By Anthony Webb, VP International at A10 Networks
Even before 2020, connectivity played an important role in university life. In recent years, however, connectivity shifted from a mere convenience to a lifeline for students and universities. As these institutions built and expanded online remote access for their students, many from scratch, their IT departments were forced to shift their focus from on-campus networking to supporting a distributed global network to meet the new normal of education.
Although in-person teaching has now seen a welcome return, the wealth of online learning resources available, both on internal and external networks, are an invaluable asset to both teachers and students. Meanwhile, online retail, banking, health services, gaming, media, and more are mainstays of student life.
Now, the global networks established to support day-to-day teaching have encountered another obstacle, as the expanded attack surface attracts growing cybercrime. Over the last two years, the NCSC has released multiple warnings about the rise of ransomware attacks on higher education, with experts calculating that the average cost of a cyber attack on the UK educational sector is £620,000. Not only do these institutions hold large amounts of PII, but they are frequently home to sensitive research and development data, making them highly valuable targets.
The Continued Needs of the New University
The pandemic was a wakeup call for IT departments in universities: improvisation and a patchwork of legacy infrastructure and security could no longer suffice. Higher education institutions needed a considered plan for moving to a more resilient, on-demand model.
Higher education faces one of the most challenging environments in IT. From proliferating unmanaged devices to spiky traffic patterns driven by class schedules, to highly latency-sensitive applications such as online classes, research, video, music, and gaming, the demands on university IT echo those of a commercial service provider, rather than an enterprise. In meeting these requirements, IT must have a fully developed strategy to ensure high availability, disaster recovery, multi-cloud security, and load balancing.
While the sector reacted as quickly and securely as possible and the shift to online education was a great success in mitigating the disruption caused by the pandemic, the rapidly evolving world of cybercrime means that these same institutions must now reassess their network security.
Securing on-demand education
As the university environment benefits from its recent expansion beyond the campus, these institutions need a cyber security model that recognises that a threat can come from anywhere. The Zero Trust model responds to these challenges by adopting the approach of “trust nobody”—inside or outside the network. Under Zero Trust, cybersecurity strategies are redesigned to follow a set of key principles:
- Creating network micro-segments and micro-perimeters to restrict traffic flow within the network and limit excessive user privileges and access as much as possible.
- Strengthening incident detection and response using comprehensive analytics and automation.
- Providing comprehensive and centralised visibility into users, devices, data, the network, and workflows.
To preserve the growing number of learning platforms and resources accessible online, it is essential to secure them against HTTP and web application-based security flaws. Web application firewall systems use specific knowledge of HTTP and web-application vulnerabilities to filter or block these attacks without ever exposing the web servers or applications. This helps protect the environment against a host of attacks and is a must-have for modern educational institutions.
Automated DDoS protection is another critical step in protecting against widespread and easily launched DDoS attacks. Universities should leverage DDoS threat intelligence, combined with real-time threat detection, to defend against DDoS attacks no matter where they originate. Methods such as automated signature extraction and black-listing botnets’ IP addresses and available vulnerable servers create effective, proactive defences.
Integrated Security Approach
Over the years, most organisations have amassed a number of legacy-based security point solutions, which address specific threats. These systems – added incrementally as new threats emerge and new approaches are provided – create an increasingly complex system, adding latency into applications and reducing the overall effectiveness of the business’ cyber security strategy.
Universities should look towards an integrated approach that consolidates cyber security functions as much as possible, in turn allowing these functions to work together seamlessly for unified security and enabling compliance.
In conclusion, while the shift to remote and on-demand learning accelerated by the COVID-19 pandemic, the transformation of higher education had already been well underway. Finance and enrolment operations were already driving universities away from on-premises systems, offering more dynamic options for students to interact with the establishment, regardless of whether they were on-site or not.
But with the exponential growth of online resources in the last two years, the evolution in business models is now clear. What remains is to ensure that universities’ technology stack can support the new direction, maintain availability wherever and however students connect, and ensure the security of its students and employees alike.