With the education sector undergoing significant change as a result of the adoption of technology, there is an urgent need for institutions to match their security transformation to that of their digital transformation priorities.
According to Fortinet, the global education technology market is predicted to grow by 17% annually to $252 billion by this year with student demand for technology innovation and security challenges being the top drivers of this growth.
63% of higher education institutions now look to cloud options first when considering new investments. An example of cloud innovation is Google Classroom that streamlines the process of sharing files between teachers and students. This means that education institutions not only have to look after the security of their own in-house systems on campus, but they have to take into account the cloud environments accessed by students and staff.
Their users, whether they are students, staff or visitors, are accessing external domains and connecting multiple devices using the institution’s network infrastructure. The digital world poses increased risks as institutions have distributed systems and environments that expose them to more cyber threats and security breaches than before.
Education facilities have to balance mitigating the increased threat landscape with the push from users, particularly students, to offer a seamless online experience whether they’re in the classroom, in their dormitory, or accessing services from home. Finding this balance is a challenge that runs throughout all educational structures, from primary school to tertiary education level.
Evolving complexities
Some of the biggest security threats faced by those in the education sector are in the form of ransomware, where hackers lock down information, making it impossible for students and staff to access important documents and files. Phishing is also rife as hackers target students’ emails in order to acquire their username and password, making them vulnerable to criminals wanting to access the campus network.
Email security is critical; up to 90% of all malware-type attacks originate from email as it is such a widely used medium and it is fairly easy to get someone to click on something malicious. Students are constantly sending documents to their teachers, lecturers and professors and they are not necessarily trained to identify that an email has come from a spoof email address that contains a malicious link or attachment.
In addition, cloud security is a big concern. Institutions are moving their internal IT environments to the cloud, which could be a private cloud, but they are also allowing users to access the public cloud. Education facilities now have to navigate a multi-cloud landscape that brings its own security challenges.
Traditional security best practice such as endpoint security is a given with institutions having to take into account that up to 72% of students connect up to two devices to the campus network at the same time.
Combating the threat landscape
Education institutions need to undergo a security transformation to match their digital transformation journey. Without advancing their security posture they will bring too much risk to the organisation and compromise their digital transformation investments.
A crucial first step is visibility and protection beyond their current network and infrastructure. Institutions have to think broader than that which is contained within their walls as their systems now reach out into a cloud-based world, which brings a new dynamic with its own challenges.
Secondly, education providers should consider multiple technologies that integrate and work together to detect several threats coming from different places.
Thirdly, the detection and prevention of these threats must be automated. Institutions are under financial pressure and with scarce IT resources in high-demand, security automation becomes key. It is also critical to have policies and procedures in place to control and provide secure access to users across multiple devices and applications. Again, these policies should be automated.
User education is one of the most overlooked areas when it comes to any organisation’s security environment, even though human error is still one of the biggest contributors to cyber threats. Education facilities can turn to technology to help them with constant user education, which is critical. Technology enables them to run simulations through their environment to educate their users. For example an email can be sent to staff and should someone click on that particular link in the email, instead of infecting that computer, an informative and sometimes humorous video will pop up to explain what the user has done, what they should have looked for and why they should never have clicked on the link.
Education institutions are aware of the security risks they face due to the nature of their environment. To mitigate these risks they need to undergo a security transformation. By partnering with a managed service provider they can rest assured that their security is managed by a skilled team who proactively mitigates threats to their environment, keeps abreast of industry best practice and provides peace of mind. The real opportunity for education providers lies in their ability to reduce their security complexity to enable them to deliver a seamless online experience to their users.
| Tel: | +27 87 805 0000 |
| Email: | [email protected] |
| www: | www.guardianeye.co.za |
| Articles: | More information and articles about Guardian Eye |
© Technews Publishing (Pty) Ltd. | All Rights Reserved.
printer friendly version