Challenge #3: Ransomware
Cryptolocker, Cerber, CryptoWall, Crysis, etc., are all variants of ransomware, a problem that has reached epidemic levels. It is a billion-dollar criminal enterprise with up to 60 percent of US enterprises reporting that they have been attacked. Education supports very large numbers of users that easily fall for “click-bait”. Adolescents are heavy users of social media, which is often a preferred vehicle for ransomware pirates. Most educational institutions have already experienced a ransomware attack. In fact, Gary Halbedel, network administrator, Bethlehem, NY Central School District said “We’ve had two separate ransomware incidents where users informed me that their files were encrypted with a message about paying a ransom. It was trivial and quick for me to restore the data from the backup appliance.”
What the Experts Know – Data backups and the ability to roll the infrastructure back to its state prior to the attack is the only real defense against ransomware. Even the FBI agrees. Look for a solution that will automatically do security scans against your production applications, but use your backup data instead. It can spin up your applications in a specific order, isolate them from production, execute security tests, and automate reports and alerts immediately upon detection of ransomware. Most importantly, restoration of corrupted data sets should take just minutes.
Challenge #4: Older EdTech
As a result of tight budgets, older products and applications are kept functioning well beyond their advertised useful life. Most education institutions have a broad and diverse number of operating systems and applications that need protection. This creates the need for multiple backup and recovery processes with each supporting a limited number of IT assets. Backup and recovery becomes a complex process, as the IT staff must juggle multiple applications and ensure that they can interoperate with no gaps in coverage. Michael Shellito, server administrator, Enid, Oklahoma Public Schools noted. “The district is VMware-centric, with servers that include Windows 2003 to 2012R2, Linux, Red Hat, and SUSE. We have SQL, Oracle and Exchange databases and servers that are each critical to our operations.”
What the Experts Know – Look for a solution that has broad coverage of hundreds of operating systems, hypervisors and applications, providing protection whether virtualized, physical or in the cloud. A single appliance should be able to protect everything in your datacenter, so there are not multiple backup tools with gaps in protection. Also, you should not be charged for agents every time you install a new server or deploy an additional application. If you are spending more than 1 hour per week managing backups you need a new solution.
Challenge #5: Lots of Data
Most educational institutions must manage and protect TBs of data. Since much of it is about minors, data elements such as student information, social security numbers, financial records, and addresses need special protection. There are federally mandated requirements around data retention and privacy outline bylaws such as Family Educational Rights and Privacy Act Regulations (FERPA). Additionally, each state has individual laws that may be relevant such as California’s Student Online Personal Information Protection Act (SOPIPA). Lastly, student health records must comply with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Ross Randall, director of IT, Lamar County Schools, MS said, “Few industries match K12 education’s massive amounts of data and users accessing the data. When access to that data fails, I fail.”
What the Experts Know – Backup appliances must include the ability to encrypt targeted files so that they cannot be accessed illegally. They should support the latest encryption technology, built-in AES 256-bit encryption to protect designated data files both at-rest and/or in-flight. Cloud retention and disaster recovery must also use a HIPAA compliant and vendor specific cloud, so educational institutions understand exactly who has access and management responsibility so they can be held accountable for data security.
Challenge #6: Location
There is one advantage that the education industry has over others; the geographic dispersion of their locations. Most small to medium enterprises conduct business out of a single location, so finding a remote location for storing and securing secondary backups becomes a challenge. Not so for the education industry, as school departments are generally spread across town to serve students in all locations. This makes adding remote data protection easier and cost effective. Randall noted, “I have dual RECOVERY 814S appliances. One sits in the data center as the primary and the other is secured in a school site about 30 miles north. The secondary syncs with the primary to ensure a redundant backup solution.”
What the Experts Know – Schools take advantage of this geographic dispersal to create and manage their own backup and recovery architecture. The secondary location should be able to spin up failed servers and applications in seconds since backup copies of the data are already resident there. You should also be able to manage both locations and multiple backup appliances with a single interface “pane of glass” so there are no coordination issues with multiple command centers.