – from the Cyber Security Challenge UK to the launch of new advanced courses and online resources like Minecraft: Education Edition.

Though certainly exciting and helping to engage today’s generation of pupils, educational technology’s ever-expanding reach introduces significant challenges, not least around network overload and user management.

Solution: 

• In addition to being a security-driven best practice, network segmentation is very important in maintaining your network's efficiency. Segmentation divides your school's network into smaller networks, or 'clusters', which helps them perform faster and more efficiency.
• Application filtering tools restrict what pupils can see online and when they can
  see it. WatchGuard Application Control tightens security across your network and adds productivity safeguards, enabling administrators to monitor and control access to the Internet at the click of a button.

5) Malware Attacks Over Encrypted Traffic 

More and more of the traffic on the Internet is being encrypted. In fact, it’s expected that at some point soon 100% of traffic will be encrypted. If you are not inspecting SSL traffic, you have a serious security gap just waiting to be attacked.

It’s a balancing act. For colleges and universities in particular there are legitimate privacy concerns when it comes to inspecting and decrypting the secure traffic of students. You want to have visibility into the traffic to ensure that they aren’t inviting hackers into your network, but you have limitations on your ability to scan them.

Solution:

• Blocking access to malicious sites is a sure-fire way to prevent users from becoming victims of malware attacks. WatchGuard DNSWatch blocks access to malicious sites and even redirects users to a safe site for refresher phishing education.
• WatchGuard leverages URL categories for HTTPS content inspection. This allows it to be very specific on what categories of websites are inspected and what are not.