Securing the New Hybrid Education Network
[ad_1]
Even before 2020, connectivity played an important role in college life. However, in recent years, connectivity has changed from being a mere convenience to being a lifeline for students and universities. As these institutions build and scale online remote access for their students, many of which are built from the ground up, IT departments are shifting from intra-campus networks to distributed global networks to accommodate the new normal of education. I was forced to shift my focus to support.
While face-to-face classes are making a welcome comeback, the wealth of online learning resources available in both internal and external networks is an invaluable asset for both teachers and students. On the other hand, online retail, banking, medical services, games, media, etc. are mainstays of student life.
The global network established to support daily education now faces another obstacle as its expanded attack surface attracts an increasing number of cybercriminals. Over the past two years, the NCSC has issued multiple warnings about a rise in ransomware attacks against higher education, with experts calculating the average cost of cyberattacks against the UK education sector at £620,000. Not only do these institutions hold large amounts of his PII, they are often home to highly sensitive research and development data, making them highly valuable targets.
Ongoing Needs of New Universities
The pandemic has sounded alarm bells for university IT departments. Traditional infrastructure and security improvisations and patchwork were no longer enough. A higher education institution needed a thoughtful plan to move to a more resilient on-demand model.
Higher education faces one of the most challenging environments in IT. From the proliferation of unmanaged devices, to abrupt traffic patterns driven by class schedules, to latency-sensitive applications such as online classes, research, video, music, and games, college IT demands are Same as commercial service provider requirements. To meet these requirements, IT departments must have fully developed strategies for ensuring high availability, disaster recovery, multi-cloud security, and load balancing.
While the sector has responded as quickly and safely as possible, and the move to online education has been very successful in mitigating the disruption caused by the pandemic, the rapidly evolving world of cybercrime is making these same It means agencies need to re-evaluate their network security.
Ensuring on-demand education
As university environments benefit from recent off-campus expansion, these institutions need a cybersecurity model that recognizes that threats can come from anywhere. The Zero Trust model addresses these challenges by taking a “trust no one” approach, both inside and outside the network. Under Zero Trust, cybersecurity strategies are redesigned to follow a set of key principles.
- Create network micro-segments and micro-perimeters to limit traffic flow within your network and limit excessive user privileges and access as much as possible.
- Enhance incident detection and response with comprehensive analytics and automation.
- Get comprehensive, centralized visibility into users, devices, data, networks and workflows.
To sustain the growing number of learning platforms and resources accessible online, it is imperative to protect them from HTTP and web application-based security flaws. A web application firewall system uses specific knowledge of HTTP and web application vulnerabilities to filter or block these attacks without exposing the web server or application. It helps protect the environment from many attacks and is a must-have for modern educational institutions.
Automated DDoS protection is another important step in protecting against widespread and easily initiated DDoS attacks. Universities should leverage DDoS threat intelligence combined with real-time threat detection to defend against DDoS attacks regardless of their origin. Methods such as automatic signature extraction and blacklisting of botnet IP addresses and available vulnerable servers create effective proactive defenses.
Integrated security approach
Over the years, most organizations have amassed a number of legacy-based security point solutions that address specific threats. These systems are added over time as new threats emerge and new approaches are offered, creating increasingly complex systems, adding latency to applications, and impacting the overall effectiveness of a company’s cybersecurity strategy. lower the
Universities should look to an integrated approach to integrate cybersecurity functions as much as possible. This allows these capabilities to work together seamlessly for integrated security and compliance.
In conclusion, while the COVID-19 pandemic has accelerated the shift to distance and on-demand learning, the transformation of higher education was already well underway. Finance and registration operations had already moved universities away from on-premises systems, giving students more dynamic options for interacting with facilities whether they were on site or not.
However, with the exponential growth of online resources over the past two years, the evolution of business models is clear. What remains is for the university’s technology his stack to support new directions, maintaining availability no matter where or how students connect, ensuring student and employee security alike. is.
image credit: hxdbzxy / Shutterstock
Anthony Webb is vice president of international affairs at A10 Networks.
[ad_2]
Source link