Long gone are the good ol’ days of IT security—the days when you were a savvy individual as long as you weren’t using “password” as your password. The world is just a tad more complicated now, and unfortunately the nature of cybersecurity threats has evolved just as quickly as the technology itself. Obviously, cybersecurity awareness continues to be critical, but organizations have a growing responsibility to utilize the tools and innovative approaches available to them to create the most secure IT environment.
Here in the United States, it’s that time of year when millions of students are starting anew, or returning back to their colleges and universities to begin another academic year. Sustaining this massive influx of user activity means having your IT infrastructure as dialed-in as possible by the time the end of summer rolls around. This makes August an especially stressful time in this industry.
The lingering and permanent effects of a global pandemic have not done education-based IT professionals any favors either. Fully-remote and hybrid learning models that colleges and universities were pushed to in order to survive the pandemic have culminated in a higher volume of network vulnerabilities than ever before. Resultantly, higher-education institutions have become some of the most prevalently targeted organizations by cyber attacks in recent years. Attackers seek financial gain, intellectual property, and personal information.
This Dashlane Blog touches on several such horror stories from just the last couple years. We’re talking catastrophic effects like a college that has been around since the 19th century being shut down completely—due in large part to an unrecoverable ransomware attack. Another university ended up being forced to do exactly what the FBI advocates against, and pay $1.14 million to appease its attackers in order to recover critical academic data.
What are the most common types of cyber attacks on the education industry?
- Hacker pretends to be a reputable organization (e.g. College or university)
- Users are asked through an email or other source to verify their personal details/login credentials
- Victims may be linked to a fake (but undistinguishable from the real page) landing page to dupe them into entering sensitive information
- Often gain access to system through initial phishing campaign
- Brute force bot-driven attacks can be leveraged as well to guess credentials
- Hackers take control of internal systems and applications to make them inoperable
- Demand ransom payments in return for control back of your IT environment/data
What are some tools and best-practices that organizations can leverage to lower the risk of a security breach?
It goes without saying, cybersecurity awareness education is critical when dealing with a user-base of college-aged young adults (and anyone else), but there are some additional tools and best practices that IT teams can utilize to help set users up for success and cultivate a safety-conscious cyber culture.
Mandated Password Changes – Proactively prompt network users for mandatory password updates quarterly, or at whatever cadence your organization sees fit. Any effort to reduce the stagnation of login credentials can contribute to security.
Keep Software Up-to-Date – It’s important to not only download software only from trusted sources, but also to keep it up-to-date. This doesn’t just include antivirus software either. Operating system and browser updates can make UI changes and bug fixes, but they also positively benefit your device from a security standpoint.
Back Up Data – Regular data backups can help immensely with the recovery process if your system does get compromised by an attack, because oftentimes the best recovery solution ends up being an environment-wide shut down/uninstall.
Centralized Password Manager – There are many password manager applications available that keep track of all your personal logins and allow you to autofill into trusted websites. Letting apps like this do the memorization work for you means you can max out the character count and complexity of your passwords for optimal security. One example of an implementation in an education environment is the University of California, Berkeley offering a free LastPass Premium account to all faculty, staff, and students.
2-factor Authentication (2FA) – 2-factor authentication involves needing both your login credentials, and perhaps a device or additional set of login credentials that belong to you to gain access to an account. For example, applications like Duo can enable an authentication method in which users must enter account login credentials, as well as a unique, constantly-changing pin number sent to their cell phone in real time.
Domain Name Monitoring – A successful email phishing campaign often relies on a legitimate sounding URL to fool security-conscious users into believing a landing page is genuine. Tools like PhishLabs allow organizations to be alerted about new domain registrations that could potentially pose a security threat to their team or customers.
What is the best thing you can do to bolster cyber security in 2022?
As we’ve attested to, there are plenty of educational resources surrounding the topic of cybersecurity, and a constantly growing array of useful tools too. However, in 2022 there is nothing more valuable you can do than making the commitment to a Zero Trust approach to IT security. This means, “Eliminating implicit trust and continuously validating every stage of a digital interaction,” as Palo Alto Networks eloquently puts it. You create an IT environment that doesn’t trust any user whether they are inside or outside the network.
This is a broad departure from the methodology of more traditional solutions that don’t have any measures in place to prevent the lateral spread of an attack once it gains initial network access. For example, generally thought of as a secure solution, virtual private networks (VPN) possess vulnerabilities that are simply not compatible with the hybrid and multi-cloud direction of the world. VPNs are a single access point with a massive lateral attack surface—unlocking the full swath of a network for attackers who need only make it through the door. A true Zero Trust architecture can only be enabled by utilizing newer technologies like software defined perimeter (SDP) and secure tunneling.
But what about our lacking IT security budget?
It’s true, any large-scale technology adoption such as software defined perimeter is going to have an associated price tag. I would unequivocally wager it’s a much more sustainable investment than ransoms though. The benefits are far-reaching and can appeal to all levels of the IT decision-making hierarchy. Benefits include:
- Isolated network access at the application level that eliminates lateral attack surface
- No need for expensive, maintenance-intensive physical networking appliances
- No ACLs or firewall configuration headaches
- Overall reduction in lifecycle management man-hours and physical overhead
- For cloud deployments, removal of costly hourly VPN connection fees
Once your organization makes the commitment to SDP and weathers the initial expense, it is a truly silver bullet-esque path to greater security, simpler management, lower costs, and reduced physical overhead. In 2022, it’s worth being proactive, not reactive to cyber attacks.
DH2i’s Take on Software Defined Perimeter
DH2i’s DxOdyssey software provides all benefits of SDP with the added distinction of:
- > Direct micro-tunnels, meaning no intermediate brokers and superior performance
- > Easily making tunnels redundant and highly available with automatic failover
- > Remote-user access to tunnels that leads the industry in simplicity
Want to learn more? Get signed up for a DxOdyssey demo and we’ll give you a tour of the product.