One of the biggest and most rapid technological developments we’ve seen over the past decade has undoubtedly been the Internet of Things #IoT - Laptops, printers, fridges, light switches - you name it: devices, machines and appliances everywhere have been given new capabilities by becoming IP-enabled.
While this has great impact when it comes to deriving data from sources where it has never before been possible, it can also present challenges. That’s because, while unbeknownst to many, these devices all offer a potential gateway for hackers looking to take advantage of them or, even worse still, the networks they connect to.
Universities and colleges in particular are facing an uphill battle in this area
As well as the permanent IT assets they have on site that need to be secured and managed, students and faculty are bringing hundreds if not thousands of these devices onto the WiFi network every day. When you consider the average person will connect three devices or more, this culture of Bring-Your-Own-Device (BYOD) means there is a huge number of endpoints for institutions to be aware of and protect against.
Sadly, it only takes one to cause serious downtime or data loss. Consider this: if one laptop brought in by a student that was running a piece of outdated software became compromised while on the college or university’s WiFi, the attack could then go on to move laterally through the campus IT network and infect hundreds more.
Moreover, there are so many connected devices across the grounds of a higher education facility that IT and security managers may not consider or have sight of. Increasingly, operational technology (OT) such as light switches, heating sensors and air conditioning units are becoming connected to the internet in order to optimise their use; the problem is, they may not be considered to pose similar risks to the IT network as their more conventional, consumer-driven counterparts.
When you consider these issues against a backdrop of high demand for strong performing, always available internet services, then universities and colleges need to address this challenge now before the proliferation of devices, as well as the sophistication of attacks, only gets larger.
What you can’t see can cause problems
For any higher education institution looking to get a firm grip on their IT, the first step is always going to be ensuring a comprehensive view of all the endpoints that touch the network. As we’ve already established, this isn’t easy.
There are many tools that claim to do as much, but they rely on ‘agent-based’ technology that requires software to be installed on every device. Unfortunately, this is no longer a realistic solution given the greater complexity and diversity of IT assets today.
What is needed, then, is an ‘agentless’ approach that means all devices can be discovered in real time. Organisations that adopt this alternative will often be surprised to find more than 30% more devices on the network than they were expecting, signifying huge gaps in visibility of threats.
Taking back control
Once this holistic overview has been achieved, IT teams can identify vulnerabilities before they have the potential to do real harm. With an advanced solution, they can even classify devices according to their security posture and create specific rulesets around the needs and behaviours of each one.
In brief, many universities and colleges will be looking to be at the forefront of innovation with cutting-edge technology and resources that help to better serve the teachers, students and staff that need them to get the best out of their work and study.
However, there is a specific set of challenges that come along with this opportunity, and these can have real repercussions for the functioning of the institution if not met with the right knowledge and toolset to meet them.
Gaining full visibility into the connected devices both living on and frequenting the IT network is the first vital step, and from here IT managers in the education sector can look to control and secure their assets in a way that means they are safe, accessible and optimised for all.
Chris Sherry, Regional VP EMEA North at Forescout