As more districts and universities re-open for in-person classes again, it’s hard not to reflect on the turmoil of the last year. At the blink of an eye students were sent home to learn, leaving IT departments scrambling to find secure distance learning solutions, often with no additional budget or staff. Compounding the challenge was ensuring students had access to devices and home internet.
The transition to online learning was anything but smooth sailing. Not only did educators deal with the challenges of transitioning to online learning and closing the digital divide, 2020 proved to be a record year for cyberattacks against K-12 schools, jumping 18% over the previous year. Schools faced a barrage of common attacks such data breaches, leaks, ransomware attacks, and phishing attacks, as well as an alarming new threat in the form of invasions of online classrooms.
The attacks took advantage of several factors including the quick switch to online learning, new devices given hastily to students and teachers, and the reliance on home networks. In addition to those factors, many organizations run on legacy systems that can’t protect them from evolving threats. And, while schools often don’t feel they have anything valuable for cyber criminals, they do hold staff and student information, alumni databases, supplier details, research data, etc., all assets that malicious actors find valuable.
Now, as students return to the classroom, they are finding not everything has returned to “normal.” While some districts and schools have returned to full-time in-person learning, many still are operating under the shadow of Covid-19 and following local safety measures. Small-group instruction, masks, spacing of desks and social distancing floor markings are common as is hybrid learning; where students split their time learning at school and home to reduce class sizes.
Not only are students and staff starting to return to school, but they are also bringing technology they used during online learning as well as other personal devices. This poses a challenge to IT departments as these devices could unknowingly contain malware and bring it back to the school’s network. This is compounded by the addition of more cloud applications that were deployed during remote learning periods that could provide an entry point to hackers.
What can school network administrators do to protect their networks from malicious actors? Now is the time not only to bring students back safely, but to prepare for the next school year. The priority should be on conducting a risk assessment to identify potential security issues and on updating their cybersecurity policies according to the findings. This should include scenarios for now and in anticipation of the new school year in the fall.
Network administrators and technology leaders need to implement a more robust solution that provides schools with more network visibility and security than previous systems. Using a combination of a next-generation firewall and SD-WAN with a cloud based management system will provide seamless management, control, and visibility across the network landscape.
By employing a next-generation firewall with advanced web filtering, policy management, and enhanced malware detection, schools and districts will have more network visibility and security than before. Schools should also include SD-WAN in their security portfolio, which securely connects campus locations and optimizes available connections to keep students, teachers and administrators connected.
With students bringing devices back to campus, schools will also need to manage endpoints; laptops, tablets, mobile devices, or other IoT devices connected to the school’s network. Endpoint security prevents the devices connected to the network from becoming entry points for cybercriminals as students, teachers and staff go about their work. The endpoint security solution will ensure malicious files can’t get onto students’ devices and then onto the school network.
To further protect students, schools can adopt zero trust policies based on the key principle that instead of first making services available and then locking down access to those services, no access is granted at all unless it is specifically and deliberately given. This principal is applied to users and devices.
In addition to ensuring policies and technologies are up to date, it is important for schools to educate teachers, administrators and parents about cybersecurity and the risks associated with hackers. This should include instruction on what to look for (i.e. how to recognize phishing emails) as well as how to report a suspected incident.
As students return to the classroom, and schools start preparations for the fall, figuring out where we were before the pandemic as well as meeting the new challenges to network security can seem daunting. By assessing your risks and implementing state-of-the-art technology, you can keep students, staff and data safe and protected.
To help you in journey, we have the following resources available:
- Returning to the Classroom
- Untangle for Education
- Incident Response Planning
- Network Maintenance and Security
- Managing IoT in Higher Education
- Q&A with Heather Paunet About Untangle and Education
- 5 Ways to Strengthen Your Password
The post Is Your Network Security Ready to Get Students Back to the Classroom? first appeared on Untangle.
*** This is a Security Bloggers Network syndicated blog from Untangle authored by [email protected]. Read the original post at: https://www.untangle.com/inside-untangle/is-your-network-security-ready-to-get-students-back-to-the-classroom/