October 28, 2022

Network visibility and authentication: Your school’s cyber security superpowers

David Wain
National Practice Manager - Education at Data#3 Limited
When it comes to cyber security, schools need to be as vigilant as any business. After all, they deal with sensitive data and systems daily and need to ensure everyone is protected at all times. Unfortunately, schools don’t always have the resources, internal skills or budget to adopt comprehensive cyber security strategies and tools to adequately secure education delivery in the modern environment.

It’s not just external threats that pose a problem either. Internal threats have the potential to cause harm unintentionally. Students experiment and test boundaries; that’s nothing new. However, with the increasingly digitised school environment, students also test the school’s security controls. There can be severe ramifications too – cyberbullying, theft of data or credentials, and learning disruption.

Schools need to be aware of these risks and take steps to protect their students, staff, and data from all threats. From my experience, there are two network security superpowers that will not only give schools the best bang for their buck, but also help keep data and students safe from threats – external and internal.

So, what are those superpowers? Visibility and authentication. Let’s take a closer look at each.

The power of visibility

Network security can be a complex beast. IT must contend with a threat landscape that is getting more sophisticated with each passing day. Digital transformation is expanding the volume of applications, devices, data and network traffic. At the same time, a progressively mobile staff and student cohort is expanding the network perimeter. All this complexity provides camouflage for attackers.

So, how can schools tame the complexity and get on top of network security? Monitoring the traffic entering and leaving your network is the best defence against attacks and errors that can lead to breaches. So, just like an x-ray vision superpower seeing through walls to know what’s happening inside, schools require full visibility into all network connections to improve threat prevention, detection AND response, including the ability to:

  • Maintain continuous network monitoring
  • Have comprehensive visibility into all devices and what those devices are accessing
  • Establish strong internal policies
  • Adjust security policies and controls with risk-based, real-time security in mind.

The power of authentication

So, better visibility tells us WHAT is happening on the network, but schools also need to know WHO is doing it, and WHO is the authentication superpower – a particular challenge in a BYOD environment.

Network authentication is the practice of vetting users trying to gain access to the network. However, the sheer number of access requests, and decisions for which devices and users get which levels of network access, will quickly overwhelm any IT team. However, if you have overarching network visibility and control, you can leverage policies and context to ensure that only authenticated or authorised devices are allowed to connect to the network. For example, Aruba ClearPass can integrate ultra-scalable authentication, authorisation and accounting (AAA) with policy management, guest network access, device onboarding and device health checks for a complete understanding of context. By leveraging a user’s role, device, location, application use, and time of day Aruba ClearPass can automatically execute custom security policies, accelerate device deployments, and streamline network operations across wired networks, wireless networks, and VPNs.

The prevailing network authentication model is zero trust- the premise of trust no one, trust nothing. This approach adapts to the complexity of modern networks by eliminating implicit trust and continuously validating every stage of digital interaction. In short, authentication with zero trust means:

  • All devices and users are identified and properly authenticated before network access is granted
  • Every connection has the least required access needed to perform specific tasks – a careful balance of access and user experience.

Internal vs external threats

Security intelligence reports all point to the increasing number of attacks targeting the education sector and highlight the continuing need for education on cyber security dangers for both staff and students as per the eSafety Commissioner’s programs and toolkits for schools.

While student hacking is a threat within the school environment, attacks by cybercriminals and students and staff inadvertently clicking on malicious links is still arguably the bigger threat. Shoestring budgets and stretched IT staff make schools an attractive target. In “Cyber Attack Trends:2022 Mid-Year Report1”, it showed that education and research are still the most targeted industries with a 44% increase in attacks compared to 1H of 2021. Yet another report found that the Education/Research sector has seen a 114% increase in monthly cyberattacks across the last two years. And the most heavily attacked? The A/NZ region2.

Student safety and wellbeing in a digital environment

When you shift your focus beyond cyberattack vectors and threats, there is an additional personal well-being dimension to consider. Managing student safety and wellbeing in digital environments requires us to digitally listen and to have complete visibility of a student’s digital interactions. Our infrastructure and broader security tools are just one aspect of this. Schools need to consider the use of automated tools and machine learning to help them detect and respond to high-risk behaviour and emotional indicators. With these insights and alerts in place, teachers and other specialist support staff can approach students who are spending too much time off task or participating in or experiencing something more serious.

Building your visibility and authentication superpowers

Balance is essential. On the one hand, schools have a duty of care to protect students from inappropriate content or behaviour, but at the same time, teachers and students need access to online content from websites and platforms that may not always be appropriate for that age group.

The easiest thing to do is to block that site or platform, but that gets in the way of teaching and learning. Instead, schools should look for technology solutions that provide a high degree of visibility and associated automated protection, but also provide some flexibility to relax controls temporarily if a teacher needs access to a resource for a particular lesson or activity.

Doing more with less. Data#3 wants to help school IT teams to do more with less. Artificial intelligence in network security introduces self-management and self-healing capabilities that remove the need for internal resources or the expense of manual approaches. Schools can further boost their visibility and authentication superpowers with AI-led automation that frees up IT teams to focus on initiatives that drive better educational outcomes.

Open networking platforms. When building out a secure networking platform, having your pick of solutions and vendors allows you to tailor an infrastructure that meets the specific challenges in education. Look for a best-of-breed solution with native interoperability, so you are not limited by choice. Tight integrations will ensure that critical visibility remains even as you build and scale your networking infrastructure.

Vendor solutions

Aruba ClearPass

Aruba, a Hewlett Packard Enterprise Company, is considered a leading provider of wireless networking, and Aruba ClearPass is one of their most powerful solutions. It’s a vendor agnostic policy management and enforcement platform that provides context-aware network security and access management based on user identity, device type and time-specific usage of resources. As a result, IT always knows what’s connecting to the wired and wireless network while taking advantage of complete AI-based automation for device authentication and authorisation. Because students and faculty expect easy connectivity to the network today, ClearPass avoids all the frustrations associated with traditional authentication approaches, ensuring students, staff and guests experience safe, frictionless, trouble-free connections.

ClearPass is also highly interoperable. It has its own internal radius server, allowing it to seamlessly talk to Active Directory and Azure Active Directory. This allows customers to pick and choose the vendors they want without sacrificing the quality of data shared.

Microsoft Defender for Office 365

Microsoft Defender, which is the anti-malware component included in the A5 licence, protects all Office 365 applications against threats. With Microsoft 365 Defender’s XDR approach and their adherence to the MITRE ATT&CK framework, you can gain a lot of visibility across the entire attack chain and understand how to mitigate that attack chain. Defender also helps with IoT security via agents, but more importantly, it helps you view any vulnerabilities with respect to your whole security posture. The app governance dashboard also provides a wealth of information for a one-stop view of your security ecosystem.

How does Aruba ClearPass and Microsoft Defender balance visibility and authentication?

The Southport School is an example where the balance is just right between visibility and authentication. The school chose to upgrade their wireless infrastructure utilising Palo Alto firewalls tightly integrated with the Aruba Network stack – via Aruba ClearPass. This enabled them to apply specific access policies for student and staff user groups and the on-campus student boarding community. Mimecast was also integrated to filter out malicious emails at scale and address risky online student behaviour and Microsoft Defender 365 added another layer of IoT protection.

We revisited The Southport School four years after they upgraded their wireless infrastructure to discuss how successful they have been in managing threats across their school network. Read more about their story and what their priorities are going forward.

Unleash your school’s superpowers with Data#3

With over 30 years of experience in the Education sector, Data#3 continually invests in developing the skills and services to help schools create environments in which learning can thrive. For a limited time, Data#3 is offering a range of security workshops to help schools stay one step ahead of evolving threats. Contact your account manager or our friendly education team to discuss today.

Aruba National Partner of the Year & As a Service Partner of the Year
Worldwide Microsoft Surface+ Partner of the Year
Microsoft Device Distributor/Reseller Partner of the Year

1 Checkpoint 2022 Mid-Year Trends Report.
2 Security Brief 2022, Education sector seeing highest volumes of cyber-attacks.