With the right approach, schools can enhance their security posture while moving into new types of instruction and learning.
Step one: Identify key stakeholders. Develop a strategy that has received buy-in from the Board, the superintendent, and all district and technology department leaders.
Step two: Detect what needs to be secured. Trace technology from endpoints, to desktops, to the cloud to find specific threats.
Step three: Bring-in a trusted partner. Leverage an industry, thought leader, or vendor partner who can run a security assessment on your network.
Step four: Develop a plan. With your key stakeholders, create a model for execution with specific milestones and testing.
Step five: Maintain a healthy network. Continually monitor the performance and stability of the network, including your technology products and policy. At this point it’s also important to establish an internal project-management group.
By following these steps, districts can prepare for inevitable data breaches. However, with advanced technology—including continuous monitoring of networks, encryption, malware detection, and more—it can be confusing to decipher which specific solutions are best.
Right now most school districts use multiple, disparate security products to cover the full scope of their network. While multiple products offer a variety of protection, this approach can create a less effective overall security posture. For example, the Shawnee Mission (KS) School District combined many security products into an integrated set, relying on a holistic solution that secures every aspect of the network at once. Before making this change, Shawnee’s six security products were set-up to create “corners” and “edges,” but were not harmonious. By using a holistic approach to security, every offering Shawnee uses within its network—including coding, artificial intelligence, and machine learning—includes security layers, and any threat can be averted and blocked through the entire district architecture. This means switches have security built-in to analyze network traffic and flow and report anomalies like non-secure access to content. It also means endpoints are secure, which is a critical factor in education, since districts use multiple resources including tablets, computers, phones, Chromebooks, and even the cloud.
The Mobile County (AL) Public School System (MCPSS) was continually blinded by “extortionware” plaguing its 89 schools and 7,500 employees. The district’s security posture had no integration between existing endpoints and other network systems and was not effectively securing the environment. MCPSS decided to move away from its reactive approach to a proactive posture and, in less than two weeks, deployed Cisco Advanced Malware Protection to more than 27,000 of its endpoints. By creating a holistic, cloud-based security network, the district optimized performance and decreased costs.
Both Shawnee and MCPSS now have the ability to learn from their networks. More sophisticated end-to-end networks are able to analyze multiple pathways (or threat vectors) an attacker may take, and then take steps to future-proof these pathways. These types of automatic repairs—a hallmark of what’s becoming more prevalent with machine learning—save districts money by identifying threats the moment they enter the network. They also provide tech teams with “post-mortems” after a threat has occurred, like walking through a magic trick.
The bottom line
While technology is allowing for advances in education, it can put student and faculty privacy, along with important district and state information, at risk. As threats from hackers continue to penetrate networks big and small, schools need to be prepared to handle what comes at them at all times. Solidifying an approach that scales to fit network needs will prevent data breaches, allowing schools to focus on the education of students.