5 Ways Schools Can Upgrade Cyber Security

Wednesday, May 06, 2015

Paul Lipman


You see it in the news headlines every day: data breached, personal records compromised, networks or data held hostage.  Today’s cyber criminals are more aggressive than ever before in their quest to achieve financial gains through hacking.  With that being said, it should come as no surprise that our nation's schools are a prime target for such attacks. 

For example, the Swedesboro-Woolwich School District in Woolwich, New Jersey, was compromised by a ransomware program that held the district's computer network hostage in exchange for 500 Bitcoins. This equates to a little more than $125,000 with today’s transfer rate. While the school did not pay, the event caused considerable problems.

Recently, hackers targeted Miami-Dade County Public Schools and launched “denial of service” attacks which took over their Internet connections as thousands of students took new standardized tests.  The style and timing of the attack was more than coincidental with the important testing taking place.  These tests often determine funding levels and other critical benchmarks.

Dowington Schools had $665,000 transferred from their accounts into overseas accounts. Luckily they were able to recover all funds with the help of the FBI.  It is not uncommon for attackers to target the coffers of school districts. With smaller districts having multi-million dollar budgets and limited security they provide an opportunity for quick profit to cyber criminals.

Schools are also learning that Macs need protection too. A long-standing belief among Apple users was that their systems were less susceptible to infection simply because they are not Windows-based. This is no longer true.  In fact, the “Flashback” virus has infected hundreds of thousands of Mac machines and is the most prevalent malware impacting institutions of higher education.

But the situation can be managed.  Schools have many options available to them on setting up and configuring a security infrastructure.  By following some basic guidelines, when choosing and setting up those options, virtually any school can improve security a great deal.

At iSheriff, we believe that there are five actions that can be taken to move you toward the ideal. These include:

  1. Establish a policy and technology to allow BYOD
  2. Upgrade the web filter
  3. Protect owned devices while off the network
  4. Anti-malware protection does still matter
  5. Integrate and move your security to the cloud

Let’s take a look at each.

Establish a policy and technology to allow BYOD

Many of the most common issues with using the Internet in the classroom or on the school campus is allowing access to students who “bring their own devices” (BYOD) to use and connect to the Internet through school networks.   A recent survey found that 89 percent of high school students have access to Internet-connected smart phones, while 50 percent of students in grades 3 through 5 have access to them.

Many districts have implemented a “guest” network for students that do bring their own devices.  This is a logical and effective way to allow access, while segregating and managing their access.  While authentication often gets lost, allowing these users reasonable and productive access to the Internet through these devices works well for many districts. Their traffic can then be monitored and filtered accordingly and according to policy.

Upgrade the web filter

It’s an understatement to say that the Internet and surfing habits have changed.  It doesn’t take long for yesterday’s devices, websites and tools to become obsolete and to be replaced by new tools.  If you haven’t taken a good look at your web filter in a long time, it may be older than some of the students it protects. In many cases the web filter used at school districts was implemented before more than half of the students under its protection started school.

Internet threats have also changed, and web filters are an integral part of protecting the network.  Many education-focused web filters do a reasonable job of filtering, but lack full security orientation.  Be sure that your web filter has strong security infrastructure behind it.

Once you have the proper controls in place, setting it to protect students while allowing teachers greater access is key.  You should also take advantage of the malware detection capabilities of your filter.  No malware detection from your filter?  Might be time to change your filter!

Protect owned devices while off the network

We’ve all become more mobile and this trend has hit education as well.  Most teachers opt for laptop computers and many bring them home every night.  Others travel with theirs, often connecting to wireless hotspots in airports, hotels and convention centers.  While roaming, many users are no longer protected by the security they have while on their networks. Most of these users don’t change their surfing or usage habits while they are away from the secure network which drastically increases risk.

It’s during these “unsecured” moments that problems are likely to happen.  Moreover, without some level of monitoring and control you’ll have no idea where your devices have been and how they are used off your network.

There are technologies in use today that can extend some of the security and monitoring capabilities to roaming users.  Users covered by these technologies have web filtering and monitoring in place wherever they go.  This helps prevent users from visiting malware sites and, coupled with endpoint malware protection, provides productive and safe Internet use where ever they roam. The problem with some of these technologies is that they require all Internet traffic to come back to the network for security purposes. This can lead to increased latency and frustration on the users part. Newer cloud based filtering and security solutions can provide the same security with a consistent user experience both on and off the network.

Anti-malware protection does still matter

Basic “desktop antivirus” has been around for decades and is still an important part of the security landscape.  These endpoint protection products have evolved, as have the threats they protect against.  These products are easier to use and more effective than ever.

For example, some of the technologies that fed traditional antivirus, such as the use of “honeypots” to attract new viruses for analysis and signature development, are less effective today than in the past.  Be sure to align yourself with a credible vendor, with the capability to identify and stop today’s complex threats.

One of the key upgrades in anti-malware protection has been the move to the cloud.  At one time, AV programs were installed on a server and updates and administration was handled by that server.  This functionality is now much better disseminated from the cloud.  By having your AV control and administration in the cloud you have visibility to all of your endpoints, no matter where they are, and no matter where you are. By moving to the cloud you’ll have no need for the “update servers” you used to maintain.

Integrate and move your security to the cloud

The key architectural change in security implementations over the past decade has been the movement to the cloud.   This movement offers the same large set of benefits that fueled other rapid migrations to the cloud; no capital investment, no updating of the software, servers and operating systems and hassle-free operation of your key security applications.

Cloud security services can combine different threat vectors in a single security solution.  If you have your web and email filters working with your endpoint antimalware solution you are well on your way to a secure network.

As the network moves closer and closer to becoming a borderless entity, cloud based security solutions offer you the ability provide security solutions that work wherever your users choose to work or learn. Unlike traditional on-premise solutions, your security systems are always up to date with the latest versions. There is no longer a need to buy new servers or implement new firmware updates; that is all handled by the cloud provider. This ensures that your security solution is never older than the students it protects.

Wrapping up

Effectively protecting a network from the myriad of cyber threats is a result of doing a number of things well and continuously looking for more areas to improve.  Each of these proven tactics can help your network become more secure and often easier to maintain.

Is there anything I’ve missed? Please share a few of your top tips in the comments section below.

Cloud Security General HIPAA PCI DSS Infosec Island Firewalls IDS/IDP Network Access Control Network->General SCADA Budgets Enterprise Security Policy Security Awareness Security Training General Impersonation Phishing Phreaking Breaches CVE DB Vulns US-CERT Privacy Vulnerabilities Webappsec->General General PDAs/Smart Phones
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.