Colleges and Universities are prime targets for hackers and cybercriminals because these institutions offer a target-rich environment that contains everything from financial, medical and personal data profiles, to government and commercial research. This information is a valuable resale commodity on the dark web. In fact, in February of this year, the University of Central Florida announced that it discovered unauthorized access into its network, and that 63,000 social security numbers were compromised. [i]
Why are Colleges and Universities at Higher Risk
Colleges and Universities are appealing to hackers. Complete medical profiles, social security numbers, credit card information and much more are all part of the information packages students complete when they enroll or register for classes. These institutions offer hackers:
A large transient population. There is a high volume of new personal, medical and financial data on hand.
Fresh data and profiles. Institutions register students and update large quantities of data each semester. Hackers can steal large quantities of up-to-date data in a single attack.
Plenty of time to do damage. Students don’t normally check their credit reports (or even need to) until after graduation, giving hackers ample time to operate undiscovered.
Numerous network and data access points. With numerous departments (health services, financial aid, registrar, student services, etc.) that require access to personal profile information, as well as the large numbers of guests, contractors, students and staff that access the network and systems, it is challenging to balance service and security. In addition to diverse departments, many institutions also have satellite locations. The amount of access points or the attack surface that hackers can target is staggering.
High volume of network users. Students spend a vast majority of their time online. There is a phenomenal amount of network traffic and WiFi usage that makes it easier for hackers to hide in busy, high traffic networks.
Disparate silos of information and security. Many campuses use different software and security according to the preference and guidelines set by the department. Diverse systems are time-consuming and challenging to manage, which can lead to delays in applying security patches, inadequate network oversight, slow triage of security events, difficulty finding contextual information and much more.
Add together the complexity and distributed ownership of network in these institutions, with the sensitive nature of information available, and it becomes clear why institutions are a prime target for cyberattacks.
Providing a secure network environment with such a high number of access points and an extremely busy network is a huge challenge. With thousands of security alerts per day, overwhelming network traffic, and scarce IT resources, colleges and universities can reap significant benefits from implementing security automation.
Solving the Campus Security Challenge
The good news is that the team at Bradford Networks has a long history of working with universities and colleges. We understand the unique challenges that are inherent to campus networks and have successfully implemented Network Sentry in numerous colleges and universities. Network Sentry offers the most comprehensive endpoint visibility, role-based dynamic network access control and automated threat response to address today’s cyberthreats.
Secure network access and device activity tracking is especially important for colleges and universities, since these institutions need to streamline guest management and quickly add new students to the network each quarter or semester. Network Sentry covers the following three stages of network security oversight:
Visibility: You can’t solve a problem unless you can see it. Network Sentry provides complete network visibility and profiles every end-point and infrastructure device on the network to ensure tracking and monitoring of all activities. Every endpoint device that connects to the network is profiled to provide contextual awareness about the device, user, and applications.
Control: The contextual awareness forms the basis for scalable on-boarding and dynamic network access control to only allow known devices on the network and enable dynamic network segmentation to prevent lateral movement of malware. Network Sentry saves colleges and universities a significant amount of time when onboarding a large number of students or staff. Network access can be assigned by selecting a pre-defined profile instead of individually configuring access privileges for each user.
Response: With most schools receiving thousands of security events per day, Network Sentry helps streamline and triage the review process for the security analysts. A built-in correlation engine leverages contextual awareness to analyze and prioritize security events from multiple third-party security solutions. Network Sentry eliminates manual intervention and streamlines multi-step workflows with automated threat response that integrates with ticketing systems and provides flexible endpoint containment. Endpoint containment options include reassigning compromised endpoint into quarantine VLAN, termination of connection, running scripts, and real-time notifications. With the high volume of students, staff and guests, Network Sentry’s automated threat response enables faster resolution of security concerns.
Through its SmartEdge Platform, Network Sentry integrates with leading networking, security and directory solutions to enhance endpoint and network visibility, provide dynamic network access control and automate threat response to ensure fast, effective containment.